I need help to add a session id value into my session table when someone logs into my site. Just a number that auto increments with every entry. Does anyone know a good place I can look for ideas or does anyone have an Idea they can post some code examples?
Thanks.
Ideas for Auto increment value for Session ID
Moderator: General Moderators
don't use auto_increment values as session ids. It's easy to guess auto_increment value and then hijack others' sessions.
Beside that, read the manual about auto_increment values (if you do use MySQL here is one: http://dev.mysql.com/doc/mysql/en/examp ... EMENT.html)
Beside that, read the manual about auto_increment values (if you do use MySQL here is one: http://dev.mysql.com/doc/mysql/en/examp ... EMENT.html)
If your "session id" is something like PHP one (eg temporary unique identifier given to user's browser to identify him throughout the site for some time period), it must be hard to guess. Autoincrement values are, obviously, easy to guess. Live example: this forum. If I could guess someone's session id I would have ability to post (change settings, passwords etc..) as if I was him.
Sounds like you are talking about a custom session handler. There are 'standard' methods for storing sessions in a database. See http://www.zend.com/zend/spotlight/code ... -wade8.php for one way or search google for 'php session handler'