Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Libraries & Helpers DELETE
DELETE
  • El Forum
    Unregistered
  •  
#2
06-05-2011, 10:48 AM

[eluser]WanWizard[/eluser]
Care to explain what it is that makes this secure?

A quick glance of the code shows that you have removed the most secure part of CI's session library, which is the encrypted session cookie.
Instead, you rely on $_SESSION, and I assume PHP's native session cookie as well (although I don't see a sess_start() call anywhere, it needs auto start needs to be configured too?), which is very insecure!


Messages In This Thread
DELETE - by El Forum - 06-05-2011, 09:00 AM
DELETE - by El Forum - 06-05-2011, 10:48 AM
DELETE - by El Forum - 06-05-2011, 11:18 AM
DELETE - by El Forum - 06-05-2011, 12:07 PM
DELETE - by El Forum - 06-05-2011, 12:20 PM
DELETE - by El Forum - 06-05-2011, 12:38 PM
DELETE - by El Forum - 06-05-2011, 12:49 PM
DELETE - by El Forum - 06-05-2011, 01:01 PM
DELETE - by El Forum - 06-06-2011, 05:21 AM
DELETE - by El Forum - 06-06-2011, 06:16 PM
DELETE - by El Forum - 06-06-2011, 11:23 PM
DELETE - by El Forum - 06-07-2011, 06:51 AM
DELETE - by El Forum - 06-07-2011, 09:16 AM



Theme © iAndrew 2016 - Forum software by © MyBB