Suppose a hacker has an account of your website He could set the PHPSESSID to empty After of that He login in your system The PHPSESSID remains blank and user has already logged with this session
Suppose a hacker has an account of your website He could set the PHPSESSID to empty After of that He login in your system The PHPSESSID remains blank and user has already logged with this session
In case of a multilingual application, one might consider it a reasonable approach to store the preferred language of the user in a session variable, and after that, every time a page is requested, to check this session variable and render the page in the indicated language.
This tutorial shows a Yii-way of doing this.
We implement an event handler for the onBeginRequest event; as the nam...