Welcome Guest, Not a member yet? Register   Sign In
Is Session a safe place to store data ?
#15

It sounds like you have checked a 'remember me' and a permanent cookie was set. I am also guessing that the code will have to match the email address in the cookie, so changing it would fail that check. Unless you can guess another email address and their associated code, and that user has actually also used a remember me.

I would be very surprised if Ion Auth had a hole in it that gaping. I tend to use my own library for auth now but when I do not I use Ion Auth every time. It is so simple and quick to implement and is very well written.

Best wishes,

Paul.
Reply


Messages In This Thread
RE: Is Session a safe place to store data ? - by PaulD - 07-25-2016, 04:21 PM



Theme © iAndrew 2016 - Forum software by © MyBB