Sessions

Is there any problem with using sessions on a local network instead of internet? For example: If i have a computer(server) connected to around 100 computers through a just a local network(not internet).
madman77450Asked:
Who is Participating?
 
ellandrdCommented:
>>Is there any problem with using sessions on a local network instead of internet?

No - there is no issues or reported bugs to suggest a problem.  they should work fine.  I suspect that your PHP isnt configured correctly and this is why your sessions are working proper.

however, if you register a session on computer X, it will not be registered or available to use or view on computer Y.  each registered session is unique to each computer.

>>The only concern that springs to mind is that if all users of the system have access to the directory where session files are stored, you introduce the risk that somebody could take over somebody else's session

not in my life time, have i seem this happen!  i have developed a lot of web applications - custom build for large networks (e.g intranets) where 150+ users use each day and never has my session(s) get lost or mixed up with somebody else's session...  and all my sessions are stored in same directory on server...

>>That's easy to prevent with proper permissions on the server, it's just something to keep in mind in that type of environment.

I do agree with this statement.  PHP has to be configured correctly with the right permissions on the server running it

However session can expire when unactive for a period of time...but if you explain more what the issue is exactly, we can assist you more with a better answer.

Ellandrd
0
 
VoteyDiscipleCommented:
The only concern that springs to mind is that if all users of the system have access to the directory where session files are stored, you introduce the risk that somebody could take over somebody else's session.  That's easy to prevent with proper permissions on the server, it's just something to keep in mind in that type of environment.

As far as the server itself is concerned, it has no idea whether you're on the internet or on a LAN; it just answers requests the same to everybody.
0
 
Aamir SaeedCommented:
On SOME computers(LAN/Networks) where the user priviledges are restricted, php-session may act strange.
0
Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

 
ellandrdCommented:
0
 
VoteyDiscipleCommented:
Sorry, I wasn't clear with that statement.  There definitely isn't a concern about PHP losing track of who has which session.  Without deliberate interference, PHP will never mix up two sessions.

The concern I was bringing up is of a user on the system deliberately accessing the session files, and using that information to deliberately hijack somebody else's session.  That is absolutely possible if permissions are incorrectly set.  A lot of the time the web server is accessible by a limited group of people, so permissions on session files aren't of any concern; in an environment where ordinary users have access to the server this suddenly becomes a very real concern.

Again, as I said, if the permissions are set such that regular users cannot access the session files, then this poses no risk at all.  It's just something to watch out for.
0
 
ellandrdCommented:
thanks for the points and grade

ellandrd
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.