switch from cookies to sessions
Posted: Tue Nov 08, 2005 12:35 pm
Ok, recently ive had a lot of security issues, and it seems all could be fixed (or at least upgraded in security) by switching to sessions. The only thing I use cookies for at the moment, is storing the username, and checking to see if it is set to allow users to do specific actions.
I've never dealt with sessions much.
if I change all instances of $_COOKIE['username'] to $_SESSION['username'] and all instances of isset($_cookie['username']) to isset($_SESSION['username']) and throw a session_start() at the top of every page, would this effectively switch me over to using sessions? or is there other areas that I need to look at as well?
I've never dealt with sessions much.
if I change all instances of $_COOKIE['username'] to $_SESSION['username'] and all instances of isset($_cookie['username']) to isset($_SESSION['username']) and throw a session_start() at the top of every page, would this effectively switch me over to using sessions? or is there other areas that I need to look at as well?