Well, I have to have to it becuase my company is a credit report reseller. I can't image if someone can easily break in. :-) As long as I don't work for CIA or FBI then I'll be fine!
"Kondwani Spike Mkandawire" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Awesome Scott... That's some wicked code... > "Scott Fletcher" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Instead of Cookies, I use Sessions which is run on hte server side. So, I > > use the > > > > --snip-- > > $salt = strtoupper(md5(uniqid(rand()))); > > session_id($salt); > > session_start(); > > header("Location: > https://xxx.yyy.zzz/index.php?".SID."&init_login=TRUE"); > > --snip-- > > > > to create the identifer for an unique person. Then use the php script > that > > take care of the session management such as logging the user out when time > > is up as an example. Another script was used to prevent the direct access > > attempt. Another script was used to detect whether the server have the > > user's identifier in the server, if not exist then would force the web > > browser to the login page. > > > > As for the newbie, well, sometime they had to learn it from the pro. > > Although it would be nice if there is documentation somewhere. > > > > > > "Cord Schneider" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > "Phpcoder" <[EMAIL PROTECTED]> wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > I'm really battling with this whole session thing. > > > > My first impressions are that cookies are OK, and really helps to make > > > > sessions workable and efficient, YET, from a developers point of view, > I > > > [..snip..] > > > > Does anyone out there have a view/practise when it comes to > > > > session/cookies? - basically I am still not convinced that using > > > > sessions/cookies is a good idea, but I would love to be educated as to > > > > why I should... > > > > > > A number of people have offered their opinion why cookies are a bad > idea. > > As > > > a developer new to PHP, if cookies are such a big a big no-no, how does > > one > > > do effective session management without storing anything client-side?? > > Bear > > > in mind that the browser is stateless and, the user can disconnect and > > > reconnect in between fetching pages from your site. > > > > > > Regards, > > > Cord > > > > > > > > > > > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php