[nycphp-talk] Session basics
Brian O'Connor
gatzby3jr at gmail.com
Thu Aug 11 00:42:43 EDT 2005
I don't use cookies for that. I use $_SESSION['userID'], $_SESSION['user'],
$_SESSION['pass'].
I understand the concept of sessions, I don't understand the concept of
hijacking them, and making a system to prevent hijacking them.
On 8/10/05, Daniel Convissor <danielc at analysisandsolutions.com> wrote:
>
> On Wed, Aug 10, 2005 at 12:10:54PM -0400, Brian O'Connor wrote:
>
> > And I have a question about my current system:
> > As of right now, I create 3 sessions for each user: userID, user, and
> pass
>
> Do you mean you're setting three cookies? Don't.
>
> Don't set any cookies manually. Let PHP's session_start() do it for you.
>
> Then, to save data in the session, save it like this:
>
> $_SESSION['username'] = 'foo';
>
> That saves it on the server, which is the whole point of sessions.
>
> --Dan
>
> --
> T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
> data intensive web and database programming
> http://www.AnalysisAndSolutions.com/
> 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409
> _______________________________________________
> New York PHP Talk Mailing List
> AMP Technology
> Supporting Apache, MySQL and PHP
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
>
--
Brian O'Connor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20050811/c87a2706/attachment.html>
More information about the talk
mailing list