Re: Is it safe to store user_id in Session? — PHP Programming Language

You are here: Re: Is it safe to store user_id in Session? « PHP Programming Language « IT news, forums, messages

Posted by Toby A Inkster on 06/13/89 12:00

pim wrote:

> But according to this article:
> http://www.governmentsecurity.org/archive/t13901.html
>
> It is easy to change $_SESSION["user_id"] to for example 78.

That article is a bunch of crap. PHP does not keep track of session data
in a manner anything like the one described there.

--
Toby A Inkster BSc (Hons) ARCS
[Geek of HTML/SQL/Perl/PHP/Python/Apache/Linux]
[OS: Linux 2.6.17.14-mm-desktop-9mdvsmp, up 17 days, 22:28.]

Gnocchi all'Amatriciana al Forno
http://tobyinkster.co.uk/blog/2008/01/15/gnocchi-allamatriciana/

Navigation:

Next in forum: Re: Getting class object information from file.
Prev in forum: Re: Is it safe to store user_id in Session?
Thread view: Re: Is it safe to store user_id in Session?

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация