Session Data exposure session data usually contains personal information and other sensitive data. For this reason, session data exposure is a common concern. In general, the exposure scope is not very large, because session data is guaranteed...
Session Data exposure
Session Data usually contains personal information and other sensitive data. For this reason, session data exposure is a common concern. In general, the exposure scope is not very large, because session data is stored in the server environment, rather than in the database or file system. Therefore, session data will not be publicly exposed.
SSL is a particularly effective method that minimizes the possibility of data being exposed when transmitted between the server and the client. This is very important for applications that transmit sensitive data. SSL provides a protection layer over HTTP to protect all data in HTTP requests and responses.
If you are concerned about the security of the session data storage area, you can encrypt the session data so that you cannot read its content without the correct key. This is very easy to do in PHP. you only need to use session_set_save_handler () and write your own session encryption and decryption functions. For more information about how to save the encrypted session data, see Appendix C.
The above is the PHP Security-session data exposure content. For more information, see PHP Chinese network (www.php1.cn )!