I've just figured out that my login system was absolutely not secured.
So I thought about something :
setcookie ("pseudo", $_POST['pseudo'], time() + 36000);
if (isset($_COOKIE['pseudo']))
But what I don't understand is that anyone can create a cookie named pseudo... So does that mean that I should store the password in a cookie and check on each "member" page the database ?
You have to use sessions and their variables, they are stored on the server, thus the user cannot change their values.
Read this : http://php.net/manual/en/intro.session.php
And this : http://php.net/manual/en/session.examples.basic.php
If your connection is okay, create a session (do any stuff you want to do when a user is connected).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.