Sessions themselves use cookies, though, right? So, if you want your app to work for those who don't have cookies, you have to pass the session data in the url string, at least that's my understanding.
Peter Janett New Media One Web Services ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ New Upgrades Are Now Live!!! Windows 2000 accounts - Cold Fusion 5.0 and Imail 7.1 Sun Solaris (UNIX) accounts - PHP 4.1.2, mod_perl/1.25, Stronghold/3.0 (Apache/1.3.22), MySQL 3.23.43 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ PostgreSQL coming soon! http://www.newmediaone.net [EMAIL PROTECTED] (303)828-9882 ----- Original Message ----- From: "Daevid Vincent" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; "'Cesar Aracena'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Friday, January 17, 2003 6:32 PM Subject: RE: [PHP] Sessions or Cookies? > Agreed. Sessions are much more secure and convienient to use too. Since > it's not reliant on the client to have cookies enabled, that's another > benefit. Plus it's MUCH harder for a client to spoof/alter a session > variable if you use the $_SESSION['myvar'] > > > -----Original Message----- > > From: Chris Shiflett [mailto:[EMAIL PROTECTED]] > > Sent: Friday, January 17, 2003 9:29 AM > > To: Cesar Aracena; [EMAIL PROTECTED] > > Subject: Re: [PHP] Sessions or Cookies? > > > > > > --- Cesar Aracena <[EMAIL PROTECTED]> wrote: > > > Should I use the no-so-secure old cookies method > > > or should I start a new session every time a client > > > drops in and handle each cart by session name or ID? > > > > My advice is to only use cookies to identify a Web client. > > Any data you want to associate with that Web client (user > > data, for example) should be stored on the server - > > database, session store, etc. > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
