hello every one.....
this a general knowledge question !
For example there is a page where you are using sessions of php and the page has 20,000 users at the same time. what type of issues developer can face? the basic purpose of this question is:
is there any thing that depends on your coding or you can say the way you are handling your sessions.
any type of answer, comment or question will be welcomed.
thanx.
Abdul Mannan.
a question about sessions
Moderator: General Moderators
- php3ch0
- Forum Contributor
- Posts: 212
- Joined: Sun Nov 13, 2005 7:35 am
- Location: Folkestone, Kent, UK
You can steal a session cookie from the users computer or the log on a proxy server. It would then be a case of moving this into the correct directory and using this cookie to access the website.
To make sure your sessions are secure set the remote address in the cookie and check it using this code:
To make sure your sessions are secure set the remote address in the cookie and check it using this code:
Code: Select all
session_start();
$session_vars = array($_SERVER['REMOTE_ADDR'], $_SERVER['HTTP_USER_AGENT']);
$_SESSION['valid'] = $session_vars;
function session_check()
{
if ($session_vars[0] != $_SERVER['REMOTE_ADDR'] || $session_vars[1] != $_SERVER['HTTP_USER_AGENT'])
{
echo('Go hack someone else');
exit();
}
}