Home > Article > Backend Development > Analysis of php session security issues
Analysis of php session security issues
- 高洛峰Original
- 2016-11-30 09:42:281072browse
Therefore, our main solution is to verify the validity of the session ID.
The following is the quoted content:
The code is as follows:
if(!isset($_SESSION['user_agent'])){
$ _SESSION['user_agent'] =$_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'];
}
/* If the user session ID is fake*/
elseif ($_SESSION['user_agent'] != $_SERVER ['REMOTE_ADDR'] .$_SERVER['HTTP_USER_AGENT']) {
session_regenerate_id();
}
?>
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:Getting Started with Regular ExpressionsNext article:Getting Started with Regular Expressions