In this chapter, we saw how we can use cookies and sessions to overcome the stateless nature of HTTP communications and associate data with individual users visiting our web site. We saw that cookies are a simple and effective way of using the client's computer to store small pieces of information.

Sessions can be used for more robust information management between the user and your web application. By using cookies to transmit a session ID and having PHP manage all the data associated with that session ID, we can associate arbitrary and complicated data with a visit. However, the session ID's flexibility makes it vulnerable to attackers who try to find vulnerabilities in session code, and we must try to make their lives as difficult as possible.

In the next chapter, we will look at user authentication. We will first investigate some solutions that various platforms (such as the Apache HTTP Server and existing plug-ins) give us and then see how we would write your own platform using sessions.

Core Web Application Development With PHP And MYSQL
Core Web Application Development with PHP and MySQL
ISBN: 0131867164
EAN: 2147483647
Year: 2005
Pages: 255

Similar book on Amazon © 2008-2017.
If you may any questions please contact us: