DEVILofDARKNESS Posted April 22, 2009 Share Posted April 22, 2009 Hi, I know there is a possible way to change the value of a cookie with help of javascript, so it is quit insecure for what I want to use it, my question is , is this also possible with session? Or are they save enough to use them for holding values? Link to comment https://forums.phpfreaks.com/topic/155190-solved-cookies-sessions/ Share on other sites More sharing options...
jackpf Posted April 22, 2009 Share Posted April 22, 2009 Sessions are stored on the server, js has no way of accessing them. With the right security measures, cookies can be just as secure as sessions. Infact more so, as you can't get people hijacking cookies, plus no one can access another person's stored data by accessing the file which the session data is stored in. Link to comment https://forums.phpfreaks.com/topic/155190-solved-cookies-sessions/#findComment-816394 Share on other sites More sharing options...
DEVILofDARKNESS Posted April 22, 2009 Author Share Posted April 22, 2009 Alright, you can't hijack the cookies from someone else, but if you send with a cookie: points: 5, the person can change that value in 999 if he wants to! Okay, not if the integer is encrypted ofcourse Link to comment https://forums.phpfreaks.com/topic/155190-solved-cookies-sessions/#findComment-816400 Share on other sites More sharing options...
jackpf Posted April 22, 2009 Share Posted April 22, 2009 Well, yeah, but if you check how many points they have against the database each time you request that cookie, if they're different, just kick them off. Link to comment https://forums.phpfreaks.com/topic/155190-solved-cookies-sessions/#findComment-816404 Share on other sites More sharing options...
DEVILofDARKNESS Posted April 22, 2009 Author Share Posted April 22, 2009 Why would you still use cookies if U check every time your database . Nevertheless, I know what I had to know Thanks Link to comment https://forums.phpfreaks.com/topic/155190-solved-cookies-sessions/#findComment-816430 Share on other sites More sharing options...
jackpf Posted April 22, 2009 Share Posted April 22, 2009 Reduce server load, more secure. But yeah, cool. Link to comment https://forums.phpfreaks.com/topic/155190-solved-cookies-sessions/#findComment-816433 Share on other sites More sharing options...
DEVILofDARKNESS Posted April 22, 2009 Author Share Posted April 22, 2009 *Felicitations with your 1000 Post Link to comment https://forums.phpfreaks.com/topic/155190-solved-cookies-sessions/#findComment-816441 Share on other sites More sharing options...
jackpf Posted April 22, 2009 Share Posted April 22, 2009 Lol yeah, I need a life Link to comment https://forums.phpfreaks.com/topic/155190-solved-cookies-sessions/#findComment-816463 Share on other sites More sharing options...
DEVILofDARKNESS Posted April 22, 2009 Author Share Posted April 22, 2009 I just see your almost the same age!, and your so much better =D Link to comment https://forums.phpfreaks.com/topic/155190-solved-cookies-sessions/#findComment-816475 Share on other sites More sharing options...
jackpf Posted April 22, 2009 Share Posted April 22, 2009 Ahh I like computers. I have a job as a technician at my school, I get quite a bit of experience. And I don't really get out much Link to comment https://forums.phpfreaks.com/topic/155190-solved-cookies-sessions/#findComment-816514 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.