News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHPBuilder.com:
Validating PHP User Sessions
August 17, 2006 @ 07:14:13

From PHPBuilder.com today, there's a new tutorial that looks at one of the more handy features built into PHP, one that makes personalized sites a whole lot easier - sessions - and their management.

In a nutshell, sessions are the way that we "maintain state" from one page to the next, that is, how we identify specific users across multiple page requests.

When the user comes to the site, we need to be able to give them a unique identifier (a session id) that will allow us to know the difference between each user on the site. So, when the user logs in, and then modifies their choices for foo.php, we know whose profile to save those changes to.

The article goes on to talk about what sessions really are, how they're handled on both the client and server side, and a simple code example of how to check the value of them. Thankfully, they also include a section on session vulnerabilities, showing how with something as simple as some Javascript, a session can be maipulated.

To help prevent this, they give some examples of securing your sessions. Then, to illustrate all of the above points, they provide some simple code validate the session information that's been set.

8 comments voice your opinion now!
validating user session tutorial client server vulnerabilities javascript validating user session tutorial client server vulnerabilities javascript


blog comments powered by Disqus

Similar Posts

Zend Developer Zone: AJAX Chat Tutorial Part 6 : Updating the User List

Ralph Schindler's Blog: Compiling Gearman (or anything) for Zend Server CE on Snow Leopard

WeberDev.com: User Authentication with patUser (Part 3)

Danne Lundqvist's Blog: Adding support for MS SQL Server to PHP in Linux

Jeremy Cook's Blog: Implementing the ArrayAccess Interface


Community Events

Don't see your event here?
Let us know!


configure composer series release community symfony2 example api podcast opinion performance framework conference interview introduction php7 application laravel voicesoftheelephpant part2

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework