Question : Problems with user management

Hello all,
 We have online store and we have got a serious problem. Our website is codded with PHP. We are using a lot ajax as well.
 Now, I am not really familiar with PHP also our webmaster can't speak good enough English to write the problem here.
 Our problem is basicly;
Some users can login with any user they want. What can cause such security problem?

 I will try to provide any information you need, I will be glad if anyone can help me out with this.

Answer : Problems with user management

Basically you need to get every input from the user checked
PHP Secure Class to prevent XSS Attacks
http://www.webkami.com/programming/php/php-secure-class-to-avoid-xss/php-secure-class-to-avoid-xss-1-0-1.php
Validating User Input
http://www.phpro.org/tutorials/Validating-User-Input.html
Both links have classes and functions are enough to validate users input.
also install Modsecurity.
simply copy those classes and functions and use them on every variable on your site.
Regards.
Random Solutions  
 
programming4us programming4us