Printer-friendly copy Email this topic to a friend
Lobby High-Tech topic #162126

Subject: "I think generally you assign the user a session ID when they login" Previous topic | Next topic
Nopayne
Member since Jan 03rd 2003
52633 posts 		Wed Aug-27-08 01:45 PM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy listClick to send message via AOL IM
2. "I think generally you assign the user a session ID when they login"
In response to In response to 0

  

          

they pass this ID to the server on every page load (either via a cookie, a querystring parameter, or some other means). The session ID is used to lookup the user's info on the server side. This way, you're not passing around sensitive info on ever page load. You're just passing around an ID which is generally just a random number.

I'd be shocked if there weren't some PHP libs that handled all the heavy lifting for you. Back in my perl days I just used a module to implement the majority of this.

-------------------------------------
<--- Stop being such an Internet troll, Nopayne

  
Printer-friendly copy | Reply | Reply with quote


School Me on Secure Login (PHP, of course) [View all] , alexthezombie, Wed Aug-27-08 06:35 AM
 
Subject Author Message Date ID
RE: School Me on Secure Login (PHP, of course)
Aug 27th 2008
1
fam you need to just buy a good book on php...
Aug 27th 2008
3
Maybe
Aug 27th 2008
9
      I understand...
Aug 27th 2008
10
Is this a secure method?
Aug 27th 2008
4
see #3
Aug 27th 2008
5
make a database call once. then load the result into the...
Aug 27th 2008
6
oh, and md5(sha1($pass)) is less secure than something like...
Aug 27th 2008
7
      ooooo, I like that
Aug 27th 2008
8
HELP!
Sep 08th 2008
11
call session_start(). And buy a book on php.
Sep 08th 2008
12
      I'm not THAT stupid
Sep 08th 2008
13

Lobby High-Tech topic #162126 Previous topic | Next topic
   

Powered by DCForum+ Version 1.25
Copyright © DCScripts.com