FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Sanitizing user input
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Sanitizing user input [message #169854 is a reply to message #169853] Tue, 28 September 2010 16:24 Go to previous messageGo to previous message
Michael Fesser is currently offline  Michael Fesser
Messages: 215
Registered: September 2010
Karma:
Senior Member
.oO(Jerry Stuckle)

> On 9/28/2010 9:14 AM, Web Dreamer wrote:
>> Setting "ini_set('session.name', 'SomethingElseThan_PHPSESSID');" for each
>> of your Web apps is a better guarantee to avoid any of such potential
>> issues.
>> But this is out of the current subject, just felt it ought to be mentioned.
>
> Definitely NOT! This can really screw up other apps. For instance, the
> site stores the login id in the session, with the default cookie
> PHPSESSID. Now your page gets control and changes that session name.

Depends on whether several applications should be allowed to access and
use the same session data or not. Usually I want my apps separated, even
if they use the same code. So each one would get its own session name if
necessary.

Micha
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: how to write a wsdl for php webservice?
Next Topic: ANNOUNCE - NHI1 / PLMK / libmsgque - Work-Package-II
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Nov 23 19:09:16 GMT 2024

Total time taken to generate the page: 0.06051 seconds