PHPDeveloper: PHP News, Views and Community

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: Wikimedia Foundation Seeks Senior Software Developer (San Francisco, CA)

Job Posting: RealPage, Inc. Seeks PHP Developer (Carrolton, Tx)

PHPMaster.com: Zend Job Queue

Rob Diana's Blog: Web And Scripting Programming Language Job Trends - August 2011

Job Posting: Options Consulting Solutions Seeks PHP Developer Team Lead (Toronto, Canada)

Job Posting: FireScope Seeks Experienced Web Application Developer/Manager (Dallas, TX)

Kevin Schroeder's Blog: Added (PHP 5.3) job queuing to my WordPress instance

Job Posting: Jacob Group (Recruiter) Seeks Director of Software Development (Lacrosse, WI)

Job Posting: Skillshare Seeks Senior Frontend Engineer (New York, NY)

Job Posting: SoftLayer Seeks Software Engineer - Interface Development (Dallas, Tx)

News Archive

Community News: php|tek 2012 Wraps Up

PHPMaster.com: Introspection and Reflection in PHP

DeveloperWorld: How to make PHP apps scale

Rafe Colburn's Blog: A list of engineering blogs

Site News: Popular Posts for the Week of 05.25.2012

PHPBuilder.com: Debugging Your Magento E-Commerce Applications in PHP

PHPMaster.com: 10 Tips for Better Coding

NetTuts.com: 3 Key Software Principles You Must Understand

Anthony Ferrara's Blog: Open Standards - The Better Way

Site News: Blast from the Past - One Year Ago in PHP

feed this:

Oscar Merida's Blog:
Avoiding frustration with PHP Sessions

by Chris Cornutt March 30, 2007 @ 11:28:00

On his blog, Oscar Merida has a quick new post those just starting out with sessions should take a look at. He gives four quick tips of things to watch out for that can help your development process go smoother.

PHP's support for sessions make adding "state" to your web application super easy. Bus because the illusion of state is maintained by storing a Session ID via a user's cookies, you might find yourself losing potentially productive hours chasing down bizarre client side bugs or opening up a potential security hole. Here are 4 tips to help you avoid wasting your time and securing your site.

Items on the list are:

Don't use underscores in host names
Commit your sessions before redirects
Prevent session fixation (great security tip!)
Don't expose session_id's

Check out the comments - there's some good recommendations in there as well.

0 comments voice your opinion now!
frustration session avoid recommend underscore fixation expose frustration session avoid recommend underscore fixation expose

Community Events

Don't see your event here?
Let us know!

All content copyright, 2012 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework