News Feed
Jobs Feed
Sections




News Archive
feed this:

Oscar Merida's Blog:
Avoiding frustration with PHP Sessions
by Chris Cornutt March 30, 2007 @ 11:28:00

On his blog, Oscar Merida has a quick new post those just starting out with sessions should take a look at. He gives four quick tips of things to watch out for that can help your development process go smoother.

PHP's support for sessions make adding "state" to your web application super easy. Bus because the illusion of state is maintained by storing a Session ID via a user's cookies, you might find yourself losing potentially productive hours chasing down bizarre client side bugs or opening up a potential security hole. Here are 4 tips to help you avoid wasting your time and securing your site.

Items on the list are:

  • Don't use underscores in host names
  • Commit your sessions before redirects
  • Prevent session fixation (great security tip!)
  • Don't expose session_id's
Check out the comments - there's some good recommendations in there as well.

0 comments voice your opinion now!
frustration session avoid recommend underscore fixation expose frustration session avoid recommend underscore fixation expose



Community Events











Don't see your event here?
Let us know!

tool code testing development framework interview example functional language release opinion community introduction conference series zendframework2 database composer object podcast

All content copyright, 2013 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework