X-Git-Url: https://git.martlubbers.net/?a=blobdiff_plain;f=report%2Fv3_session.tex;h=5b1f207fd4d445e1bb73290a1b1c26d55f086c0b;hb=a96b8664d0a69c379e356c4ca606772373f5d108;hp=9e066ccf8e6477f2647559742b2ab4d2221cb661;hpb=2ef9a68b3bb4325db2bfea2eb729faa03a776366;p=ssproject1617.git

diff --git a/report/v3_session.tex b/report/v3_session.tex
index 9e066cc..5b1f207 100644
--- a/report/v3_session.tex
+++ b/report/v3_session.tex
@@ -1,17 +1,31 @@
 \begin{enumerate}[label={3.\arabic*}]
 
     \item
-    \TODO{}
+    \pass
     Verify that there is no custom session manager, or that the custom session
     manager is resistant against all common session management attacks.
+    \begin{result}
+      The application uses the standard \PHP functionality;
+      \code{session_start()} to manage sessions.
+    \end{result}
+
 
     \item
-    \TODO{}
+    \pass
     Verify that sessions are invalidated when the user logs out.
+    \begin{result}
+      When a user logs out the application calls \code{forget()}, which destroys
+      the session.
+    \end{result}
+
 
     \item
-    \TODO{}
+    \fail
     Verify that sessions timeout after a specified period of inactivity.
+    \begin{result}
+    There is no functionality which tracks how long a user has been inactive.
+    \end{result}
+
 
   \notapplicable{
     \item