Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion how does session data manipulation work with cookies?
how does session data manipulation work with cookies?
  • El Forum
    Unregistered
  •  
#6
05-21-2012, 04:51 PM

[eluser]CroNiX[/eluser]
Because the raw data in plain text is in a cookie, on your computer, which you can edit. Picture someone storing the user level that you can just change to "admin" or something by editing the cookie.

If you use the database, it stores the data in the database and only stores the session id in the cookie, so they can't manipulate it. And if the id is encrypted, it will be really hard for them to break figure it out.

Beyond that, cookies are limited to holding a total of 4k of data, which isn't very much for apps that require larger session storage, which the database offers.


Messages In This Thread
how does session data manipulation work with cookies? - by El Forum - 05-21-2012, 01:49 PM
how does session data manipulation work with cookies? - by El Forum - 05-21-2012, 02:19 PM
how does session data manipulation work with cookies? - by El Forum - 05-21-2012, 02:57 PM
how does session data manipulation work with cookies? - by El Forum - 05-21-2012, 03:27 PM
how does session data manipulation work with cookies? - by El Forum - 05-21-2012, 03:35 PM
how does session data manipulation work with cookies? - by El Forum - 05-21-2012, 04:51 PM
how does session data manipulation work with cookies? - by El Forum - 05-22-2012, 10:45 AM
how does session data manipulation work with cookies? - by El Forum - 05-22-2012, 10:55 AM
how does session data manipulation work with cookies? - by El Forum - 05-22-2012, 11:44 AM
how does session data manipulation work with cookies? - by El Forum - 05-22-2012, 12:09 PM
how does session data manipulation work with cookies? - by El Forum - 05-22-2012, 01:33 PM



Theme © iAndrew 2016 - Forum software by © MyBB