php - Is this safe with XSS

P

Probiaeteras

New Member
I need to set a cookie to keep user login state. I'm going to hash username, password and IP. My code:\[code\]login process:$hashed = md5($username.$pwd.IP);setcookie('userstate', $username.':'.$hashed);restore user state:$vars = split(':', $_COOKIE['userstate']);pseudo: get user with username in $vars[0]$hashed = md5($username.$pwd.IP);if($hashed == $vars[1]) return true;else return false;\[/code\]Is this way safe with XSS attack?
 
You must log in or register to reply here.
Back
Top