Sorry, it was late at night. I'm glad you have the SSL and everything else already taken care of.

What I meant was for you to build your own session system, so that it is secure, instead of using PHP's built in session system. Someone once said that it has a 1% chance of cleaning up the sessions, and that would be the secure data(the passphrase, even if encrypted) on the system. If you build your own, you can change that 1%. There may be another way. Also, if you build it yourself, you will understand what happens exactly and will be able to hide the data perhaps a bit more than the regular sessions.

I hope this makes more sense. If not, tell me and I'll try to explain it again. Sorry! =)

Robert Mena wrote:

I do not think I understood your ideia :
The next best thing is to store it in session
variables, but build your own system perhaps, and

yes, encrypt it lightly with some system and a
system passphrase

--Joseph Guhlin Web Programmer / Unix Consultant / PHP Programmer

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to