database

Storing Sessions in a database

Most common applications and “home-brew” sites use sessions for storing temporary data as well as authentication. However,
sometimes a developer may want the session to span over multiple domains and or servers, and some may just be very security
conscience. It is common knowledge that session data is stored in a text file on the webserver, however if you are using
a shared server (as most cannot afford dedicated hosting or VPS) then any user on that server may see your session files.
To prevent this, and allow your user’s sessions to span over multiple domains the answer is easy: store the session data in a
MySQL database! Most of you may not be sure how to do this, or may have even been unaway that this is possible, however it is
very easy. When storing sessions in a database PHP makes the work easy for us with the use of a function called
session_set_save_handler(), this function can control the way that sessions are stored, retrieved, destroyed, etc. Continue reading →

Posted by DCCoder in Posts from old site, Security, Tutorials, 0 comments