R
Robin
www.infusedlight.net/robin/temp/auth.txt
Comments on this? The bottom two subs are meant for the script that the
auth.pl script goes to and the way the cookies are set, makes it secure in
that if someone forgets to logout of the administration or other script that
auth.pl goes to and someone else points their browser to that script that
auth points to, it will simply redirect them to whatever page the webmaster
chooses, ie: auth.pl again or the entry point to auth.pl. Some of you may
have been doing this very same thing, pointing your browser to the admin
script or something similar, and I spent an hour improving the script so
this major security flaw won't be present. At least now my site won't be
defaced in this form, anyway.
hehe...
Comments on this? The bottom two subs are meant for the script that the
auth.pl script goes to and the way the cookies are set, makes it secure in
that if someone forgets to logout of the administration or other script that
auth.pl goes to and someone else points their browser to that script that
auth points to, it will simply redirect them to whatever page the webmaster
chooses, ie: auth.pl again or the entry point to auth.pl. Some of you may
have been doing this very same thing, pointing your browser to the admin
script or something similar, and I spent an hour improving the script so
this major security flaw won't be present. At least now my site won't be
defaced in this form, anyway.
hehe...