i've only been using php for a couple months now, but i've managed to set up a site which has several administrator pages that require a login to access.
Not knowing very much about security issues, i'm wondering where the holes in my code might be...
The admin login page looks up the passwords i have stored in a text file (haven't converted the site over to using mySQL yet). However the passwords are encrypted using mcrypt, with the mcrypt key being stored in a directory above my root dir. The site is not on a secure connection, so i suppose someone could see the posted information...
once the user is able to login, a session is created, which includes a session variable called 'adminid'. Each admin page looks for this adminid to verify if the user is logged in, like this:
if (empty($_SESSION['adminid'])) {
header ('Location: forbidden.html');
exit();
}
--also, i do have one admin page which i had to disable the session authentication, because it was the receiving page of an upload script: large uploads are common, and i was having problems with the sessions timing out before the upload completed--couldn't find a way around this problem, even with session_set_cookie_params().
Does anyone know of some potential security problems i might have with this site?
Thanks,
aamonkey
