SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    Talk to the /dev/null Theiggsta's Avatar
    Join Date
    Mar 2001
    Location
    Tampa, FL
    Posts
    376
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Security...The absurdly neglected subject

    Well I did this post mianly because I got no response in the advanced php programming forum and maybe someone can help me deal with this problem that has arisen.

    My post is as follows...

    Can anyone list things very specific to users that perhaps allow me to uniquely identify them?

    So far all I have used is an IP and Browser Fingerprint.

    The reason im concerned is because im building a shopping cart application and above all, security is the #1 priority...so i want to be sure I know who is on and no one can hijack their sessions.

    So far ive tried using custom session handlers thru a mysql database. So far it works quite nicely, however it gets rather annoying quickly to see a big PHPSESSID looming on the url, so perhaps a custom solution that has some flexibility would be satisfactory.

    Any responses would be greatly appreciated
    Aaron "Theiggsta" Kalin
    Pixel Martini
    Ruby and Rails Developer

  2. #2
    Wibblesticks Gryff's Avatar
    Join Date
    Oct 2001
    Location
    Asgard
    Posts
    442
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You could use cookies
    and/or dont pass sessions thru the url
    Security is not negleted, if you do a few searches you will see some insane discussions over very small details :-]


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •