Re: Sessions for users with cookies disabled

[Felix Geisendörfer]

Before I knew CakePHP I was working with my own set of libraries and I had one for sessions too which I called sessions on demand. I think the way it functioned would be nice to have inside CakePHP as well: 1. CakePHP tries to store the sessions via cookie by default 2. When one of these functions inside the SessionsComponent get's called: "write, del, delete, setFlash, flash, renew, destroy, ", CakePHP makes a decision: a) The current request already contains a session cookie -> go on as normal b) The current request does *not* contain a session cookie -> append the session as a parameter to all url's 3. As soon as a session_cookie is send CakePHP stops to append the session_id to urls. This way your url's stay pretty for users with Cookies, but also for users without cookies as long as they are doing nothing that requires a session. As soon as they log in the non-cookie users get the session_id as a parameter in their url's. Another benefit is that search engines will happily crawl your site, even so you got support for non-cookie sessions. Normally the session_id parameter is something they really don't like, but using sessions on demand they will not get a session_id as long as they are not trying to login somewhere (which is something search engines usally don't do ^^). I know that for people without cookie sessions we'd need to throw in some additional security to make sure they don't copy a link and send it to their friend. Any comments on this idea? PS: I already wrote such a SessionOnDemandComponent for CakePHP, but it doesn't append the session_id's yet. I stopped working on it because people convinced me to go with Cookies only, which is ok for my current project, but might not be for other ones. -------------------------- http://www.thinkingphp.org http://www.fg-webdesign.de [EMAIL PROTECTED] schrieb: I really want to allow users with cookies disabled to use my pages, is there some way/solution for cake to allow this? maybe via url-rewrite/hostname or attached query-string? best, Tobi --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---