thefortrees Posted July 19, 2007 Share Posted July 19, 2007 What do you all think about managing sessions in the database? Does it increase security at all? What are the benefits/disadvantages? Quote Link to comment Share on other sites More sharing options...
chigley Posted July 19, 2007 Share Posted July 19, 2007 Stops people from being able to modify their cookies/session data after login ~ main pro I'd say Quote Link to comment Share on other sites More sharing options...
trq Posted July 19, 2007 Share Posted July 19, 2007 Stops people from being able to modify their cookies/session data after login How? its no safer IMO, in fact it may even be more of a security risk if someone can get into your db server. the /tmp directory where sessions are normally stored is well outside of the web root directory. I wouldn't be concrened with there security though, I just don't think there any safer. There are however MANY benifits to storing sessions in a database. It makes it much easier to keep track of who's online, what page there viewing, the last page they viewed, how long they've been on the site, how long they stay on average and many more nifty little tricks. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.