php session

[hamza]

i want to store cart variable in session plz guide me about that

what is a correct way to encrypt or decrypt or hasshing??

[Jax2]

As far as I know, session variables are server side meaning they're completely secure, so just use $_SESSION['variable']="data"; and call it back same way:

 

$variable = $_SESSION['variable'];

 

 

[hamza]

As far as I know, session variables are server side meaning they're completely secure, so just use $_SESSION['variable']="data"; and call it back same way:

 

$variable = $_SESSION['variable'];

 

 

 

if it is safe then why people encrypt it...

[oni-kun]

if it is safe then why people encrypt it...

 

Sessions are secure, as the only thing the user can see is the cookie set with the session ID, They cannot view the actual sessions unless there is a major flaw in your programming. It's standard and conventional programming to not encrypt/hash session variables (See PHP documentation in my sig) and you may use them for whatever you wish, but it should only relate to the current acting session.

 

Storing the user's credentials, credit card info, password etc. are things not to store in active sessions, but they are otherwise as safe as you make them.