Reply to session management- your opinion

Your name:

Reply:


Posted by julianmlp on 05/27/06 20:47

Let me talk briefly about how I manage user autentication:

1) As usual, I've a form with User & Passwor
2) If the data matches the Database (users table), I create a Sesion ID
(sessions table), and pass back this info to the user on every link of
the page retieved (SessionID parameter). I set up a cookie in the
client's machine as well
3) Every time the user clicks a link, I read the SessionID parameter,
comparing it to the sessions table data, to see whether he is logged or
not. I also read if he has the cookie.

I think through this kind of procedure is hard to hijack an user
session.
What do you think?

regards - jm

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация