Hi there,

I did recently read an article about security. Now I absolutly see the need
of recoding my authentification procedure on a community site.

There are questions I hoped some of you guys can answer....


1. Is storing sensitive data like permission level secure in session
variables?

2. What could be a good way to session register a user and know which users
are online, know their permission level in congungtion with a MySQL db?

3. Is it better to store the needed info about the user in a db table
holding all current sessions, or to store it in more than 1 session
variable.

4. Maybe someone can relate to a good site dealing with security issuses on
this topic. I would really like to avoid that some hacker gets admin access
on my website :-)

Thanx for any hints,

Cheers Andy



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to