Check out Scrivo

Do you want to try out Scrivo? Then here's a demo for you that does not just get your feet wet but lets you plunge right in.

Contact us

For more information, please contact us. We're happy to help you out!

Next Nov 2 Previous

Private sessions

How can you prevent other users from browsing through your session data when you are on a shared hosting environment.

A: No need to, session data can't be read by other users
B: Just enable safe_mode
C: You'll need to write your own session handler and register it with session_set_save_handler()
D: By setting session.save_path ain your php.ini

Choose the best answer.

Answer

PHP uses the system's temporary directory for storing session data if not instructed to do otherwise. And when you are on a shared hosting environment it might be very well possible that other scripts can read this data too. So answer A is wrong.

Setting safe_mode will not help you here because this will disable access to your system's temporary directory because it is considered unsafe. The result is that the session handling functions will fail. Thus answer B is false too.

You could write your own session handling function but it is much easier to point to an alternate session storage folder by setting session.save_path in your php.ini. So although answer C is correct, the best answer is D.