Re: [Phplib-users] php4 session saves whole obj properties, includeud db pass

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Il 00:02, gioved=EC 26 settembre 2002, Michael Chaney ha scritto:
> On Wed, Sep 25, 2002 at 08:31:30PM +0200, Giancarlo wrote:
> > I am disappointed, again, in discovering that.
> > every property of the class is saves, and in each /tmp/sess_ there's
> > everything for the connection,included puser an pass in cleartext.
> >
> > phplib used to save only the persisten vars.
>
> I always erase passwords.
>

You mean you=20

unset ($db->Host);
unset ($db->User);
unset ($db->Database);
unset ($db->PAssword);

before page_close/freeze?

Gian