Alain Roger wrote:
I've heard that cookies and sessions can be easily hacked...so what do
you
use to secure your web page.
which methods ?
If you want to be secure, don't trust anything. Cookies are easily
modified by a user, so never store anything sensitive in there without
masking it well. Personally, I don't like $_SESSION either, 'cause it
doesn't work across clustered servers by default, and isn't usually
terribly secure on a shared web host.
I tend to use hashed data in the cookie for anything that needs to be
semi-secure, and store everything sensitive in a database, one-way
hashed wherever possible.
jon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
