|
PHP - Phpsessid Q
should i store phpsessid in a cookie?
php_value session.use_only_cookies 1 php_value session.use_trans_sid 0 Similar Tutorialswhen PHPSESSID is stored in a cookie(or URL), and if some hacker gets hold of this wrongfully, can he create a pseudo-authentication, now that he has a sessionid? and then proceed with what a genuine login can do?... how to solve this? |
|||||||