On Fri, Sep 24, 2010 at 1:36 AM, Neil Kandalgaonkar <[email protected]> wrote: > On 9/23/10 2:24 PM, Ryan Lane wrote: > >> The contents of that session on the server are unencrypted, correct? >> Depending on what the secret is, he may or may not want to use it. For >> instance, that is probably a terrible place to put credit card numbers >> temporarily. > > Good point, but in this case I'm just storing the path to a temporary file. > > The file isn't even sensitive data; it's just a user-uploaded media file > for which the user has not yet selected a license, although we > anticipate they will in a few minutes. If it's user-uploaded, take care of garbage collection; actually, how does PHP handle it if you upload a file and then don't touch it during the script's runtime? Will it automatically be deleted after the script is finished or after a specific time?
Marco -- VMSoft GbR Nabburger Str. 15 81737 München Geschäftsführer: Marco Schuster, Volker Hemmert http://vmsoft-gbr.de _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
