im new to php and im just now getting into sessions and i have a few questions that my book doesn't answer directly...
when i call session_start() it makes a const named "SID", right?
so this SID is totally unique?
and the only way it would ever be reused is if i call the session_destroy() function?
Sessions... SID... ???
Moderator: General Moderators
-
patnet2004
- Forum Newbie
- Posts: 14
- Joined: Sat Jul 19, 2003 3:26 am
- Location: Computer Desk
- Fredix
- Forum Contributor
- Posts: 101
- Joined: Fri Jul 18, 2003 2:16 pm
- Location: Wehr (Eifel) Germany
- Contact:
yes, once a sid is a assigned it would not be given to a second person until you either destroy it or until it expires.
as far as I know there is only one problem with session ids: they might be guessed by chance and then a second person is handled like the first one and this is a security risc. But i think this is nearly impossible
as far as I know there is only one problem with session ids: they might be guessed by chance and then a second person is handled like the first one and this is a security risc. But i think this is nearly impossible