this is in the ballpark:
> Hi there,
> I did recently read an article about security. Now I absolutly see the need
> of recoding my authentification procedure on a community site.
> There are questions I hoped some of you guys can answer....
> 1. Is storing sensitive data like permission level secure in session
> 2. What could be a good way to session register a user and know which users
> are online, know their permission level in congungtion with a MySQL db?
> 3. Is it better to store the needed info about the user in a db table
> holding all current sessions, or to store it in more than 1 session
> 4. Maybe someone can relate to a good site dealing with security issuses on
> this topic. I would really like to avoid that some hacker gets admin access
> on my website :-)
> Thanx for any hints,
> Cheers Andy
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php