> This is an even more pronounced problem with sessions IDs in
> URLs, though. With cookie based session tracking, the second
> browser window will send the same cookie that the first browser
> window received.
>
And there lies the rub.
The user is using the system to process client A. The cookie contains
stateful information including the client ID.
They then open an new browser window, and lookup client B, recieving a
new session ID with new state information, including the client ID.
The user then submits the form to the server.
The server then recives the one and only cookie with a session ID in it.
But is it for Client A or Client B? 50-50 chance of updating the right
row. Not good.
With the session ID in the URL, once the new session ID is issued you
know which browser window, and hence data, the session is for and hence
update the correct row.
Of course if anyone knows how to make it work with cookied I'd love to
know.
Cheers Stuart
(Oh and telling the users 'Don't Do That' does not work either :^)
--
Cheers Stuart
-----------------------------------------------------------
New Zealand Revolution
[EMAIL PROTECTED]
+64 9 918 7663
