Re[2]: [PHP] storing passwords in $_SESSION — PHP

You are here: Re[2]: [PHP] storing passwords in $_SESSION « PHP « IT news, forums, messages

Posted by Richard Davey on 10/10/05 21:47

Hi Jay,

Monday, October 10, 2005, 7:36:12 PM, you wrote:

> I would think it neither safe nor practical. Once a user has logged
> in having the password in SESSION would be useless.

Agreed totally, I am curious as to why this question seems to get
asked a LOT though. I wonder what it is that causes this? (other than
inexperience) I mean there must be some common end result these
developers are hoping to obtain, resulting in a password being stashed
away in a session var.

I wonder if they're using it (+ a username) to perform a user look-up
on every page?

The mind boggles.

Cheers,

Rich
--
Zend Certified Engineer
http://www.launchcode.co.uk

Navigation:

Next in forum: default mail headers ?
Prev in forum: storing passwords in $_SESSION
Thread view: Re[2]: [PHP] storing passwords in $_SESSION

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация