- ¥Ð¥Ã¥¯¥¢¥Ã¥×°ìÍ÷
- ¥½¡¼¥¹ ¤òɽ¼¨
- À¶¸¶¸¦½¤/6 ¤Ïºï½ü¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
- 1 (2007-08-16 (ÌÚ) 14:40:44)
- 2 (2007-08-16 (ÌÚ) 17:22:53)
À¶¸¶¸¦½¤/6?
Ìܼ¡ †
- Ìܼ¡
- ¥»¥Ã¥·¥ç¥ó¤Ë¤Ä¤¤¤ÆÄ´¤Ù¤ë
- ²ÝÂê
- ³Îǧ
- ¥»¥Ã¥·¥ç¥óID¤È¤Ï²¿¤«¡©
- ¥·¥ê¥¢¥é¥¤¥º¤È¤Ï²¿¤«¡©
- ¤É¤Î¤è¤¦¤Ë¤·¤Æ¥·¥ê¥¢¥é¥¤¥º¤µ¤ì¤¿¥»¥Ã¥·¥ç¥ó¤Î¾ðÊ󤬸«¤ë¤³¤È¤¬¤Ç¤¤ë¤Î¤«¡©
- ¥·¥ê¥¢¥é¥¤¥º¤µ¤ì¤¿¾ðÊó¤Ï¤É¤Î¤è¤¦¤Ê·Á¼°¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤Î¤«¡©
- ¥»¥Ã¥·¥ç¥ó¤Î͸ú´ü¸Â¤Ï¤É¤Î¤è¤¦¤Ë¤·¤Æ³Îǧ¤Ç¤¤ë¤Î¤«¡©
- ¥»¥Ã¥·¥ç¥ó¤Î͸ú´ü¸Â¤Ï¤É¤Î¤è¤¦¤Ë¤·¤ÆÀßÄꤹ¤ë¤³¤È¤¬¤Ç¤¤ë¤Î¤«¡©
- ¥»¥Ã¥·¥ç¥ó¤Ë´Ø¤¹¤ëÀȼåÀ¤Ë¤Ï¤É¤Î¤è¤¦¤Ê¤â¤Î¤¬¤¢¤ë¤«¡©
- Session ¥Ï¥¤¥¸¥ã¥Ã¥¯¤È¤Ï¤É¤Î¤è¤¦¤Ê¤â¤Î¤«¡©
- Session Fixation¤È¤Ï¤É¤Î¤è¤¦¤Ê¤â¤Î¤«¡©
¥»¥Ã¥·¥ç¥ó¤Ë¤Ä¤¤¤ÆÄ´¤Ù¤ë †
¥«¥Æ¥´¥ê¡¼ | ÊÙ¶¯ |
Í¥Àè½ç°Ì | »êµÞ |
¥¤¥Æ¥ì¡¼¥·¥ç¥ó | ¥¤¥Æ¥ì¡¼¥·¥ç¥ó1? |
¾õÂÖ | ´°Î» |
´°Î»Í½ÄêÆü | |
¹©¿ô | |
Âбþ¼Ô | À¶¸¶ |
²ÝÂê †
PHP: ¥»¥Ã¥·¥ç¥ó½èÍý´Ø¿ô(session) - Manual
http://jp.php.net/manual/ja/ref.session.php
¤ò¤ß¤Ã¤Á¤êÆɤó¤ÇÍý²ò¤¹¤ë
¤È¤¯¤Ë¡¢
- »ÅÁȤߤˤĤ¤¤Æ
- ¥»¥Ã¥·¥ç¥óID¤ò»È¤¦¤È¤¤¤¦¤³¤È
- ¥ª¥Ö¥¸¥§¥¯¥È¥·¥ê¥¢¥é¥¤¥º¤òÆâÉôŪ¤Ë»È¤Ã¤Æ¤¤¤ë¤È¤¤¤¦¤³¤È
(¤³¤¦¤¤¤¦¤³¤È¤òÃΤäƤ¤¤ë¤È
¥·¥ê¥¢¥é¥¤¥º¤µ¤ì¤¿Ê¸»úÎó¤ò¸«¤Æ¥Ç¥Ð¥Ã¥°¤¹¤ë¤È¤«
¥é¥Ö¥ë¥·¥å¡¼¥Æ¥£¥ó¥°¤¬¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£
¤¢¤È¡¢¼Â¸½¤Ç¤¤ë¤³¤È¡¢¤Ç¤¤Ê¤¤¤³¤È¤¬¥¤¥á¡¼¥¸¤Ç¤¤¿¤ê¡£) - ͸ú´ü¸Â¤È¤«¡¢ºÙ¤«¤¤»ÅÍͤˤĤ¤¤Æ
- ÀȼåÀ¤Ë¤Ä¤¤¤Æ
- ¥¯¥Ã¥¡¼¤ÈURL¥Ñ¥é¥á¡¼¥¿
