PHP Code:
$_SESSION['sid'] = put here the encrypted value to be used as session, $_SERVER['PHPSESSID'], $PHPSESSID, session_id()
-
you can use any of them..Last edited by kiLLeR-eyEd_14; 05.01.10, 11:03.My Blog: http://jhommark.blogspot.com
My Facebook: http://www.facebook.com/jhommark
My Official Site: http://www.undergroundweb.tk
My Community Site: http://undergroundwap.xtreemhost.com -
I dont understand use them as in howhttp://myfacepals.com
MYFACEPALS SOCIAL NETWORKsigpic -
what is this?
Comment
-
It depends on your script..Example: on lavalair login.php
you then inserted it into the database..Then in every top of a file like index.php..assign session_id() to $sid..PHP Code:mysql_query("INSERT INTO ibwf_sessions SET id='".session_id()."' WHERE uid='".getuid_nick($_GET['loguid'])."', expiretm='".(time() + (24*60*60))."'");
now, it will work..this will return your membership id..PHP Code:$sid = session_id();
just analyze..this one is the link to your profile..PHP Code:$uid = getuid_sid($sid);
and then this, on logoutPHP Code:index.php?action=viewuser&who=$uid
got my point?the thing i can tell you about this is to be wise 'cause they might abuse it by putting that url in an image source..once you executed that image with that url, example, the source is the logout url, then you will be logged out..PHP Code:index.php?action=logout&who=$uid
Last edited by kiLLeR-eyEd_14; 05.01.10, 15:37.My Blog: http://jhommark.blogspot.com
My Facebook: http://www.facebook.com/jhommark
My Official Site: http://www.undergroundweb.tk
My Community Site: http://undergroundwap.xtreemhost.comComment
-
So basically your hiding the real session ID... whats the point lol. Your site translates the user viewable session id into the hidden sid stored in the session. If i have the user viewable session and use it, your site is still gonna translate that into the hidden sid for me. I really dont see the point in such a modification???
or did i understand it wrong :PComment
-
djlee, is right lol
Build your own sid i have my script if you tryed to hack sid you only get username lmaoVisit: Chat4u.mobi - The New Lay Of being a site of your dreams!
Visit: WapMasterz Coming Back Soon!
_______
SCRIPTS FOR SALE BY SUBZERO
Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
_______
Info & Tips
php.net
w3schools.comComment
-
i think you dont need to hide sid if you using $_SERVER['PHPSESSID'], $PHPSESSID, session_id() , you are hiding for cleanliness.Did I help you?
You can help me too
Your donations will help me finance my studies.Comment
-
-
That was just my past used thing or experience in having a session w/o getting it into a url that was done in lavalair..My only point is to give hidden sessions for them to experience having a session w/o having it in a url..My Blog: http://jhommark.blogspot.com
My Facebook: http://www.facebook.com/jhommark
My Official Site: http://www.undergroundweb.tk
My Community Site: http://undergroundwap.xtreemhost.comComment
-
-
hiding sid will help lot of sites who getting hacked by image hack or stealing session.
this can be safe from noob hackers.
any guys using lava must try to hide sessions.sigpic
WANT GOOD CHEAP HOSTING WITH 99% UPTIME? THEN PM ME FOR DETAILS!!Comment
-
-
Comment
-
Comment