>I normally do as you have suggested here - but why do you suggest that
>this method is better?
>
>
One reason is for security. You cannot ever rule out the possibility of
a user injecting someone else's data into the session to get access to
information that he should not have. Of course he
Pete wrote:
You should only save the userId in the session, everything else should
be retrieved from your database using that id.
I normally do as you have suggested here - but why do you suggest that
this method is better?
One reason is for security. You cannot ever rule out the p
In message <[EMAIL PROTECTED]>, raditha dissanayake
<[EMAIL PROTECTED]> writes
>Reinhart Viane wrote:
>
>>in a page checkuser i do this after the user is logged in:
>> PHP Code
>> // Register some session variables!
>> session_register('userid');
>> $_SESSION['us
Reinhart Viane wrote:
in a page checkuser i do this after the user is logged in:
PHP Code
// Register some session variables!
session_register('userid');
$_SESSION['userid'] = $userid;
session_register('first_name');
$_SESSION['first_nam
It could be a case that your provider is load balancing across several
machines. If they are, and they aren't storing the session data in a
central location, then that might account for the issue.
That would explain the intermittent failure. The user might be making
keepalive requests to the sa
5 matches
Mail list logo
