Explain sessions and cookies, PHP Web Programming

Where is the sessions stored?

Sessions are stored in server side & it is accessed by a unique id that is known as the session-id where each user-visitor is assigned when they access your website.

How the session-id is propagated within website?

principally, there are 2 methods either store in a cookie or propagated in the URL.

Leaking out an existing session-id to a third party is very risky if the session is filled with more important information.

There are main two methods of vulnerabilities are,

- When the session-id is carrying in URLs

If an external link from your site, a URL with the id might be stored in the external site’s referrer log.

- Active attacker might listen to network traffic

While the session-id flows over the network & if it is not encrypted an active listener might grab it. The best solution is to implement SSL & make it a must for all the users.

Posted Date: 9/1/2012 12:00:54 AM | Location : United States







Related Discussions:- Explain sessions and cookies, Assignment Help, Ask Question on Explain sessions and cookies, Get Answer, Expert's Help, Explain sessions and cookies Discussions

Write discussion on Explain sessions and cookies
Your posts are moderated
Related Questions
Need a developer to create web-based service I am seeking a developer to build a website that will provide users with an online business service. I will provide wireframes of th

Need help in Online food delivery web Not a usual online food delivery web. We want develop the web user interface as well as functionality from MySQL EER diagram model. Job

Seeking for a programmer We look forward to build a relationship with somebody or a group of people to work with us on our e-commerce platform. Expertise needed- • JavaScr

The JavaScript confirm alert box differs through a regular alert box in which it provides two choices to the user, OK & Cancel. Typically, you'll see confirmation boxes utilized on

Question: (a) Describe the two methods used to retrieve information from web forms using PHP. (b) Explain two different kinds of arrays that PHP uses. Give an example scri

I want adjustment in my wordpress site I want to adjust as well as some modifications of my website. I want the job done within short deadline. Desired Skills are MySQL Admin

Duplicate of Bitcoin / Crypto Currency Exchange Duplicate of popular European Bitcoin crypto currency exchange. Will deliver URL via PMB. Must be control panel driven and set

Macro to search patent information Objective To develop a macro that is accomplished to search through publicly available USPTO.gov database as well as count number of times fir

Dashboard application We're seeking to create a dashboard tracking application from various feeds job requires bit of research as well as knowledge of API's plus of course super

This is an acronym for Transmission Control Protocol / Internet Protocol. This is a collection of applications, protocols and services. TCP/IP protocol was developed prior to the O