Tracking and Using Login State on the Server
The client-side session object cannot be depended upon to restrict access to sensitive data on the server. Its purpose, as described in the preceding section, is to keep track of the state of the client. The server-side session is responsible for tracking the state of the application on the server and can therefore be used to control user access.
FIGURE 10-2. The bad login message being displayed to the user
PHP was designed to be a web application from the start. Because sessions had already been implemented in other languages such as Perl and Java, it was natural to implement them in PHP as well. ...
Get Oracle Database Ajax & PHP Web Application Development now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
