Tweet
I am developing a new section to my site and want to take advantage of the cookie that vB is creating. The site will be developed in Cold Fusion which is capable of reading the cookie, but I don't understand it (the cookie) very well. My concerns are around security. I presume it is fairly easy to edit the cookie so simply using the userid won't be enough.
The parts I see listed are:
lastvisit
lastactivity
userid
password
fbaccesstoken
fbprofilepicurl
The password doesn't match what is in the db. Aside from the userid is there another part to the cookie that I look up in the db to compare to the users cookie to authenticate them?
Thanks
<edit>I'm not superstitious (much), but this was my 666th post.
</edit>
The parts I see listed are:
lastvisit
lastactivity
userid
password
fbaccesstoken
fbprofilepicurl
The password doesn't match what is in the db. Aside from the userid is there another part to the cookie that I look up in the db to compare to the users cookie to authenticate them?
Thanks
<edit>I'm not superstitious (much), but this was my 666th post.
</edit>
Comment