Is it safe to store user role in code session?
This role will determine that the user will be; This administrator is becoming a regular customer or premium user.
I am also saving sessions in a database for additional security, but I want to know that I should use alternate routes, such as checking the user's ID inquiry and their role But I believe that just take a step forward in the certification.
Please advise.
Yes it is safe if it is stored in the database, to tamper with user's data Not so much.
Comments
Post a Comment