Home/ Questions/Q 7732633
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T06:46:47+00:00

I have been contacted by a hacker saying there gonna take my site down

  • 0

I have been contacted by a hacker saying there gonna take my site down using session hijacking he has said that my text boxes are session hijacking vulnerable.

Is there anyway to protect text boxes from session hijacking
Im using this to escape and protect from sql injection.

Here is my form

      <form name="hide" action="hideboxupdate.php" method="post">
          <input type="radio" name="yes" value="1" />
  Yes<br />
  <input type="radio" name="no" value="0" />
  No
  <input name="submit" type="submit" value="Submit" />
        </form>

Then here is my hideboxupdate.php

<?php

$yes= mysql_real_escape_string($_POST['yes']);
$yes2 = strip_tags($yes);




$no= mysql_real_escape_string($_POST['no']);
$no2 = strip_tags($no);
?>
             <?php

             if (isset($yes2)) {





   $result3333 = mysql_query("UPDATE users SET hide_box='1' WHERE username = '".$_SESSION['username']."'")
or die(mysql_error());  

echo "Users now can not see your user box";
}

 if (isset($no2)) {


$result3333 = mysql_query("UPDATE users SET hide_box='0' WHERE username = '".$_SESSION['username']."'")
or die(mysql_error());  

echo "Users can now see your box on your profile";

}
?>

is there anyways to protect from session hijacking ???

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    make an md5 of the session, browser data and ip and put in in the database, on every page load check if its still the same, if not destroy the session.

    • 0