Results 1 to 2 of 2

Thread: [RESOLVED] Are Sessions safe?

  1. Aug 9th, 2009, 10:21 PM #1
    noahssite
    noahssite is offline

    Thread Starter
    Frenzied Member
    Join Date
    Jan 2008
    Posts
    1,754

    Resolved [RESOLVED] Are Sessions safe?

    Hello I am currently using Sessions to store the logged on user. An example of what I am doing is, ff the user eqauls "Noah" then the user has more access on a page.

    Are Session variables safe? Or can they be manipulated?
    Reply With Quote Reply With Quote
  2. Aug 9th, 2009, 11:00 PM #2
    penagate
    penagate is offline
    I'm about to be a PowerPoster!
    Join Date
    Jan 2005
    Location
    Everywhere
    Posts
    13,647

    Re: Are Sessions safe?

    Session variables cannot be directly manipulated. Sessions themselves can be 'hijacked' through various means. Make sure you have no CSRF or CSS vulnerabilities in your code.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


Click Here to Expand Forum to Full Width