Re: Cookies and session variables — PHP Programming Language

You are here: Re: Cookies and session variables « PHP Programming Language « IT news, forums, messages

Posted by Darko on 11/08/07 20:44

On Nov 8, 9:04 pm, damezumari <jannordgr...@gmail.com> wrote:
> To find out were session variables are stored I included this
> instruction in my program:
> echo ini_get("session.save_path");
>
> The reply was /home/7604/data/tmp which is a folder on my server.
>
> I look at /home/7604/data/tmp and it is full of session files for
> today.
>
> Even so, if I have cookies blocked for my sitehttp://easyquestion.net
> in IE6 or cookies turned off in Mozilla Firefox no session variabes
> are stored. I don't think it should be like this. I read somewhere
> that 'PHP sessions will work even if the user has cookies disabled."
>
> What am I doing wrong?
>
> Regards,
>
> Jan Nordgreen

Yap. That's all normal, just in case you wander. If cookies are
enabled, then
session id will be stored in the cookie, automatically sent on next
request to
to the server, and the PHP script will know which file to open for
reading the
values. However, if you reject cookies, then your browser will not
send anything
to the server and it won't be able to find out which session is yours.

If you don't want to rely on cookies, you can pass SID parameter
(containing what
session_id() returned) as URL argument, which will also be recognized
automatically
when session_start() is called. This, however, isn't recommended, due
to security
issues. Someone can see the ID, and if interested, can type if at his
home as SID
in the URL and automatically be logged in. This is not what you want,
so this technique
is generally avoided.

Your duty, as a programmer, is usually only to make sure cookies are
enabled and display
the page(s), or detect that the cookies are disabled, and warn the
user about this saying
"please turn on your cookies, this site is worth shit without
cookies" (no offense intended,
such is mine, too, and it's not a bad thing)

You can check if cookies are enabled by sending a cookie to the
client, and
checking if it still exists in his next request. It's the only way, to
my knowledge.

I hope this helped.

Navigation:

Next in forum: Re: Query Help
Prev in forum: Re: Strange date increment problem
Thread view: Re: Cookies and session variables

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация