I couldn't fight the right forum for this, help Cookies
Posted: Wed Nov 26, 2014 12:22 pm
Hi,
I have some question. I don't have a code to show. But I have some basic question as to when to actually use cookie sessions?
Question#1: on each individual page where you start a cookie session, is a cookie created for each individual session?
Question#2: so lets say, I have authenticated a user, who has browser cookies enabled, which allows me to start a session, when going from the current page on the browser to another page in the site, do you keep track of the session you created by the session ID? or in retrospect to Questin#1, once you start a session for an authenticated user, you don't start another session because then the session ID will change, right?
Question#3: once I create a session, if I want to go from the current page on the browser, to another page in the site, how do I transmit or pass or transfer the cookie session ID to the page where I redirected, without giving away my user's session ID, which can be a vulnerability if someone is trying to hack the site, while someone is playing the game in an active session?
I will have more questions, but these questions for now, will allow me to understand those basic questions (some books, don't explain this sort of mechanics, unless I have not found the correct one).
If you adding a code sample for me to see, do it in PHP please. (Only if you are placing a sample code, otherwise it is not necessary).
Thanks.
I have some question. I don't have a code to show. But I have some basic question as to when to actually use cookie sessions?
Question#1: on each individual page where you start a cookie session, is a cookie created for each individual session?
Question#2: so lets say, I have authenticated a user, who has browser cookies enabled, which allows me to start a session, when going from the current page on the browser to another page in the site, do you keep track of the session you created by the session ID? or in retrospect to Questin#1, once you start a session for an authenticated user, you don't start another session because then the session ID will change, right?
Question#3: once I create a session, if I want to go from the current page on the browser, to another page in the site, how do I transmit or pass or transfer the cookie session ID to the page where I redirected, without giving away my user's session ID, which can be a vulnerability if someone is trying to hack the site, while someone is playing the game in an active session?
I will have more questions, but these questions for now, will allow me to understand those basic questions (some books, don't explain this sort of mechanics, unless I have not found the correct one).
If you adding a code sample for me to see, do it in PHP please. (Only if you are placing a sample code, otherwise it is not necessary).
Thanks.