PHP: Cookies

14 posts Page 2 of 2
Contributors
User avatar
Codex
Coding God
Coding God
Posts: 2028
Joined: Wed Mar 31, 2010 5:50 pm

Re: PHP: Cookies
Codex
Theoretically speaking, can't you steal the unique ID from the cookie and duplicate it for use on another computer ?

OT: Good tutorial, well written cooll;
We shall let the revolution begin.. the revolution for freedom, freedom against censorship. We shall fight in the fields and in the streets, we shall fight in the hills; we shall never surrender
User avatar
smashapps
Coding Guru
Coding Guru
Posts: 961
Joined: Tue Apr 05, 2011 8:41 am

Re: PHP: Cookies
smashapps
Thanks #Codex and I'm sorry if I confused anyone, yes sessions are safe.
My name is Tom | Visit my blog where I post new content every day! Tom's Daily Blog | MineCraft is awesome!
User avatar
XTechVB
VIP - Site Partner
VIP - Site Partner
Posts: 727
Joined: Thu May 20, 2010 10:32 am

Re: PHP: Cookies
XTechVB
Codex wrote:
Theoretically speaking, can't you steal the unique ID from the cookie and duplicate it for use on another computer ?

OT: Good tutorial, well written cooll;
#Codex Oh yes. There are quite a few ways to steal a session id so it can be injected from another computer, ID Prediction, Session Sniffing, XSS and more.
But the guys from PHP already thought of that and they created the session_regenerate_id method, which regenerates the Session ID every time the page loads. And if used properly, the chances of someone stealing the Session ID, will be slim to none.
You can find me on Facebook or on Skype mihai_92b
User avatar
smashapps
Coding Guru
Coding Guru
Posts: 961
Joined: Tue Apr 05, 2011 8:41 am

Re: PHP: Cookies
smashapps
That is interesting I wasn't aware of that #XTechVB thanks
My name is Tom | Visit my blog where I post new content every day! Tom's Daily Blog | MineCraft is awesome!
14 posts Page 2 of 2
Return to “Tutorials”