hosted by liquidweb

Go Back   Web Hosting Talk : Web Hosting Main Forums : Programming Discussion : Cookies for admin area...

Forum Jump

Cookies for admin area...

Reply Post New Thread In Programming Discussion Subscription
Send news tip View All Posts Thread Tools Search this Thread Display Modes
is useless
Join Date: Jan 2002
Location: Ohio
Posts: 3,071

Cookies for admin area...

As some of you may know I'm writing a simulated Credit Card system for my site and I have managed to successfully make the admin login section using a MySQL backend. Anyways, how secure would cookies be for the admin section?

I plan on having the admin page set a cookie upon a successful login and store the username and password in the cookie for the other admin pages to check. If a page detects any inconsistency in the cookie, the person will be sent to the login page.

Any suggestions? Would cookies be good for this, security wise? The script isnt mission critical, but I don't want security that can be bypassed easily.

I could prolly use Sessions, but I want to figure out cookies first

Don't like what I say? Ignore me because it will be the only way you can shut me up.

Sponsored Links
Web Hosting Master
Join Date: May 2002
Location: UK
Posts: 2,994
There is a better way of doing this. Personally I don't like using cookies for storing important information.

If you are authenticating the username and password via a 401 protocol (the one which pops up a username and password box) either via the server or in PHP then you can access those details on every script call using the SERVER global array

The variables are called

An example of PHP authentication is below:

PHP Code:
function authenticate() {
header"WWW-Authenticate: Basic realm=\"By Password\"");
header"HTTP/1.0 401 Unauthorized");
"<p><b>Error 401: Unauthorized</b></p>";

if (!isset(
$_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
else {
// validate correct username and password here

Last edited by Rich2k; 09-10-2002 at 06:14 PM.
is useless
Join Date: Jan 2002
Location: Ohio
Posts: 3,071
Thumbs up

Ohh... Thats pretty neat. I've always wondered how to do that

Thanks a bunch for the code I think I'll use this instead.

Too bad Apache gives me a Internal Server Error though, but I can still work on it.

Don't like what I say? Ignore me because it will be the only way you can shut me up.

Sponsored Links

Related posts from
Title Type Date Posted
New Google Tools Help Publishers Get Consent Around User Data Collection Web Hosting News 2014-07-02 11:58:00
Researchers Uncover Security Vulnerabilities in Popular WordPress SEO Plugin Web Hosting News 2014-06-02 14:51:06
Google Updates Third Party Apps to Improve Security Web Hosting News 2013-11-20 14:52:06
Admin-Ahead Server Technologies Listing 2014-10-22 09:46:56
Go Daddy Joomla, Wordpress Hosting Customers See Spotty Admin Access Web Hosting News 2013-04-12 10:56:16

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Log in with your username and password

Forgot Password?
WHT Host Brief Email:

We respect your privacy. We will never sell, rent, or give away your address to any outside party, ever.

Web Hosting News:
WHT Membership
WHT Membership



Welcome to

Create your username to jump into the discussion! is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.

(4 digit year)

Already a member?