PHP & MySQL | Tutorials

David Carr

Naming your sessions

In PHP when you create a session and give it a name always make the name unique and not the same name as any variables you have.

For example if you create a session like this:

$_SESSION['username'] = $username;

You could override the session with the variable username a common example of this is if you had a list of user and had a query pulling out all the usernames from your database the loop would cause the last username in the loop to override the session, In this case the session is now the last user in the loop and is a major security vulnerability. 

To avoid this just make the session name unique from all variables used throughout the site like:

$_SESSION['loggedin'] = $username;

This makes sure it won't be over written and will save you hours of trying to find out what's going wrong.

Domains are often purchased from multiple providers, keeping track of where a domain is and its DNS settings can be tricky. Domain Mapper solves this by listing all your domains in one place. View your DNS settings and receive reminders to renew your domains. Try it today.

Support my work by donating with PayPal.

Subscribe to my newsletter

Subscribe and get my books and product announcements.

© 2009 - 2021 DC Blog. All code MIT license. All rights reserved.