Jump to content
Please Use CODE Tags

The Cookies are Broken

Judahnator
By Judahnator
in Programming
 Share
Posted

Me and a group of friends are developing a login process for our website. I put excerpts of the problem stuff in the zip at:

 

thosetechguys.org/debug.zip

 

My problem is, when the user logs in they are redirected to their profile page (loading and passing the auth process in the header). But, if you try to go anywhere else on the site (loading the auth process in the header) you fail the auth process and are redirected back to login.php. Anyone see my problem? I have searched the code for hours, and i cant find anything.

 

Thanks in advance,

 

~judah

~Judah

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

http://www.xdebug.org/docs/remote

 

This will help a lot, set frequent break points and follow the code until you spot the issue.

 

Note: you should be able to read the variables you have floating around at each one of those breakpoints.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

in login_form.php

	setcookie(TTGauth, $auth_cookie, time()+3600);	setcookie(TTGID, $username, time()+3600);

should be

	setcookie("TTGauth", $auth_cookie, time()+3600);	setcookie("TTGID", $username, time()+3600);

6439734807b7ab233b1179969b0b49f4d9fd6f3e

 

anyway i see you're trying to make it safe, but it's still vulnerable to cookie stealing

consider using sessions instead

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programming

×