Hi
Dne Mon, 8 Mar 2010 21:35:08 +0530
Rohit Kalhans <rohit.kalhans(a)gmail.com> napsal(a):
Please pardon my ignorance if this question is
too trivial but what
exactly
is the problem in storing sensitive user
information in the Session
variables. I mean is it only that when running on a local machine someone
might see the password in the temporary session file generated in the
temp
folder or something else?
The problem is that on shared hosting, foreign PHP scripts can have
access to the session data and steal other users credentials (unless
there is something like suexec or similar solution separating users).
Oh, didn't thought of that
--
Michal Čihař |
http://cihar.com |
http://blog.cihar.com
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Phpmyadmin-devel mailing list
Phpmyadmin-devel(a)lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel