Richard Lynch wrote:
On Wed, August 29, 2007 4:33 pm, tedd wrote:
At 10:52 PM +0200 8/18/07, Michelle Konzack wrote:
Am 2007-08-17 22:07:47, schrieb Bastien Koert:
If cookies are not available, you can either
hide the id in the hidden form field element
or
enable trans_sid to automaticall
On Wed, August 29, 2007 4:33 pm, tedd wrote:
> At 10:52 PM +0200 8/18/07, Michelle Konzack wrote:
>>Am 2007-08-17 22:07:47, schrieb Bastien Koert:
>>>
>>> If cookies are not available, you can either
>>>
>>> hide the id in the hidden form field element
>>> or
>>> enable trans_sid to automatical
On 8/29/07, tedd <[EMAIL PROTECTED]> wrote:
> When the user first generates a session id, grab the user's ip and
> store both in mysql.
>
> In the code, always check the session id against the user's ip before
> doing anything. If they don't match with what you started with, then
> stop. That shoul
Hello, thanks for all the replies.
However, since I'm not very familiar with trans_sid I'll do some research on
that.
Michelle Konzack, if hiding the id in hidden form field element or enabling
trans_sid could lead to security risks, what would you recommend as an
alternative method to safely tran
4 matches
Mail list logo
