hi, i have a session script, before i use it in my website, i want to know if this script is strong enough or have any bugs/weakness in it. 1. if so, please modify it, and make it stronger & give some explaination about it. 2. How to include cookie protection in this script --------------------------------------- <?PHP if (!isset($_SESSION["username"]) || !isset($_SESSION["password"])) { header ("location:index.php"); } else { $username=$_SESSION["username"]; $password=$_SESSION["password"]; if(!$username || !$password) { header ("location:index.php"); } else { include "delConfig/config.php"; $connection=mysql_connect($host,$user,$pass) or die(mysql_error()); mysql_select_db($db,$connection); $loginQuery=mysql_query("select * from adminSp where adminUsername='$username' and adminPassword='$password'",$connection) or die (mysql_error()); $loginRow=mysql_num_rows($loginQuery); if($loginRow=="0") { $_SESSION=array(); session_destroy(); header ("location:index.php"); } } } ?> ------------------ Best Regards
Hmm... why yor are started new tread, is there not enough informative? xttp://forums.digitalpoint.com/showthread.php?t=613906
i'm really sorry, it posted twice just because my very bad connection yesterday, i clicked it twice when the first time has no response. i hope administrator can delete this thread...