Arrays, Sessions and Cookies - Oh My!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Arrays, Sessions and Cookies - Oh My!

Post by Luke »

What happens if cookies are disabled while using sessions. Where is the SID stored? The URL? Do I have to manually append the SID to the url just in case cookies are turned off? How does this work?
vincenzobar
Forum Commoner
Posts: 95
Joined: Wed Nov 02, 2005 9:57 am

Post by vincenzobar »

as far as i know seesions are sepreate from cookies and are work arounds for cookies. Although Sessions only last the life of the open window. you can store info from sessions and cookies by parse the $_GET, $POST, $_HTTP.. , $SERVER variables to use in scripts for your pages.

like if user came from a HTTP_REFERER 'google' make serch engine check box 'google' = true on a form!
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

No, I'm pretty sure Sessions use cookies, and if they can't use those, they use the url to send the SID... anybody else know for sure?
Charles256
DevNet Resident
Posts: 1375
Joined: Fri Sep 16, 2005 9:06 pm

Post by Charles256 »

User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

Thanks charles... but I've already read most of that. I was just hoping somebody would maybe lay it out in simple terms for me. A yes or no answer. I guess I'll read the rest.
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

I was really hoping somebody would tell me if there is like a standard method if doing this or what? Are you SUPPOSED to append the SID to every URL or what??
Charles256
DevNet Resident
Posts: 1375
Joined: Fri Sep 16, 2005 9:06 pm

Post by Charles256 »

actually in the first two paragraphs it tells you whether or not sessions use URL's. generally speaking don't append the SID to every url..it gets messy if nothing else;)
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

Yes.. this is how I knew enough to say this...
No, I'm pretty sure Sessions use cookies, and if they can't use those, they use the url to send the SID...
I guess I should have worded this better. Thanks... your response did help, but what I am wondering is this...
How does the SID get passed along if Cookies are turned off. You said generally speaking, you don't want to appent the SID to every URL, but if you don't, how can you be sure it's going to be sent?
Charles256
DevNet Resident
Posts: 1375
Joined: Fri Sep 16, 2005 9:06 pm

Post by Charles256 »

if they have cookies turned off append the sid to every URL or just store a token of some sort in a database to indicate their logged in and when they log out delete that token... the options are limitless?:-D
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

Well wouldn't I have to append the SID to every URL anyway to make sure??

Never heard of this token idea... how does that work?
Charles256
DevNet Resident
Posts: 1375
Joined: Fri Sep 16, 2005 9:06 pm

Post by Charles256 »

well.it seems antiquated but in theory i spose you could do the following..after they pass a log in muster you could do a query on every page checking to see if online="1" (to indicate online) where username="username" (username will have to be passed somehow or another, hidden fields? append to url? something.) and if so then show them logged in material. upon requesting logot change online to 0. seems kind of back water but I suppose that would work..
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

Alright... I figured it out. There is a setting in the php.ini file that will tell the browser to automatically append the SID to the URL if set to 1...

session.use_trans_sid = 1

That was my answer. Now I know as long as that is enabled on a server, it will do it for me. This site uses that as far as I can tell. I logged in without cookies enabled and it appended it to the url.
Post Reply