Menu
When person logins, he gets $_SESSION['id'] and it becomes his id taken from mysql table. Then I do mysql queries like SELECT * FROM members WHERE member_id = {$_SESSION['id']}.
So, is it safe? Can $_SESSION['id'] disappear or could hacker edit it somehow?
Thank you.
821
No. Generally, session data is only stored server-side and should not be readable by an attacker.
Session IDs are sensitive information that may allow an attacker to steal, modify and/or destroy information once they obtain one. Information sent via URL parameters is: Stored in clear text in the browser history. Sent to external sites via the referrer HTTP header.
“Is a PHP session secure? PHP sessions are only as secure as your application makes them. PHP sessions will allow the client a pseudorandom string (“session ID”) for them to distinguish themselves with, but on the off chance that the string is intercepted by an attacker, the aggressor can imagine to be that client.
PHP allows us to track each visitor via a unique session ID which can be used to correlate data between connections. This id is a random string sent to the user when a session is created and is stored within the user's browser in a cookie (by default called PHPSESSID).
I would argue that it is always bad to create a query by simply inserting or concatenating variables. Instead, you should use a Prepared Statement that will guarantee protection against SQL Injection type attacks. IMHO, they also make code look better.
111
In theory, there is no way that clients can affect $_SESSION array, beacuse session data is stored on the server. But in practice, never trust this, because hacker can use another security hole and substitude $_SESSION['id'] with something bad.
Do this, before putting id into your query:
$_SESSION['id'] = intval($_SESSION['id']);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
