bri0987 Posted November 19, 2007 Share Posted November 19, 2007 Is passing information from one page to another page using $_SESSION okay and secure. Like First name, last name, address, social security number. ... or is there a more secure way of passing the information? Thanks, BRI Link to comment https://forums.phpfreaks.com/topic/77887-solved-passing-data-to-another-page-using-_sessions/ Share on other sites More sharing options...
rajivgonsalves Posted November 19, 2007 Share Posted November 19, 2007 Yes it is quite secure, because the actual data is stored on the server the only thing the client gets is the sess_id so it should be secure. Link to comment https://forums.phpfreaks.com/topic/77887-solved-passing-data-to-another-page-using-_sessions/#findComment-394236 Share on other sites More sharing options...
rajivgonsalves Posted November 19, 2007 Share Posted November 19, 2007 however I would not recommend storing the social security number anywhere in the session as it could be accessed by anyone who has access on the servers because your session data mostly gets stored in sess_ files in your tmp directory on the server. Link to comment https://forums.phpfreaks.com/topic/77887-solved-passing-data-to-another-page-using-_sessions/#findComment-394238 Share on other sites More sharing options...
wsantos Posted November 19, 2007 Share Posted November 19, 2007 however I would not recommend storing the social security number anywhere in the session as it could be accessed by anyone who has access on the servers because your session data mostly gets stored in sess_ files in your tmp directory on the server. This can be offset by good network security though. Link to comment https://forums.phpfreaks.com/topic/77887-solved-passing-data-to-another-page-using-_sessions/#findComment-394241 Share on other sites More sharing options...
bri0987 Posted November 19, 2007 Author Share Posted November 19, 2007 Then how can I get the info to the other page... (I do not want to store the info into a database... I think that would be a BIG mistake). What else can I do? Link to comment https://forums.phpfreaks.com/topic/77887-solved-passing-data-to-another-page-using-_sessions/#findComment-394242 Share on other sites More sharing options...
rajivgonsalves Posted November 19, 2007 Share Posted November 19, 2007 you could encrypt the sensitive information and store it in the session using some kind of encryption alogrithim and then when its on the other page just decrypt it so if someone gets hold of your sess_ file they will not be able to make sense of it unless they know the encryption alogrithim Link to comment https://forums.phpfreaks.com/topic/77887-solved-passing-data-to-another-page-using-_sessions/#findComment-394249 Share on other sites More sharing options...
bri0987 Posted November 19, 2007 Author Share Posted November 19, 2007 ok... You know of any easy to use encryption and decryption functions by any chance? Link to comment https://forums.phpfreaks.com/topic/77887-solved-passing-data-to-another-page-using-_sessions/#findComment-394251 Share on other sites More sharing options...
rajivgonsalves Posted November 19, 2007 Share Posted November 19, 2007 take a look at the following link it might help http://www.weberdev.com/get_example-4162.html Link to comment https://forums.phpfreaks.com/topic/77887-solved-passing-data-to-another-page-using-_sessions/#findComment-394253 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.