PHP Classes

Great script.

Recommend this page to a friend!

      Secure Session  >  All threads  >  Great script.  >  (Un) Subscribe thread alerts  
Subject:Great script.
Summary:Package rating comment
Messages:5
Author:Dennis Granger
Date:2008-04-13 12:00:31
Update:2008-04-15 04:03:45
 

Dennis Granger rated this package as follows:

Utility: Good
Consistency: Good
Examples: Good

  1. Great script.   Reply   Report abuse  
Picture of Dennis Granger Dennis Granger - 2008-04-13 12:00:32
Great script. I do notice one potential vulnerability - session_regenerate_id() should be replaced with session_regenerate_id(true). See notes by 'Different Dennis' at http://shiflett.org/articles/session-fixation

  2. Re: Great script.   Reply   Report abuse  
Picture of Dennis Granger Dennis Granger - 2008-04-13 12:09:05 - In reply to message 1 from Dennis Granger
Note: The source for this is Ilia Alshanetsky - see:

ilia.ws/archives/47-session_regener ...

  3. I just noticed earlier posts related...   Reply   Report abuse  
Picture of Dennis Granger Dennis Granger - 2008-04-13 12:24:54 - In reply to message 2 from Dennis Granger
Sorry, I just noticed earlier post relating to the same matter - see posting "session_regenerate_id does not solve our problem".

  4. Re: Great script.   Reply   Report abuse  
Picture of Vagharshak Tozalakyan Vagharshak Tozalakyan - 2008-04-13 13:01:09 - In reply to message 3 from Dennis Granger
Hello Dennis,

Thank you for your comment. I've just slightly modified the source code in order to support session_regenerate_id() parameter for PHP version 5.1.0 or higher.

  5. Re: Great script.   Reply   Report abuse  
Picture of Dennis Granger Dennis Granger - 2008-04-15 04:03:45 - In reply to message 4 from Vagharshak Tozalakyan
Terrific. That was a very quick response! Thanks Vagharshak.

Dennis