Re[2]: storing passwords in $_SESSION

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Jay,

Monday, October 10, 2005, 7:36:12 PM, you wrote:

> I would think it neither safe nor practical. Once a user has logged
> in having the password in SESSION would be useless.

Agreed totally, I am curious as to why this question seems to get
asked a LOT though. I wonder what it is that causes this? (other than
inexperience) I mean there must be some common end result these
developers are hoping to obtain, resulting in a password being stashed
away in a session var.

I wonder if they're using it (+ a username) to perform a user look-up
on every page?

The mind boggles.

Cheers,

Rich
-- 
Zend Certified Engineer
http://www.launchcode.co.uk

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux