this is in the ballpark: http://phpbuilder.com/columns/ying20000602.php3?page=1
Andy wrote: > Hi there, > > I did recently read an article about security. Now I absolutly see the need > of recoding my authentification procedure on a community site. > > There are questions I hoped some of you guys can answer.... > > 1. Is storing sensitive data like permission level secure in session > variables? > > 2. What could be a good way to session register a user and know which users > are online, know their permission level in congungtion with a MySQL db? > > 3. Is it better to store the needed info about the user in a db table > holding all current sessions, or to store it in more than 1 session > variable. > > 4. Maybe someone can relate to a good site dealing with security issuses on > this topic. I would really like to avoid that some hacker gets admin access > on my website :-) > > Thanx for any hints, > > Cheers Andy -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
