Skip to Main Content
Secure Development for Mobile Apps
book

Secure Development for Mobile Apps

by J. D. Glaser
October 2014
Intermediate to advanced content levelIntermediate to advanced
472 pages
10h 44m
English
Auerbach Publications
Content preview from Secure Development for Mobile Apps
195
14
Secure SeSSIon StorAge
PHP provides a very simple default mechanism to manage sessions. At the beginning
of a page, call session_start(), and add any session data to $_SESSION array,
like $SESSION['userName'] = $userName. Storage of session data, lookup of
session data, and client cookie management is all handled for the developer behind
the scenes.
Two major security problems with default session management are insecure storage of
session data and insecure session ID management. e most problematic issue is inse-
cure session ID management since lack of session ID validation leads to account com-
promise. Insecure file storage is also a concern, but is not as high risk as session cookies
traveling across the open Internet without any process ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Developing with Web Standards

Developing with Web Standards

John Allsopp
Mobile Cloud Computing

Mobile Cloud Computing

Dijiang Huang, Huijun Wu

Publisher Resources

ISBN: 9781482209037