i would like to know how safe is to use session variables like
session[:name]=something? can it be tampered by the user or somebody?
can we have it in methods in application.rb and application_helper.rb
for some validation and how safe is that too? i've different types of
users for whom views are also different so i was thinking of setting
them by session vars. is thr any other better way? any help is greatly
appreciated. thanks in advance.