I am fairly new at php programming so please bear this in mind!
I have created a website in php that uses standard session code that if cookies are not enabled tags the session to the url. The problem that this presents is that if a logged in user sends the url to another user - with the tagged session attached to the url, the new user will have access to the users session - and therefore be able to access the users profile etc. The only way I can fix this is stopping the session being carried in the url. Users therefore have to have cookies enabled to use the site (login) - not entirely desirable.
Is there a secure way to pass the session data between pages without running the risk of users giving away their session data.
Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.