Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Can hacker hack session_data?
Can hacker hack session_data?
  • El Forum
    Guest
  •  
#1
06-26-2012, 11:50 PM

[eluser]Unknown[/eluser]
Hello, i just want to clear session storages because i don't understand it thoroughly, so if someone can explain it to me, im very thankful. i want to know if a malicious user can change the data inside a session file. i have the sess_use_database and sess_encrypt_cookie set to TRUE.

for example scenario, i have an upload controller which checks the session data of the uploading user. the uploaded file will go to the user_id from the session storage. if a malicious user can change the session data's user_id to different user, then the uploaded file will go to different user. is this possible?

what can i do to protect my application from this activity?


Messages In This Thread
Can hacker hack session_data? - by El Forum - 06-26-2012, 11:50 PM
Can hacker hack session_data? - by El Forum - 06-26-2012, 11:53 PM
Can hacker hack session_data? - by El Forum - 06-27-2012, 12:15 AM
Can hacker hack session_data? - by El Forum - 06-27-2012, 05:19 AM



Theme © iAndrew 2016 - Forum software by © MyBB