PHP Classes

Safe to do this?

Recommend this page to a friend!

      Secure Session  >  All threads  >  Safe to do this?  >  (Un) Subscribe thread alerts  
Subject:Safe to do this?
Summary:Is it safe to modify the code to this?
Messages:2
Author:RapidX
Date:2013-10-02 08:16:09
Update:2013-10-12 13:39:46
 

  1. Safe to do this?   Reply   Report abuse  
Picture of RapidX RapidX - 2013-10-02 08:16:09
Because i execute my url e.g. 127.0.0.1/login.php?mod=Login

Where login.php has this

<?php

require_once 'secureSession.php';
session_start();
if(isset($_GET['mod']) && $_GET['mod'] == "Login")){
require_once('header.php');
require_once('body.php');
require_once('footer.php');
}

?>

Within the body.php, I've to check if the user is logged in already, and by your example it would be done by

$ss->check();

But it would then have stated that the session_id has already been generated. So would it be then safe to modify the code to this?

if(!isset($_SESSION['ss_fprint'])){
$this->_RegenerateId();
}


Appreciate your answer!

  2. Re: Safe to do this?   Reply   Report abuse  
Picture of Vagharshak Tozalakyan Vagharshak Tozalakyan - 2013-10-12 13:39:46 - In reply to message 1 from RapidX
Call Open() when you're setting the session flag indicating the user is logged in. Then call Check() with exactly the same parameters when checking if the flag was set or not.