Re: [PHP] Session tracking question

[Todd Cary]

Wade -

I am very new with using PHP so I cannot submit my answer as "what most
use".  However, here is what I use:

I do not like to be dependent on Cookies.  For me, Cookies are a
convenience.  That is, I may store a UserID and if it is in a Cookie,
use the ID to put up a greeting or whatever.

Secondly, I am DB oriented, so I opt for DB solutions.  I create a
SessionID using the time() function.  This is stored in the DB with an
Expire time and it is the only value I pass from page to page (I use
POST for passing values).  On login, I do get the UserID and PW and if
they are OK, I then assign the Session ID.

I realize there are many additions to the above that can make it more
secure, but I am not dealing with sensitive data at this time.

Todd

--
Todd Cary
Ariste Software
[EMAIL PROTECTED]



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] Session tracking question

[Alexander Wagner]

Wade D wrote:
> what do most use, combination of cookies and GET?

IMHO the optimal solution are cookies with a fallback to GET.

In some situations, though, it may be better to drop cookies completely.

Wagner

-- 
One maniac alone can do what 20 together cannot

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] Session tracking question

[Wade D]

what do most use, combination of cookies and GET?


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]