Transfering sessions across domains |
[eluser]The Wizard[/eluser]
heheh thank you yes, thats true indeed. so we make a special table, link it with the users id (via secret key). on the table, we store all information about the user, (browser type, IP etc.) and compare it with the user, which try's to login via the secret key. At least, this would bring somehow a little bit security i remember a prominent example where gmail was a subject to those session hijacking where you could gain access to a gmail account of choice. damn. security is hard.
[eluser]simshaun[/eluser]
Here's an interesting article I found about sessions between domains: http://www.melbournechapter.net/wordpres...-with-php/
[eluser]The Wizard[/eluser]
Thanks this are very good informations, i will keep them in my mind while i'm building my System. Thank you very very much.
[eluser]The Wizard[/eluser]
Hello again friends dunno if it helps, i want to share a custom code i use myself. Maybe its easy to develop but i still want to share it with you so, here it is. Code: function Security_BrowserInfo () { its a set of functions, which may be of help to you so, i hope its useful take care friends |
Welcome Guest, Not a member yet? Register Sign In |