secure login without sessions or cookies

vinpkl

hi all

i have created a new module for my site that has login area but its sessions are conflicting with another login area i think. so dont know which code to post.

so is it possible to create login authentication without sessions and cookies.

at present what i am thinking is setting the field "authorization" to "True" in my database when the user enters correct username and password and setting it ''false" if user logs out.

but in this way anyone can access the admin area till the user clicks logout buton because in this way "authorization" is set to "true" for every user till logged in user clicks logout button. anyone who knows the admin pages url can type the url in address bar and see the data in pages till the loggedin user logsout.

so what else can i do without sessions and cookies.

vineet

bradgrafelman

Why can't you use sessions and/or cookies?

If another script on your site is using sessions, that's fine - every script that uses sessions has to specify a name for the session, else PHP will go with the default (usually "PHPSESSID" unless it's been changed). Thus all you need to do is specify a unique session name for each set of scripts, e.g. via [man]session_name/man.