Sunday, December 21, 2008

PHP > Sample Class Login with secure session

This class can be used to prevent security attacks known as session hijacking and session fixation.

When a session is initialized the class computes a fingerprint string that takes in account the browser user agent string, the user agent IP address or part of it and a secret word. If the fingerprint value changes, it is very likely that the session was hijacked and it should no longer be accepted.

To prevent session fixation attacks the calls the PHP session_regenerate_id() function so the session identifier changes everytime the session is checked.

Download : secureSession.zip [ mirror ]

Reference : www.phpclasses.org

Posted by aipdam at 6:11 AM  

Labels: ,

  • Assinar feed
  • Agregar a Technorati
  • Agregar a Google
  • Agregar a Yahoo!
  • Agregar a Blogmarks
Posts Relacionados

Seja o primeiro a comentar

Post a Comment

Subscribe to: Post Comments (Atom)

Latest Comments

Loading...

About Me

My photo
Makassar, Sulawesi Selatan, Indonesia

Guest Book


ShoutMix chat widget

Script Sense ©Template Blogger Green by Dicas Blogger.

TOPO