Enable track_vars in php's config and use
$PHP_COOKIE_VARS['cookie_id'] to get the value of the
cookie.
--Toby
----- Original Message -----
From: "April" <[EMAIL PROTECTED]>
To: "PHP General" <[EMAIL PROTECTED]>
Sent: Wednesday, January 24, 2001 5:06 PM
Subject: [PHP] Cookie semi-security.
> Stupid question, but I'm stumped.
>
> I'm passing a persons id through a cookie, then using that
to determine if
> they're allowed to be doing what they're trying to do
(change listings,
> etc.). Right now, I'm getting the value of the cookie by
just accessing
> $cookie_id, without anything fancy. The problem is, if
someoen just denies a
> cookie and adds ?cookie_id=9 at the end, they might as
well be the person
> with an id of 9. Is there a way for me to check and be
sure that that
> value came from a cookie, and not the url bar?
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail:
[EMAIL PROTECTED]
> For additional commands, e-mail:
[EMAIL PROTECTED]
> To contact the list administrators, e-mail:
[EMAIL PROTECTED]
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
