PHP Media Site

Here are the numerous problems:

- The only login method is by cookies, many users disable this after

security problems from other sources or simply use browsers incapable

of handling cookies, others cannot login

- The cookie login is very insecure, the only way the user is


is by a user ID stored in a cookie, anyone can view the cookie contents

and edit the user ID and immediately be logged in as another user

without knowing their username or password

- The code is not structured properly, configuration settings are

everywhere, connections to database are not re-used and countless other

problems that affect readability, to an extent where the original

developer lost track of their work

- There are many SQL injection holes, input is not validated when used

in SQL queries so a user can manipulate input fields to contain


that can gain control over a database

- I will have to integrate several classes and re-develop the

membership, database connection and other general components

Skills: PHP

See more: site develop, php id, php developer site, php components, media general, structured, sql injection, sql commands, security site, php security, php login, php develop, manipulate, login php, integrate membership, input method, edit site, edit php, developer php, develop site, cookies, anyone edit, php connection, general developer, structured database

About the Employer:
( 18 reviews ) camarillo, United States

Project ID: #51949