Re: [Phplib-users] php4 session saves whole obj properties, includeud db pass
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
Re: [Phplib-users] php4 session saves whole obj properties, includeud db pass
|
From: Michael C. <mdc...@mi...> - 2002-09-25 21:53:33
|
On Wed, Sep 25, 2002 at 08:31:30PM +0200, Giancarlo wrote: > I am disappointed, again, in discovering that. > every property of the class is saves, and in each /tmp/sess_ there's > everything for the connection,included puser an pass in cleartext. > > phplib used to save only the persisten vars. I always erase passwords. Michael -- Michael Darrin Chaney mdc...@mi... http://www.michaelchaney.com/ |
