Solved

sessions

Posted on 2004-09-18
5
214 Views
Last Modified: 2006-11-17
I see scripts that seem to try and store session data and put it in the db.  or make functions just for sessions(that do what i dont know).  what is wrong with just using session_start() at the top of every page in your script then using session_destroy() at the logoff page?
0
Comment
Question by:chilled2003
  • 3
  • 2
5 Comments
 
LVL 49

Expert Comment

by:Roonaan
ID: 12090913
If you are on a shared server it might be so that the session files are stored accessable to other users. Typically you don't want that. People write custom session handler to be sure things are secured. They set up a database an call some custom session handling functions to let Php know they are using custom sessionhandling. It's all about security.
0
 

Author Comment

by:chilled2003
ID: 12090979
do they do something like encrypt the url session id or something?
0
 
LVL 49

Accepted Solution

by:
Roonaan earned 50 total points
ID: 12090990
Sometimes they do, but I intended to say they encrypt their session data.

On many servers there is something like just one directory where all the session textfiles are stored. Sometimes multiple websites store their sessions into the same directory. As a website manager you don't want other websites to read your sessions, just because they can access you plain text files. Therefor you encrypt your data so that even when they get to your files they cannot do harm in any way because everything is encrypted.

As a extra security item some website bind their sessions to the users IP-address or webbrowser, so that the session becomes invalid when it is called with a different ip or a different webbrowser.
0
 

Author Comment

by:chilled2003
ID: 12090998
cool.  thanks! :D
0
 

Author Comment

by:chilled2003
ID: 12091003
0

Featured Post

ScreenConnect 6.0 Free Trial

At ScreenConnect, partner feedback doesn't fall on deaf ears. We collected partner suggestions off of their virtual wish list and transformed them into one game-changing release: ScreenConnect 6.0. Explore all of the extras and enhancements for yourself!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question