Hi,
What is the best way of securing $_SESSIONs in PHP page that prevents $_SESSION spoofing? Any example!
Thanks
veledrom 32 Master Poster
amd_k8 1 Light Poster
The most common way would be to make a unique id for the session. For example create a hash from users ip and browser he uses. Regenerate session id's after logout, set session timeout and so on.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.