Reply to Re: non session/cookie login

Your name:

Reply:


Posted by peter on 11/03/06 12:11

> Seems a pain to me, plus I have read that passing the id in URL is a
> security problem, bookmarking etc.

Just make sure you are validating the sessions properly between calls.
Cookies can be just as much a security risk. Take a look at the likes of the
following:-

http://adriaangraas.feetback.nl/browse.php?vf=/security/exploits/hotmail/how-to.php

another method is to sniff the network. If you do not validate your session
properly then any method is a security risk.

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация