session.use_trans_sid - Please Just Post Your Quick Vote (answer 1, 2 or 3)

Discussion in 'PHP' started by johnsmith153, May 8, 2008.

?

session.use_trans_sid = should I use??

Poll closed May 10, 2008.

  1. NO. Anyone who stops cookies will suffer on my site as they will not be able to log in etc.

    0 vote(s)
    0.0%

  2. YES. Use session.use_trans_sid but be ready for security breaches.

    0 vote(s)
    0.0%

  3. Another way of doing. Please post

    2 vote(s)
    100.0%
0
  1. #1
    I have spent a bit of time learning php sessions and I am doing a login script.

    Please just post a quick answer 1,2,3 as to what you think I should do.

    Any comments will be appreciated also.

    (1) Anyone who stops cookies will suffer on my site as they will not be able to log in etc.

    (2) Use session.use_trans_sid but be ready for security breaches.

    (3) Another option (please tell me.)

    Thanks for your votes / help.
     
    johnsmith153, May 8, 2008 IP
  2. NatalicWolf

    NatalicWolf Peon

    Messages:
    262
    Likes Received:
    14
    Best Answers:
    0
    Trophy Points:
    0
    #2
    do this, in the session:
    
/* Create new session
session_start();
/* Save our data */
$_SESSION['IP']=$_SERVER['REMOTE_ADDR'];
$_SESSION['User']=$_POST['User'];
$_SESSION['Pass']=md5($_POST['Pass']);
$_SESSION['Encrypt']=md5($_POST['User'].$_POST['Pass']."PUTASECRETCODEHERE");


/* Check login on other pages but first make sure IPs match the session */
if($_SESSION['IP']==$_SERVER['remote_addr']){
if(md5($_SESSION['User'].$_SESSION['Pass']."PUTASECRETCODEHERE")==md5($sqlArray['User'].$sqlArray['Pass']."PUTASECRETCODEHERE"))
{
echo "Welcome, back!";
}
}
    PHP:
     
    NatalicWolf, May 8, 2008 IP