- Session ¥Ï¥¤¥¸¥ã¥Ã¥¯¤Ë¤Ä¤¤¤Æ
- Session Fixation¤Ë¤Ä¤¤¤Æ
³Îǧ †
¥»¥Ã¥·¥ç¥óID¤È¤Ï²¿¤«¡© †
- ¥»¥Ã¥·¥ç¥ó¤ò´ÉÍý¤¹¤ë¾å¤ÇÍøÍѤ¹¤ë¼±ÊÌÈÖ¹æ
- ¥µ¡¼¥Ð¤¬¥¯¥é¥¤¥¢¥ó¥È¤´¤È¤Ëȯ¹Ô¤¹¤ë¡£
- ¥»¥Ã¥·¥ç¥óID¤ÎÈÂÁ÷ÊýË¡¤Ë¤Ï°Ê²¼¤Î£³¼ï¤¬Â¸ºß¤¹¤ë¡£
- URL¥ê¥é¥¤¥Æ¥£¥ó¥°
- HTTP Cookie
- hidden¥Õ¥£¡¼¥ë¥É
»²¹Í
¥·¥ê¥¢¥é¥¤¥º¤È¤Ï²¿¤«¡© †
- ¥¢¥×¥ê¥±¡¼¥·¥ç¥óÃæ¤Î¥Ç¡¼¥¿¤ä¥ª¥Ö¥¸¥§¥¯¥È¤ò¥Õ¥¡¥¤¥ë¤ä¥Í¥Ã¥È¥ï¡¼¥¯¤Ë½ñ¤¹þ¤á¤ë·Á¤ËÊÑ´¹¤¹¤ë»ö¡£¥·¥ê¥¢¥ë²½
¤É¤Î¤è¤¦¤Ë¤·¤Æ¥·¥ê¥¢¥é¥¤¥º¤µ¤ì¤¿¥»¥Ã¥·¥ç¥ó¤Î¾ðÊ󤬸«¤ë¤³¤È¤¬¤Ç¤¤ë¤Î¤«¡© †
¥·¥ê¥¢¥é¥¤¥º¤µ¤ì¤¿¾ðÊó¤Ï¤É¤Î¤è¤¦¤Ê·Á¼°¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤Î¤«¡© †
- ±ÜÍ÷½ÐÍè¤ëʸ»úÎó·Á¼°
¥»¥Ã¥·¥ç¥ó¤Î͸ú´ü¸Â¤Ï¤É¤Î¤è¤¦¤Ë¤·¤Æ³Îǧ¤Ç¤¤ë¤Î¤«¡© †
- phpinfo´Ø¿ô
¥»¥Ã¥·¥ç¥ó¤Î͸ú´ü¸Â¤Ï¤É¤Î¤è¤¦¤Ë¤·¤ÆÀßÄꤹ¤ë¤³¤È¤¬¤Ç¤¤ë¤Î¤«¡© †
- PHP¥¹¥¯¥ê¥×¥ÈÆâ¤ÇÀßÄêÊѹ¹¤¹¤ë
ini_set('session.gc_maxlifetime', 'ÉÃ');
- php.ini¤ÇÀßÄêÊѹ¹¤¹¤ë
session.gc_maxlifetime = ÉÃ
- httpd.conf¤ä.htaccess¤ÇÀßÄêÊѹ¹¤¹¤ë
<Directory "......"> php_value session.gc_maxlifetime ÉÃ </Directory>
¥»¥Ã¥·¥ç¥ó¤Ë´Ø¤¹¤ëÀȼåÀ¤Ë¤Ï¤É¤Î¤è¤¦¤Ê¤â¤Î¤¬¤¢¤ë¤«¡© †
- Session ¥Ï¥¤¥¸¥ã¥Ã¥¯
- Session Fixation
- XSS
Session ¥Ï¥¤¥¸¥ã¥Ã¥¯¤È¤Ï¤É¤Î¤è¤¦¤Ê¤â¤Î¤«¡© †
- ¾¿Í¤¬³ÎΩ¤·¤¿¥»¥Ã¥·¥ç¥ó¤ò²£¼è¤ê¤·¡¢¹¶·â¼Ô¤Ï¤½¤Î¥æ¡¼¥¶¤Ë¤Ê¤ê¤¹¤Þ¤·¡¢¥¢¥¯¥»¥¹¤ò¹Ô¤¦¹Ô°Ù
Session Fixation¤È¤Ï¤É¤Î¤è¤¦¤Ê¤â¤Î¤«¡© †
- ¹¶·â¼Ô¤ÏÅðÄ°¡¦Ëµ¼õ¤»¤º¤ËǤ°Õ¤Î¥»¥Ã¥·¥ç¥óID¤ò¥æ¡¼¥¶¤Ë»È¤ï¤»¤ë¤³¤È¤Ë¤è¤ê¡¢Èï³²¼Ô¤Î¥»¥Ã¥·¥ç¥ó¤Ø¤Î¥¢¥¯¥»¥¹¤ò¤Ï¤¸¤á¤«¤é²¡¤µ¤¨¤Æ¤·¤Þ¤¦¹¶·â