Is it possible to manually edit PHP sessions?

Question

Is it possible to manually edit PHP sessions?

Can I edit PHP sessions as cookies? Or are they hosted on a web host?

+5

php

Finaldestiny Feb 14 '10 at 16:11

source share

4 answers

, . , . , , .

+2

Will Vousden 14 . '10 16:16

/tmp -, . session_save_path (), , PHP-, .

0

Xorlev 14 . '10 16:15

, :

, SID cookie URL-.
cookie session_save_path()
PHP

Alas, the only thing the client knows is the session identifier, but this can be captured, for example, using cookie cookies or other Cross Site Scripting scripting methods. If, for example, I got your SO session, SO would not know better than me. Unless they also checked my IP address or something like that.

0

Thom wiggers Feb 14 '10 at 16:20

source share

Tim cooper · Accepted Answer · 2010-02-14T16:12:53+0000

The session key is stored in the client’s browser, and the data is stored on the server.

When a user makes a request on the server, his session key is sent over the network, and the values associated with their key are retrieved from a specific session file on the server and made available through $ _SESSION.

Is it possible to capture another user session if the key is intercepted, so you should have certain values in the session that are associated with the user computer / network connection (for example, IP address).

Is it possible to manually edit PHP sessions?

More articles: