Setting logged in SESSION data - security?

A

almahuman

New Member
I'm wondering how secure the below code is:\[code\]if ($username == $user->username && $password == $user->password) { $_SESSION['loggedIn'] = true; $_SESSION['userId'] = $user->userId;}\[/code\]Basically, would there be any way for someone to fake the SESSION variable (besides actually stealing a users cookie)?
 
You must log in or register to reply here.
Back
Top