View unanswered posts | View active topics
Your status has been updated!
 
|
Page 1 of 1
|
[ 3 posts ] |
|
| Author |
Message |
|
Guest
|
Post subject: Are Session variables secure?  Posted: Wed Oct 11, 2006 5:11 pm |
|
Points:
|
|
Can session variables be spoofed by the user? Do I need to use hard to guess values for things?
|
|
| Top |
|
 |
|
Guest
|
Post subject: Sessions and Cookie Crisp Posted: Wed Oct 11, 2006 5:18 pm |
|
Points:
|
|
A Session is stored on the server - The user is just given a reference number.
A Cookie is stored on the user?s computer.
So unless the user has access to your server they can't change ANYTHING in the session. However, everything has a weakness. If you want to know what might go wrong with sessions I suggest you look on google. Some of the information is a little hard to explain without a long paper on it.
I recommend you store your sessions is a DB.
|
|
| Top |
|
|
|
Guest
|
Post subject: Posted: Wed Oct 11, 2006 7:06 pm |
|
Points:
|
|
Okay, thanks for your help.
|
|
| Top |
|
|
|
|
Page 1 of 1
|
[ 3 posts ] |
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum
|
|
|
Login
Register
FAQ
Search
Members
