GoFuckYourself.com - Adult Webmaster Forum - View Single Post

Skrrp · 08-13-2008, 01:06 PM

Little more info would be useful. Assuming: the session ID is a GUID that links into a record in the database/backing store to track the user as they browse the site.

Without seeing the site or source, I am making guesses here, but can you not use the $_SESSION object to store this information?

Check out my site (yeah, no graphics, but the code works). I'm using $_SESSION to store login information server side (per client). Each page that uses login details, it re-calls the login each time. This ensures that the user is 'up to date' at each point (in an account takeover war, as soon as someone changes the password, the other instance is kicked out on next page load).

If you want me to take a look, chuck me a link here or in a PM, but I will probably want to see source at some point if I can help.

08-13-2008, 01:06 PM
Skrrp Registered User Join Date: Aug 2008 Location: Wales Posts: 5	Little more info would be useful. Assuming: the session ID is a GUID that links into a record in the database/backing store to track the user as they browse the site. Without seeing the site or source, I am making guesses here, but can you not use the $_SESSION object to store this information? Check out my site (yeah, no graphics, but the code works). I'm using $_SESSION to store login information server side (per client). Each page that uses login details, it re-calls the login each time. This ensures that the user is 'up to date' at each point (in an account takeover war, as soon as someone changes the password, the other instance is kicked out on next page load). If you want me to take a look, chuck me a link here or in a PM, but I will probably want to see source at some point if I can help.