PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
saumya wrote:Hey guys one more question, Do I still need to send the SID in the browser query string?
Well that depends... You will have to read more about sessions and how they work, that would be the best answer I could give you - seriously
Check out http://shiflett.org/articles
After some reading, you'll understand why I suggest you dont send the SID withing the query string - use cookies instead (user must have cookies enabled for that of course).
The user must supply the session id in some way, if it's not supplied with a cookie or in the query string, how will PHP know what session data belongs to this user?
I've never sent session ID to the server but it works completely fine...
Is PHP will treat single user as single child in its process?
So the session ID won't be exchanged with other user???
sessions by default are stored in a flatfiles located somewhere in your server, so in theory depending on your server's security and setup it is possible for people to read others sessions. I believe the search term you are looking for is session hijacking
chakhar86 wrote:I've never sent session ID to the server but it works completely fine...
Is PHP will treat single user as single child in its process?
So the session ID won't be exchanged with other user???
Sorry, I couldn't understand your question. Can you ask again please?