Reply to Re: [PHP] Storing password in cookie

Your name:

Reply:


Posted by Richard Lynch on 04/12/05 02:37

On Sat, April 9, 2005 8:39 am, Ryan A said:
> This certainly has turned out to be an interesting discussion.....I
> usually
> send the info via sessions...how bad is that?

On a shared server, every other PHP scripter can read your session data,
if they work at it a little bit.

How bad is that?

On a dedicated server, somebody has to get a login and/or upload PHP to
read the session data.

How likely is that? How bad is that?

Depends (a bit) what you are storing in the session data.

For truly sensitive stuff like a CC#, do *NOT* put that in session data.
Write your script to get the CC# via SSL, process it, and throw it away,
all in one single PHP script.

You only need to store the Merchant Server transaction ID.

--
Like Music?
http://l-i-e.com/artists.htm

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация