News Feed
Jobs Feed
Sections




News Archive
PHPBuilder.com:
Session Security
by Chris Cornutt September 18, 2009 @ 08:12:12

In a new tutorial on PHPBuilder.com Marc Plotz takes a look at the security of your sessions and how to protect them from would-be data thieves.

Sessions are a very complicated part of PHP, and it is no surprise that the smarter website attacks are carried out on sessions. Most of these attacks involve one user impersonating another, or, more to the point, "hijacking" the other user's session data. As most experienced developers know, exploiting session data is an easy way into most low-to-medium security level websites--after all, that is how most website login systems work.

He looks at a few methods the hacker could use to get at your session data - session fixation, capturing and predicting where the values could be set so you can gain access.

0 comments voice your opinion now!
session security tutorial


blog comments powered by Disqus

Similar Posts

DevShed: Sessions and Cookies

Ilia Alshanetsky's Blog: PHP 5.2.0 RC3 Released!

Zend Developer Zone: Action Helpers in Zend Framework

Zend Framework By Examples: Handling dates and times (Zend_Date)

Alexy Kovyrin\'s Blog: Nginx With PHP As FastCGI Howto


 Community Events











Don't see your event here?
Let us know!

rest testing opinion series phpunit introduction conference database development framework release language usergroup interview unittest zendframework2 podcast symfony2 functional community

All content copyright, 2013 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework