Cookies and login issues are beyond the scope of phpMyEdit. Many good (and bad) examples exist elsewhere, including
http://www.php.net/
Cookies are easily forged, thus my hope the secured data is not terribly important should it leak out to unauthorized individuals.
Lacking time to study the posted code in great detail, I did note that
Kód: |
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); |
is rather insecure and should include a check to make sure $username is not empty. Further, since relying on non-local variables, using sprintf() to create the query string subsequently fed to mysql_query() is generally more secure.
|