session variable php login realm -


I wonder if it is possible to change / set / delete your session variable as a user.

I am thinking again how to login in PHP. The way I am doing this now is that I check whether a certain session variable is set or not. However, it can break if someone can change their session variables.

Given that you do not want a user to actively change this data, The law / form (inadvertently or actively) is not They should not be able to change their username etc.

Since the session data is stored on the server, yes, they will work hard to set themselves up. If register_globals are on, this may be a possibility, but for this other conditions will also need to be corrected

But not entirely, no user can not change session data by then Until you give them the means.


Comments

Popular posts from this blog

c# - sqlDecimal to decimal clr stored procedure Unable to cast object of type 'System.Data.SqlTypes.SqlDecimal' to type 'System.IConvertible' -

Calling GetGUIThreadInfo from Outlook VBA -

Obfuscating Python code? -