Putting password in the cookie?
I've been starting to learn how to use cookies, and the example script I've been using checks the username and password against the database, but only set the username in the cookie. Couldn't somebody just go in and change the cookie to anybodies' username? Or am I wrong on that? So would the solution be to add their password into the cookie too? Or does that have risks I havent noticed?
I'm not looking for hacker-proof just yet, I don't want it to be as easy as just changing the username in the cookie. |
i dont see any risk till now as per my knowledge as after user closes browser ,cookies will be u set by some code also you may see several websites at your end also that use to save passwords thats because of cookies they store on your computer
|
All times are GMT -7. The time now is 02:19 AM. |
Powered by vBulletin Copyright © 2020 vBulletin Solutions, Inc.