Re: [PHP] Cookie or Session??
On Saturday 22 March 2003 11:38, Justin French wrote: > on 22/03/03 4:18 AM, Jason Wong ([EMAIL PROTECTED]) wrote: > > Bottom line is if your site requires to login you should make it > > mandatory that the user enables cookies on their browser. > > mandatory seems a little harsh... I haven't seen any bad side effects of > trans sid yet (granted, I haven't pushed it to the limits with javascript > or anything like that). > > why can't the OP rely on cookies where available, and trans sid where not, > and offer an advisory that cookies are a preferred, supported, advised way > to login, rather than mandatory? According to the OP, using cookies did not work for some people. Someone suggested using sessions, as I pointed out in my previous mail, sessions still rely on the browser accepting them (unless you use trans sid). In tests that we did quite a while ago (back in 4.0.6) we found that trans sid wasn't 100% reliable (fails in mid-session under some circumstances), this problem may have been fixed since so YMMV. My opinion is that it's a simpler and more direct approach to have a statement like "To login your browser must accept cookies" rather than "You can try to login without cookies, sometimes it may work, sometimes it may fail, sometimes you may get logged out for no apparent reason, in these cases please enable cookies on your browser" :) -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* /usr/news/gotcha */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookie or Session??
on 22/03/03 4:18 AM, Jason Wong ([EMAIL PROTECTED]) wrote: > Bottom line is if your site requires to login you should make it mandatory > that the user enables cookies on their browser. mandatory seems a little harsh... I haven't seen any bad side effects of trans sid yet (granted, I haven't pushed it to the limits with javascript or anything like that). why can't the OP rely on cookies where available, and trans sid where not, and offer an advisory that cookies are a preferred, supported, advised way to login, rather than mandatory? justin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookie or Session??
On Saturday 22 March 2003 00:18, Awlad Hussain wrote: > I think using session will solve the problem of some user having > difficulties in loign. Sessions still require that the browser accept a session cookie (temporary cookie that is not (or should not be) stored on disk). Some browsers allow you to set separate acceptance policies for session cookies and 'permanent'/regular cookies. Some do not. If the browser is set to reject all cookies then using sessions on it's own isn't going to solve your problem. You can use the trans_sid feature of php, but that may cause problems of it's own. Bottom line is if your site requires to login you should make it mandatory that the user enables cookies on their browser. -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* The adjective is the banana peel of the parts of speech. -- Clifton Fadiman */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookie or Session??
Thanks Mike, I think using session will solve the problem of some user having difficulties in loign. - Original Message - From: "Mike Brum" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, March 21, 2003 4:12 PM Subject: RE: [PHP] Cookie or Session?? > It really depends on what you want to do. > > Cookies are client-side information and thus you can run into issues where > clients don't allow cookies, have cookie-blocking apps or have outdated > software that doesn't support them (though the latter continues to become > less of an option as time passes). > > Sessions are server-side information that allows you a lot more control of > the information and allows better manipulation of it. PHP has really nice > session management and makes using them quite painless. The only downside > really is that it adds more load to your servers. > > If you have a machine that's not under insane load all the time, you might > want to give sessions a try. Once everything's configged properly (which > shouldn't be hard at all - and it might even be turned on already!), to get > a user to log in, all you'll need to do is perform the DB password > authentication and then pass the session information from script to script. > > Good luck. > > -Mike > > -Original Message- > From: Awlad Hussain [mailto:[EMAIL PROTECTED] > Sent: Friday, March 21, 2003 11:00 AM > To: [EMAIL PROTECTED] > Subject: [PHP] Cookie or Session?? > > > Managing user login > Whats the best option to use.. cookie?? or session?? > > Currently i am using cookies and sometime user complain they can't login, > > what would you suggest? > -awlad > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Cookie or Session??
It really depends on what you want to do. Cookies are client-side information and thus you can run into issues where clients don't allow cookies, have cookie-blocking apps or have outdated software that doesn't support them (though the latter continues to become less of an option as time passes). Sessions are server-side information that allows you a lot more control of the information and allows better manipulation of it. PHP has really nice session management and makes using them quite painless. The only downside really is that it adds more load to your servers. If you have a machine that's not under insane load all the time, you might want to give sessions a try. Once everything's configged properly (which shouldn't be hard at all - and it might even be turned on already!), to get a user to log in, all you'll need to do is perform the DB password authentication and then pass the session information from script to script. Good luck. -Mike -Original Message- From: Awlad Hussain [mailto:[EMAIL PROTECTED] Sent: Friday, March 21, 2003 11:00 AM To: [EMAIL PROTECTED] Subject: [PHP] Cookie or Session?? Managing user login Whats the best option to use.. cookie?? or session?? Currently i am using cookies and sometime user complain they can't login, what would you suggest? -awlad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Cookie or Session??
Managing user login Whats the best option to use.. cookie?? or session?? Currently i am using cookies and sometime user complain they can't login, what would you suggest? -awlad