Session Security
I have a question regarding Security Assist and Session Security.
I have Security Assist create Session data from my database on Authentication and I am wondering how 'secure' the Session Data is?
I've been reading a bit about Web Security and Session HiJacking etc.. and as some of the information I am recalling from the database is sensitive I want to be sure there's very little chance of someone to be able to access the data.
Is it safe to use the session start command on pages that you are carying session data over to?
if (!isset($_SESSION)) {
session_start();
}
Your Feedback would be appreciated,