?
Solved

sessions

Posted on 2004-09-18
5
Medium Priority
?
233 Views
Last Modified: 2006-11-17
I see scripts that seem to try and store session data and put it in the db.  or make functions just for sessions(that do what i dont know).  what is wrong with just using session_start() at the top of every page in your script then using session_destroy() at the logoff page?
0
Comment
Question by:chilled2003
  • 3
  • 2
5 Comments
 
LVL 49

Expert Comment

by:Roonaan
ID: 12090913
If you are on a shared server it might be so that the session files are stored accessable to other users. Typically you don't want that. People write custom session handler to be sure things are secured. They set up a database an call some custom session handling functions to let Php know they are using custom sessionhandling. It's all about security.
0
 

Author Comment

by:chilled2003
ID: 12090979
do they do something like encrypt the url session id or something?
0
 
LVL 49

Accepted Solution

by:
Roonaan earned 200 total points
ID: 12090990
Sometimes they do, but I intended to say they encrypt their session data.

On many servers there is something like just one directory where all the session textfiles are stored. Sometimes multiple websites store their sessions into the same directory. As a website manager you don't want other websites to read your sessions, just because they can access you plain text files. Therefor you encrypt your data so that even when they get to your files they cannot do harm in any way because everything is encrypted.

As a extra security item some website bind their sessions to the users IP-address or webbrowser, so that the session becomes invalid when it is called with a different ip or a different webbrowser.
0
 

Author Comment

by:chilled2003
ID: 12090998
cool.  thanks! :D
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses
Course of the Month14 days, 14 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question