Arrays, Sessions and Cookies - Oh My!
Moderator: General Moderators
Arrays, Sessions and Cookies - Oh My!
What happens if cookies are disabled while using sessions. Where is the SID stored? The URL? Do I have to manually append the SID to the url just in case cookies are turned off? How does this work?
-
vincenzobar
- Forum Commoner
- Posts: 95
- Joined: Wed Nov 02, 2005 9:57 am
as far as i know seesions are sepreate from cookies and are work arounds for cookies. Although Sessions only last the life of the open window. you can store info from sessions and cookies by parse the $_GET, $POST, $_HTTP.. , $SERVER variables to use in scripts for your pages.
like if user came from a HTTP_REFERER 'google' make serch engine check box 'google' = true on a form!
like if user came from a HTTP_REFERER 'google' make serch engine check box 'google' = true on a form!
-
Charles256
- DevNet Resident
- Posts: 1375
- Joined: Fri Sep 16, 2005 9:06 pm
-
Charles256
- DevNet Resident
- Posts: 1375
- Joined: Fri Sep 16, 2005 9:06 pm
Yes.. this is how I knew enough to say this...
How does the SID get passed along if Cookies are turned off. You said generally speaking, you don't want to appent the SID to every URL, but if you don't, how can you be sure it's going to be sent?
I guess I should have worded this better. Thanks... your response did help, but what I am wondering is this...No, I'm pretty sure Sessions use cookies, and if they can't use those, they use the url to send the SID...
How does the SID get passed along if Cookies are turned off. You said generally speaking, you don't want to appent the SID to every URL, but if you don't, how can you be sure it's going to be sent?
-
Charles256
- DevNet Resident
- Posts: 1375
- Joined: Fri Sep 16, 2005 9:06 pm
-
Charles256
- DevNet Resident
- Posts: 1375
- Joined: Fri Sep 16, 2005 9:06 pm
well.it seems antiquated but in theory i spose you could do the following..after they pass a log in muster you could do a query on every page checking to see if online="1" (to indicate online) where username="username" (username will have to be passed somehow or another, hidden fields? append to url? something.) and if so then show them logged in material. upon requesting logot change online to 0. seems kind of back water but I suppose that would work..
Alright... I figured it out. There is a setting in the php.ini file that will tell the browser to automatically append the SID to the URL if set to 1...
session.use_trans_sid = 1
That was my answer. Now I know as long as that is enabled on a server, it will do it for me. This site uses that as far as I can tell. I logged in without cookies enabled and it appended it to the url.
session.use_trans_sid = 1
That was my answer. Now I know as long as that is enabled on a server, it will do it for me. This site uses that as far as I can tell. I logged in without cookies enabled and it appended it to the url.