too*_*php 5 php security session
当低权限非管理员用户成功登录我的Web应用程序时,我将以下数据存储在$_SESSION数组中:
$_SESSION = array(
'user_id' => 2343, // whatever their user_id number is from the DB
'allow_admin' => false, // don't give them access to admin tools
'allow_edit' => false, // don't let them edit stuff
);
$_SESSION除了以某种方式编辑会话文件之外,还有什么办法可以操纵数组给他们Admin或Edit访问权限/tmp吗?(上面的代码是添加这些项目的唯一地方$_SESSION)