|
Name: |
Secure Session |
Base name: |
secure_session |
Description: |
Prevent session hijacking or session fixation |
Version: |
1.0.0 |
PHP version: |
- |
License: |
GNU General Public License (GPL) |
All time users: |
13509 users |
All time rank: |
79 |
Week users: |
0 users |
Week rank: |
177  |
|
|
 January 2006
Number 2
Prize: One book of choice by O'Reilly |
Sessions have become one of possible features that can be exploited to perform security attacks to PHP sites.
Sessions are not insecure by themselves, but if they are not used with a certain care, they may be eventually abused by malicious users.
Session hijacking abuses can happen when somebody with privileged network access can sniff traffic that goes to potential victim site. Session fixation abuses can happen when a site uses the same session identifier for the same user before and after he authenticates to log in.
This class provides a solution to prevent these kinds of session abuses to prevent that PHP sites that use sessions become compromised.
Manuel Lemos |
Ratings | Utility |
Consistency |
Documentation |
Examples |
Tests |
Videos |
Overall |
Rank |
All time: |
Good (91%) |
Good (88%) |
- |
Good (85%) |
- |
- |
Sufficient (63%) |
1045 |
Month: |
Not yet rated by the users |
|
Pages that reference this package |
|
Latest pages that reference packages
|
Applications that use this package |
|
No pages of applications that use this class were specified.
If you know an application of this package, send a message to the author to add a link here.
|
Files |
|
|
Files |
|