Where are the user parameters stored on a lower level? The filter parameters for example. I don't think it's the cookies so where is it? And is it secure? as in can a user modify them in some way and hack his way into the website?
Asked
Active
Viewed 68 times
1 Answers
0
By default your session files are stored in session.savepath folder, so it's server side. The link between this session file and the user cookie is the session_id stored inside the session cookie.
maybe you should read : PHP Session Security
-
So there is some chance(if the he tries brute force), the user can find himself logged in as administrator. But then again, if you try brute force, you can even break RSA :-P. – prongs Dec 14 '11 at 18:51