|
Posted by Martin Mandl - m2m tech support on 10/23/07 07:11
On Oct 23, 1:37 am, ZeldorBlat <zeldorb...@gmail.com> wrote:
> On Oct 22, 4:44 pm, "David Basford" <dbas...@ntlworld.com> wrote:
>
> > if I search for $_SESSION['thing'] is it specific to my site?
> > can another person make a site, set up a session and set 'thing' and then
> > come to my site with it set?
>
> Session data is stored on the server, so, no.
.... if that 'person' is on the same server and is able to duplicate
the way you access your session data (session id, etc.) ... then yes
.... to prevent that you could to e.g. generate a new session id every
time a user comes from another site ...
good luck
Martin
------------------------------------------------
online accounting on bash bases
Online Einnahmen-Ausgaben-Rechnung
http://www.ea-geier.at
------------------------------------------------
m2m server software gmbh
http://www.m2m.at
Navigation:
[Reply to this message]
|