dadamssg Posted March 31, 2009 Share Posted March 31, 2009 is there anything i need to know about the security of using sessions? can you set them via another program or something like that? if so should i have the session names something obscure so they will never guess it? Link to comment https://forums.phpfreaks.com/topic/151949-solved-_session-security/ Share on other sites More sharing options...
Brian W Posted March 31, 2009 Share Posted March 31, 2009 the $_SESSION array is pulled from a temporary file on the server in which can only be modified by applications on the server. If someone can use an external program to modify the sessions, then you have larger issues. If your on a shared host, I'm not 100% sure that the sessions are safe from someone on the same server grabbing em. Link to comment https://forums.phpfreaks.com/topic/151949-solved-_session-security/#findComment-797938 Share on other sites More sharing options...
limitphp Posted March 31, 2009 Share Posted March 31, 2009 is there anything i need to know about the security of using sessions? can you set them via another program or something like that? if so should i have the session names something obscure so they will never guess it? if sessions aren't safe, we are all screwed.... we'd have to rework how we do logins and stuff.... Link to comment https://forums.phpfreaks.com/topic/151949-solved-_session-security/#findComment-797959 Share on other sites More sharing options...
dadamssg Posted March 31, 2009 Author Share Posted March 31, 2009 k thanks, thats what i thought, just making sure Link to comment https://forums.phpfreaks.com/topic/151949-solved-_session-security/#findComment-797965 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.