Session Variable question

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Addos
Forum Contributor
Posts: 305
Joined: Mon Jan 17, 2005 4:13 pm

Session Variable question

Post by Addos »

Is there any risk in storing a monetary value in a Session variable? I'm working on a voucher scheme and want to take an amount off a total at checkout and wasn't sure if it was okay to do it this way rather than deduct the value by using the field in the database with that value stored in it. I will kill the session once done but wanted to know of any pitfalls there might be.

Thanks
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Session Variable question

Post by Christopher »

The risk of storing variables in the session is that someone could access the stored values. This is mostly of concern on shared hosting when using file based sessions.
(#10850)
Post Reply