In my project the user signs the form using his digital signature. for this the user's private key has to be transmitted to the server.I am Planning to save that private key in $_SESSION variable so that the user need not be prompted again for his private key. The doubt I have is is $_SESSION variable safe. Can any hacker have access to the $_SESSION variable and hack the private key of the user?
0 · ·