@~Mordred I don't think this would happen as a matter of course. I'm just saying its a possibility. I think it could be argued that this *could* be worse than man in the middle attacks etc, because anyone can walk by & write down the session id - no need to be technically savvy. Of course, the person at the computer will have to be completely oblivious for this to happen - but those people are out there.
@~kaisellgren While I have said that I use db sessions, I can't think of any reason not to use the built in system. It seems a bit simpler.
Creating database sessions
Moderator: General Moderators