Session security question
Posted: Sun May 16, 2010 1:45 pm
Hey guys, im pretty new to php programming so no flaming haha! Iknow that sessions are stored on the server, however im wondering this. I have created a login and a while loop pulls the info from the database where username = username blah blah anyways i store carious information in sessions i store the users Full Name, Users Email, Username and their rank. if their rank is 0 then they are standard member else admin now can a user change their session values so they could change it to maybe 1 and then they would have admin sstatus is this safe or is there a better way of doing this?
Hope someone can help thanks
Hope someone can help thanks