On Friday, June 7, 2002, at 12:32 PM, Jeff Field wrote:
> I'm under the impression that when I create the user
> and password variables, the variables are only available in the session
> cookie on my own server, not in the cookie that is sent to the user to
> maintain sessions. The cookie sent
> To: PHP List
> Subject: Re: [PHP] Access control question - follow-up question
>
>
> On Fri, Jun 07, 2002 at 11:32:48AM -0500, Jeff Field wrote:
> >
> > In regards to "Passing/testing the password on each page is
> unnecessary and
> > poses security risks."
On Fri, Jun 07, 2002 at 11:32:48AM -0500, Jeff Field wrote:
>
> In regards to "Passing/testing the password on each page is unnecessary and
> poses security risks.", I'm under the impression that when I create the user
> and password variables, the variables are only available in the session
> co
Your way to check for privileges sounds good. However, at my site, for this
one area (basically, the customer's area) there's only one privilege; you
either have access or you don't. So, I'm assuming my way is probably good
enough for now.
In regards to the presence of the session itself being
4 matches
Mail list logo
