Wow, you really need to be carefull when ever you're dealing with money,
although if you're just handing the objects in a cart and passing that to a
secure payment system then it's not as big of a deal.
Cookies can be stolen.
Sessions are vulnerable to snooping if you're on a shared server.
They have their pros and cons, and it would take way to long to explain the
way each of them work. You're best off to learn about both in a depth with
a security standpoint.
"Kelvin Park" <kelvinpark86@xxxxxxxxx> wrote in message
news:46C61AE7.4070608@xxxxxxxxxxxx
I am trying to setup a secure login system.
I've heard that if I use just cookies for login, members without cookie
turned out won't be able to see the member pages.
Is using session recommended for e-commerce websites with shopping carts?
Or, using both of them might be more effective in some way.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
