Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Did the following steps have sense in securing my login process?
- SESSION1 = random()
- SESSION2 = random()
- SESSION3 = random()
- SESSION4 = time()
- SESSIONHASHKEY = array(){[SESSION1 digits]};
- SESSIONRESULT = hash(Concatenation of caracters at position situated inside the SESSIONHASHKEY array from the SESSION2);
- Set the name of the button of the login to the SESSION3 number)
- if !isset SESSION1 redirect login page
- if !isset SESSION2 redirect login page
- if !isset SESSION3 redirect login page
- if !isset SESSION4 redirect login page
- if SESSION1 digits array != SESSIONHASHKEY redirect loginpage
- if MD5(concatenation of caracters at position situated inside the SESSIONHASHKEY) != SESSIONRESULT redirect loginpage
- if !isset loginbutton_{SHA256(MD5(SHA256(MD5(SHA256(SESSION3)))))} redirect login page
- if (time() - SESSION4) >10 redirect loginpage
Add Comment
Please, Sign In to add comment