Is there a topic you’d love to see a tutorial on? Are you stuck on a bug you just can’t work out? Ask The Web Mason is your chance to get answers to all your burning questions – all of the web development related ones anyway! If your question is picked, the answer or tutorial will be posted on the blog. This is your chance to get a professional consultant to help with your programming challenges – for free!

To submit a question, problem, tutorial request, etc, simply comment on the Ask The Web Mason page. If your problem is fairly long and/or requires significant code for review, please submit a small comment asking for an email, and I’ll reply to the email you used for the comment. Remember to remove database connection information and any other personal details before sending your code over!


1 comment

  1. I know that PHP sessions are used frequently for login pages, shopping carts etc. and a good way to protect them from compromise is by using SSL. Unfortunately, many don’t have this luxury so have to improve session security in other ways.

    How about a post (or maybe a series?) dealing with exactly how sessions work, storing them in a database rather than the file system, linking them to a specific IP address and/or specific browser to check if a hijack has been attempted, change settings in php.ini such as session.cookie_httponly etc.

    I’m relatively new to PHP and have done some reading around this and suspect that some of the articles I have seen might be outdated. Equally, there might be newer techniques that I have not come across which can be implemented to protect sessions from compromise.

    Anyway, it’s just an idea for you to consider.

Add your comment now