Re: [請益] session資訊可以偽造嗎?
※ 引述《louis60401 (願晴)》之銘言:
: → john0227 :用戶或駭客有辦法可以自己創立或修改session變數嗎? 02/22 10:14
: 可以.
: ?_SESSION[變數名稱]=值
: 意思就是說你要預防你的SESSION變數名稱被發現.
: 但是要在這方面下功夫
: 到不如想一下要如何驗證值是不是被改了
: 或是乾脆讓值被改了也沒關係.
看不太懂這一串討論@@
session不是存在server端嗎?
client如何偽造?
頂多是hijack吧
還是你們說的session跟我想的不一樣@@a
--
※ 發信站: 批踢踢實業坊(ptt.cc)
◆ From: 220.135.231.23
→
02/23 00:28, , 1F
02/23 00:28, 1F
→
02/23 00:29, , 2F
02/23 00:29, 2F
→
02/23 00:30, , 3F
02/23 00:30, 3F
→
02/23 00:30, , 4F
02/23 00:30, 4F
→
02/23 00:30, , 5F
02/23 00:30, 5F
→
02/23 00:32, , 6F
02/23 00:32, 6F
→
02/23 00:32, , 7F
02/23 00:32, 7F
→
02/23 00:32, , 8F
02/23 00:32, 8F
→
02/23 00:32, , 9F
02/23 00:32, 9F
→
02/23 00:33, , 10F
02/23 00:33, 10F
→
02/23 00:33, , 11F
02/23 00:33, 11F
→
02/23 00:33, , 12F
02/23 00:33, 12F
→
02/23 00:34, , 13F
02/23 00:34, 13F
→
02/23 00:36, , 14F
02/23 00:36, 14F
→
02/23 00:36, , 15F
02/23 00:36, 15F
→
02/23 00:36, , 16F
02/23 00:36, 16F
→
02/23 00:37, , 17F
02/23 00:37, 17F
→
02/23 00:38, , 18F
02/23 00:38, 18F
→
02/23 00:38, , 19F
02/23 00:38, 19F
→
02/23 00:39, , 20F
02/23 00:39, 20F
→
02/23 00:39, , 21F
02/23 00:39, 21F
→
02/23 00:40, , 22F
02/23 00:40, 22F
→
02/23 00:40, , 23F
02/23 00:40, 23F
→
02/23 00:40, , 24F
02/23 00:40, 24F
→
02/23 00:41, , 25F
02/23 00:41, 25F
→
02/23 00:41, , 26F
02/23 00:41, 26F
→
02/23 00:45, , 27F
02/23 00:45, 27F
→
02/23 00:48, , 28F
02/23 00:48, 28F
→
02/23 01:51, , 29F
02/23 01:51, 29F
→
02/23 11:06, , 30F
02/23 11:06, 30F
→
02/23 11:07, , 31F
02/23 11:07, 31F
討論串 (同標題文章)
PHP 近期熱門文章
PTT數位生活區 即時熱門文章
0
18