SESSIONS SESSION FIXATION Index php form methodpost actionsessionfixation

Index. php <form method="post" action="session-fixation. php“> username: <input name="username" type="text" ><br/> password: <input name="password"

$SESSION-FIXATION. PHP <? php session_save_path("tmp”); session_start(); if( !$_SESSION['Login‘]) { //session_rigenerate_id(); $username=$_POST['username’]; $password=$_POST['password’]; } if($username==$

LOGOUT. PHP <? php session_destroy(); //setcookie(session_name(), '', time()-42000, ’’); header("location: http: //web 2. um.

Slides: 10

Download presentation

SESSIONS

SESSION FIXATION

Index. php <form method="post" action="session-fixation. php“> username: <input name="username" type="text" ><br/> password: <input name="password" type="password"><br/ > <input type="submit" name="submit "> </form>

SESSION-FIXATION. PHP <? php session_save_path("tmp”); session_start(); if( !$_SESSION['Login‘]) { //session_rigenerate_id(); $username=$_POST['username’]; $password=$_POST['password’]; } if($username== 'ali' && $password == 'alavi‘) { $_SESSION[‘login’]=TRUE; echo "<h 2 align="center">Successfull authentication</h 2>”; echo "Menu 1 ”; echo "<a href="logout. php">logout</a>”; } …… ? >

LOGOUT. PHP <? php session_destroy(); //setcookie(session_name(), '', time()-42000, ’’); header("location: http: //web 2. um. ac. ir/index. php”); <?