Re: Fwd: [PHP] Re: a question on session ID and security

Jared Farrish wrote: On 5/29/07, Stut <[EMAIL PROTECTED]> wrote: Don't get me wrong, I don't want to discourage anyone from thinking about ways to improve it, but personally I consider this issue done to death. Well, I think the difference is that you send one key (a session identifier) and

Fwd: [PHP] Re: a question on session ID and security

On 5/29/07, Stut <[EMAIL PROTECTED]> wrote: Don't get me wrong, I don't want to discourage anyone from thinking about ways to improve it, but personally I consider this issue done to death. Well, I think the difference is that you send one key (a session identifier) and hash on user agent rep