On Sat, 2007-02-24 at 17:48 -0800, benifactor wrote: > i would like your input on session vs cookies regarding login data like > usernames/passwords ect...
How are you differentiating sessions vs cookies? Sessions are often implemented USING cookies. If you mean sessions using a session ID in the URL, versus using cookies to save actual user info then you are already confused. Cookies should use the same mechanism as a URL session ID. That is to say, they should store a unique identifier that can be used to lookup the user's actual information. In this way the data that can be manipulated by the dark forces is limited to one value... namely the unique identifier. Cheers, Rob. -- .------------------------------------------------------------. | InterJinn Application Framework - http://www.interjinn.com | :------------------------------------------------------------: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `------------------------------------------------------------' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
