I did recently read an article about security. Now I absolutly see the need
of recoding my authentification procedure on a community site.
There are questions I hoped some of you guys can answer....
1. Is storing sensitive data like permission level secure in session
2. What could be a good way to session register a user and know which users
are online, know their permission level in congungtion with a MySQL db?
3. Is it better to store the needed info about the user in a db table
holding all current sessions, or to store it in more than 1 session
4. Maybe someone can relate to a good site dealing with security issuses on
this topic. I would really like to avoid that some hacker gets admin access
on my website :-)
Thanx for any hints,
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php