News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Oscar Merida's Blog:
Avoiding frustration with PHP Sessions
March 30, 2007 @ 11:28:00

On his blog, Oscar Merida has a quick new post those just starting out with sessions should take a look at. He gives four quick tips of things to watch out for that can help your development process go smoother.

PHP's support for sessions make adding "state" to your web application super easy. Bus because the illusion of state is maintained by storing a Session ID via a user's cookies, you might find yourself losing potentially productive hours chasing down bizarre client side bugs or opening up a potential security hole. Here are 4 tips to help you avoid wasting your time and securing your site.

Items on the list are:

  • Don't use underscores in host names
  • Commit your sessions before redirects
  • Prevent session fixation (great security tip!)
  • Don't expose session_id's
Check out the comments - there's some good recommendations in there as well.

0 comments voice your opinion now!
frustration session avoid recommend underscore fixation expose frustration session avoid recommend underscore fixation expose



Community Events





Don't see your event here?
Let us know!


framework release library laravel tips list symfony introduction deployment series conference language podcast voicesoftheelephpant developer community api zendserver bugfix interview

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework