Menu
Is it possible in PHP to edit another users session other than the current user? If so how?
580
A user cannot modify PHP sessions on the server. They can only forge a legitimate cookie and masquerade as a logged-in user - but that will require them to steal a valid cookie in the first place.
Modifying Published Session Variables Session variables on the client are read-only. They cannot be modified.
session_start() creates a session or resumes the current one based on a session identifier passed via a GET or POST request, or passed via a cookie. When session_start() is called or when a session auto starts, PHP will call the open and read session save handlers.
No. Session data is stored on the server. The session ID is the only thing transferred back and forward between the client and the server. Therefore, unless the server is hacked or has a server-side bug, the client cannot change the session data directly.
It is possible to edit another users session in php through couple of ways:
1st way is to you have to get SessionID of the user for which you want to edit session;
session_id($SessionID);
// and then enter code your logic to change session data here;
If you are storing your session data in database then it would be even easier to manipulate data directly in database which would update user session when application will request data again.
Remember you can play with user session up to any level the only thing required is SESSION_ID. If you got that you won the game;
89
It depends on method which server use to store the session data. I think there maybe a few ways to store like database, files on server, memcache server. so you have to use a proper way.
anyway I've done web programming just for 5 months. so I'm not sure what I said.
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
