Re: Some Advice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



You should at least check the IP of the client additionally to have some prove
it is the same client you gave the session-ID.

And it is better to put the session-ID in a POST-field than in GET. So it
es very unlikely someone passes a session ID around accidently.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux