Join Up! 104882 members and counting!

Login To PHPBuilder User Name: Password: Register A New Site Account * NOTE: This is for logging into the main site only! To login to the forums, click here

Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Hiermenus DatabaseJournal Technology Jobs Covalent Extends Apache 2.0 to Microsoft ASP.NET ShopWorX - Support for Windows PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1 Network Risk Assessment Full-Featured, Java-Based Apache GUI XHTML: Why You Should Be Using It Using PEAR's HTML_Table Class PHP Framework Review: DooPHP In Case You Missed It... The Month of February, 2007 In Case You Missed It...The Week of November 14th, 2005

php-db | 2000121

From: Doug Semig (dougslist <email protected>)
Date: 12/09/00

• Next message: Jason Dwyer: "RE: [PHP-DB] Which unique field to track during a PHP4 Session?"
• Previous message: Jason Dwyer: "[PHP-DB] Which unique field to track during a PHP4 Session?"
• In reply to: Jason Dwyer: "[PHP-DB] Which unique field to track during a PHP4 Session?"
• Next in thread: Jason Dwyer: "RE: [PHP-DB] Which unique field to track during a PHP4 Session?"
• Reply: Jason Dwyer: "RE: [PHP-DB] Which unique field to track during a PHP4 Session?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'd go with option "4) None of the above."

The only variable you have to pass from page to page is the session ID
variable. The session features of PHP will save/restore your userid and
username variables from either disk or database if you've stored them in
the session data.

Doug

At 05:35 PM 12/9/00 -0700, Jason Dwyer wrote:
>Hi-
>
>I am looking for some security advice with respect to session tracking using
>the PHP4
>built-in session support. Both the Userid and the Username are unique keys
>in my database, but
>only the userid is seen in other related tables.
>
>With this in mind, when tracking user sessions from page-to-page throughout
>my site, what variable is "safest" to
>pass from page to page, so information can be extracted from the database
>when required?
>
>1)userid
>2)username (which is public, seen in message board posts)
>3) one of the above AND the user's password.
>
>Thanks for any hints in this area!
>
>-jason
>

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: php-db-unsubscribe <email protected>
For additional commands, e-mail: php-db-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>

• Next message: Jason Dwyer: "RE: [PHP-DB] Which unique field to track during a PHP4 Session?"
• Previous message: Jason Dwyer: "[PHP-DB] Which unique field to track during a PHP4 Session?"
• In reply to: Jason Dwyer: "[PHP-DB] Which unique field to track during a PHP4 Session?"
• Next in thread: Jason Dwyer: "RE: [PHP-DB] Which unique field to track during a PHP4 Session?"
• Reply: Jason Dwyer: "RE: [PHP-DB] Which unique field to track during a PHP4 Session?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Columns / Articles | Tips / Quickies | News | News Linking and RSS Feeds | Shared Code Library Mail Archives | Support / Discussion Forums | Get Started! Links | Contribute! | Docs