Reply to Re: uniqueness of session — PHP Programming Language

Posted by shimmyshack on 04/26/07 12:34

On Apr 26, 4:52 am, Man-wai Chang <toylet.toy...@gmail.com> wrote:
> > No article I know of. But you will get two different session id's.
> > You'll also get two session id's if the user uses two different browsers
> > (i.e. IE and Firefox) from the same computer.
>
> Thanks. Guess I have to read the source codes of PHP to find it out then
> ... :)
>
> --
> iTech Consulting Services Limited
> Expert of ePOS solutions
> Website:http://www.itech.com.hk(IE only)
> Tel: (852)2325 3883 Fax: (852)2325 8288

they are only statistically unique of course, but we are talking about
1 in 36^32 for php.
there have been various discussions about comparisons between .net php
j2ee session ids.
see here for instance on how to test their relative strengths:
http://www.owasp.org/index.php/How_to_test_session_identifier_strength_with_WebScarab
and here for more on the security aspects of session identifiers, (as
of course the non collision is but one [solved] aspect)
http://www.owasp.org/index.php/Session_Management

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация