Closed creptor closed 9 years ago
I have placed in the setup file this code, to gather the user information with $user and displayit with out calling the session.
$user
$q = "SELECT email FROM users WHERE email = '$_SESSION[email]'"; $r = mysqli_query($dbc, $q); while ($user_data = mysqli_fetch_assoc($r)){ $user = data_user($dbc, $user_data['email']); }
I have two questions. Does this makes possible for an user to see a password? Do session can be created by the user to give imself admin qualities?
I have placed in the setup file this code, to gather the user information with
$userand displayit with out calling the session.I have two questions. Does this makes possible for an user to see a password? Do session can be created by the user to give imself admin qualities?