On Mon, Mar 8, 2010 at 9:47 PM, Michal Čihař <michal@cihar.com> wrote:
Hi

Dne Mon, 8 Mar 2010 21:35:08 +0530
Rohit Kalhans <rohit.kalhans@gmail.com> napsal(a):

> Please pardon my ignorance if this question is too trivial but what exactly
> is the problem in storing sensitive user information in the Session
> variables. I mean is it only that when running on a local machine someone
> might see the password in the temporary  session file generated in the temp
> folder or something else?

The problem is that on shared hosting, foreign PHP scripts can have
access to the session data and steal other users credentials (unless
there is something like suexec or similar solution separating users).

Oh, didn't thought of that
thanx for that reply 
--
       Michal Čihař | http://cihar.com | http://blog.cihar.com

------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Phpmyadmin-devel mailing list
Phpmyadmin-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel




--
Rohit Kalhans