Re: security of sessions
From: Tony Marston (tony_at_NOSPAM.demon.co.uk)
Date: 10/28/04
- Next message: TiM: "Delete files"
- Previous message: saark5: "COM and Windows 2003 Server woes"
- In reply to: chris: "security of sessions"
- Next in thread: chris: "Re: security of sessions"
- Reply: chris: "Re: security of sessions"
- Reply: Gordon Burditt: "Re: security of sessions"
- Reply: Michael Fesser: "Re: security of sessions"
- Reply: Chung Leong: "Re: security of sessions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 28 Oct 2004 21:54:32 +0100
Usernames and passwords should really be stored in a database, with the
password encrypted. You do NOT want such information sitting around in a
file that every Tom, Dick and Harry can read.
-- Tony Marston http://www.tonymarston.net "chris" <someone@here.com> wrote in message news:41814e5b$1@funnel.arach.net.au... > im just starting to learn how sessions work and how to use them > > my question is if im geting a username and password from a visitor is it > secure to store that information in a session variable or is it better to > store that information in a database and retrieve it when needed or > wouldnt it make any difference?? > > thanks > chris >
- Next message: TiM: "Delete files"
- Previous message: saark5: "COM and Windows 2003 Server woes"
- In reply to: chris: "security of sessions"
- Next in thread: chris: "Re: security of sessions"
- Reply: chris: "Re: security of sessions"
- Reply: Gordon Burditt: "Re: security of sessions"
- Reply: Michael Fesser: "Re: security of sessions"
- Reply: Chung Leong: "Re: security of sessions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
