Session Id management
- Hi all
I'm using php5 with mysql database in linux. I am working on programme where user login required with password. Password is encrypted with MD5. It's working fine.
But the problem what I am facing is that seesion id is passing through the cookie and visible while passing from one page to another. I'm using burp proxy to intercept the application. It's showing like this while intercepting "Cookie: PHPSESSID=65d59b74bbadd8d34f2a3e28ce356334".
If any hacker chage this session id the authenticated user can't login.
Can anybody please help me how to hide this while passing from one page to other.
Thanks in advance,
Copy addresses and emails from any email account to Yahoo! Mail - quick, easy and free. Do it now...