limiting content by session ok?

Security issues related to php and mysql usage. How to make your code secure? Security measures and configurations? It's all in here!

Moderators: egami, macek, gesf

Post Reply
php-forum Fan User
php-forum Fan User
Posts: 50
Joined: Fri Jan 20, 2012 8:00 am

Sun Apr 22, 2012 3:49 am

throughout my site i have been defining user only content by using

Code: Select all

i then have a code that runs on each page load that checks ID_User and a few other sessions against the database and if they don't match up it runs session_destroy(); i was just wondering if this is secure or should i be doing something else to limit user only content?
User avatar
php-forum GURU
php-forum GURU
Posts: 277
Joined: Wed Aug 25, 2010 10:42 am

Mon May 07, 2012 12:36 am

This is a good solution. Of course, this could be hacked (AS EVERYTHING) but it is not so easy.

Second solution could be to create secured folder on server and password it by .htaccess.

Third solution is SSL ,..

But I'm using SESSION User Authentication and it works fine ;-)
php-forum GURU
php-forum GURU
Posts: 1803
Joined: Thu Mar 10, 2011 5:07 pm

Thu Mar 14, 2013 5:11 am

Limiting data access using session variable is ok but if you can afford it then using SSL will be an added bonus as far security of your website is concerned.
Post Reply