Results 1 to 2 of 2
Mar 18, 2002, 00:07 #1
- Join Date
- Mar 2001
- Tampa, FL
- 0 Post(s)
- 0 Thread(s)
Security...The absurdly neglected subject
Well I did this post mianly because I got no response in the advanced php programming forum and maybe someone can help me deal with this problem that has arisen.
My post is as follows...
Can anyone list things very specific to users that perhaps allow me to uniquely identify them?
So far all I have used is an IP and Browser Fingerprint.
The reason im concerned is because im building a shopping cart application and above all, security is the #1 priority...so i want to be sure I know who is on and no one can hijack their sessions.
So far ive tried using custom session handlers thru a mysql database. So far it works quite nicely, however it gets rather annoying quickly to see a big PHPSESSID looming on the url, so perhaps a custom solution that has some flexibility would be satisfactory.
Any responses would be greatly appreciatedAaron "Theiggsta" Kalin
Ruby and Rails Developer
Mar 18, 2002, 13:25 #2
and/or dont pass sessions thru the url
Security is not negleted, if you do a few searches you will see some insane discussions over very small details :-]