Thread: sercurity issuses of transmitting seesion id
Hi,
I have read that some security experts question the use of session ids over the internet.
Is this really a practical problem?
Thanks,
regards
Paul
Thanks chris, nice . regards, paul. ----- Original Message ----- From: "Chris" <chris@interspire.com> To: "'Paul Gimpelj'" <pgimpelj@sympatico.ca>; "'pgsql-php'" <pgsql-php@postgresql.org> Sent: Sunday, June 06, 2004 8:32 PM Subject: RE: [PHP] sercurity issuses of transmitting seesion id > Hi Paul, > > If you only use session-id's for authentication then it'll be a problem. > > http://www.sitepoint.com/blog-post-view.php?id=156260 > > has a bit more info about it and also some links to other articles that > talk about session stuff.. > > HTH. > > ------------ > Chris Smith > > Suite 30, 45-51 Huntley St, Alexandria, NSW 2015 Australia > > Ph: +61 2 9517 2505 > Fx: +61 2 9517 1915 > > email: info@interspire.com > web: www.interspire.com > > > > -----Original Message----- > From: pgsql-php-owner@postgresql.org > [mailto:pgsql-php-owner@postgresql.org] On Behalf Of Paul Gimpelj > Sent: Saturday, June 05, 2004 6:21 AM > To: pgsql-php > Subject: [PHP] sercurity issuses of transmitting seesion id > > > Hi, > > I have read that some security experts question the use of session ids > over the internet. > > Is this really a practical problem? > > Thanks, > regards > Paul >