Home/ Questions/Q 6914877
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T09:24:14+00:00

Is this technique safe enough? Could I trust to sessions like this? Or should

  • 0

Is this technique safe enough? Could I trust to sessions like this? Or should I add something?

Auth -module

class Auth {

    public function login($user, $pass, $random_unique_salt)
    {
        if ($this->_bcrypt($pass, $random_unique_salt) === 'correct password hash') // etc.
        {
            // Success...
            $session = Session::instance();
            $session->set('login', TRUE);
            $session->regenerate();
        }
    }
}

Base -controller

class Controller_Base extends Controller {

    protected $_login = FALSE;

    public function before()
    {
        $this->_login = Session::instance()->get('login', FALSE);
    }
}

Members only -controller

class Controller_Membersonly extends Controller_Base {

    public function action_index()
    {
        if ($this->_login === TRUE)
        {
            // Success...
            echo 'Show (safely?) some secrets.';
        }
    }
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This technique is safe enough. I could trust sessions like this.

    • 0