[PHP] Re: About Session And Cookies

Michelle Konzack Tue, 21 Aug 2007 08:27:48 -0700

Am 2007-08-17 22:07:47, schrieb Bastien Koert:
> 
> If cookies are not available, you can either
>  
> hide the id in the hidden form field element
> or
> enable trans_sid to automatically pass the session id in the url


This will be a security risk since Session-Hijacker can grap the URL

Greetings
    Michelle Konzack
    Systemadministrator
    Tamay Dogan Network
    Debian GNU/Linux Consultant


-- 
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack   Apt. 917                  ICQ #328449886
                   50, rue de Soultz         MSN LinuxMichi
0033/6/61925193    67100 Strasbourg/France   IRC #Debian (irc.icq.com)

signature.pgp
Description: Digital signature

[PHP] Re: About Session And Cookies

Reply via email to