Can PHP sessions be edited like cookies? Or they’re stored on the webhost?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
The session key is stored in the client’s browser, while the data is stored on the server.
When the user makes a request on the server, their session key is sent across the network and the values associated with their key are retrieved from the specific session file on the server and are made accessible via $_SESSION.
It it possible to hijack another user’s session if the key is intercepted, which is why you should have specific values in the session which associate to the user’s computer/network connection (IP address, for example).