Except that sessions rely on data being passed to and from the client, usually in a cookie. You can do it yourself by passinf the SID manually or using trans sid, but cookies are the normal way to keep the session working.
On Wed, 14 Jul 2004 00:10:17 -0700, Dennis Seavers <[EMAIL PROTECTED]> wrote: > Just as folks can turn off JavaScript, they can reject cookies. Sessions > have some advantages over cookies. > > > [Original Message] > > From: Ed Lazor <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Date: 07/13/2004 2:47:31 PM > > Subject: [PHP] Opinion: PHP Sessions or Cookies > > > > I'm using PHP sessions for user tracking. My host provider's server is > > dropping session data. He swears it's my scripts and says I should be > using > > cookies for better security. That goes completely opposite to my > > understanding, so I'd like to run it by you guys. Which is more secure: > > PHP sessions or cookies? > > > > > > > > In case you're curious, more details on the specifics of the problem I'm > > experiencing: > > > > > > > > I have a prepend file that executes start_session. The script assumes the > > user is a guest if $_SESSION["UserID"] is not set. All guests route to > the > > login screen. Successful authentication sets $_SESSION["UserID"] and > sends > > you to the original requested page. > > > > > > > > It seems fairly straight forward to me. People are able to login and > start > > using the site, but the login screen displays randomly after they've > already > > authenticated successfully. > > > > > > > > It sounds like PHP session data is being lost on the server. I've also > seen > > error messages on web pages that report PHP / MySQL as having trouble > > reading from the temp directory. Here's the extact message: ERRORError > > writing file '/tmp/MYiYcf7q' (Errcode: 28). > > > > > > > > Anyway, those are the details. I look forward to hearing what you think. > > > > > > > > -Ed > > > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > !DSPAM:40f4db01325541434715910! > > -- DB_DataObject_FormBuilder - The database at your fingertips http://pear.php.net/package/DB_DataObject_FormBuilder paperCrane --Justin Patrin-- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
