if($_POST[‘user’] == ‘anita’ && $_POST[‘pw’] == ‘123’) { $_SESSION[‘username’] = $_POST[‘user’]; echo Welcome, .

Question

0

Asked: June 13, 20262026-06-13T18:39:49+00:00 2026-06-13T18:39:49+00:00

if($_POST[‘user’] == ‘anita’ && $_POST[‘pw’] == ‘123’) { $_SESSION[‘username’] = $_POST[‘user’]; echo Welcome, .

0

if($_POST['user'] == 'anita' && $_POST['pw'] == '123')
{
    $_SESSION['username'] = $_POST['user'];
    echo "Welcome, " . $user;
    $loggedin = true;
}else
{
    die('Log in details incorrect.');
}

if(isset($_SESSION['username']))
{
   // Show website edit menu
}

I’m creating a website and I was thinking about adding a small self made CMS for my customer to use, so she can update the site herself.

Is this a safe way to save someones details? can I just check if $_SESSION[‘username’] is set to validate that the user is logged in?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-13T18:39:50+00:00

Editorial Team

2026-06-13T18:39:50+00:00Added an answer on June 13, 2026 at 6:39 pm

Well, yes.
Setting a session on a server side it pretty safe, as it means the hacker will have to get access to server files writing, or find a really horrible bug in your client code that leads to file rewrites.

Just do some research for: session fixation and how to prevent it, and try to use SSL on the CMS side.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

if($_POST[‘user’] == ‘anita’ && $_POST[‘pw’] == ‘123’) { $_SESSION[‘username’] = $_POST[‘user’]; echo Welcome, .

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply