18 Oct
2004
18 Oct
'04
01:40
I just hit the issue of a PHP program which used to run happily failing with an error at the PHP session_start() function. A spot of Googling (and the phpinfo() function) confirms that SUSE have disabled session support in their recent PHP builds. I found a thread on the issue on the SUSE-English list which quickly dissolved into a rant, but not before someone said it was a security thing. I found the same question and answer in other places, but couldn't find anything further. So, two requests for information: 1) What can I read which tells me why PHP sessions are a security problem? 2) What can I read which tells me what I need to do to make my PHP program work again?