[RESOLVED] Database Login Credentials
When I first started this project, PHP was new to me and I didn't have a clue how to use it. Here, seven months later, I still don't know what I'm doing.
I have 47 pages that are MySQL intensive. Each client has their own login credentials to the database. I've been using the $_SESSION global to carry these credentials across the pages. I realize this is a huge security issue, but I don't know any other way to keep their username / password handy as they log in and out of the database. I've searched and not found anything resembling my need here. Most of the discussions relate to setting $_SESSION['foo'] = 'bar' and carying that from page to page.
I cld really use some insight on this. Thanks.
It's only insecure if (a) someone can hijack a session, and then (b) find a hole in you application that allows them to display the data in $_SESSION. If (a) is true, you already have a bunch of security issues that need addressing.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)