sandy1028 Posted August 7, 2015 Share Posted August 7, 2015 Please help me in answeing this, If we are using same server for same user, if load is high on the server then how the session is managed. Quote Link to comment Share on other sites More sharing options...
ginerjm Posted August 7, 2015 Share Posted August 7, 2015 Your question is confusing. If you are using the same server for the same user? As opposed to what? And why do you care how the session is managed? Php will handle it for you unless you have written something to replace standard session handling. Quote Link to comment Share on other sites More sharing options...
iarp Posted August 9, 2015 Share Posted August 9, 2015 (edited) By default PHP stores session data in a file in the session.save_path directory found within your php.ini file. You could configure it to use a database if you wanted. Otherwise it is a regular file. A cookie in the users browser contains a unique value that matches a file within the directory containing whatever their session data contains. The reason it can be so easy to hijack a session is because there is nothing else that links that unique id to your browser aside from the cookie. So if I were to give someone the ID or they took it from my machine somehow, they could override their own browser's cookie value with my session ID and instantly have whatever is in my session data. Edited August 9, 2015 by iarp Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.