|
|
Posted by Gordon Burditt on 11/14/05 21:29
>>>I know that when you start a session in PHP, the "cookie" it creates is
>>>not the same as those that are stored in your browser's temp folder, and
>>>instead is kept in RAM.
>>
>>
>> This is the distinction between a cookie that vanishes when the browser
>> closes and one that stays around in the browser for a specified time.
>>
>>
>>>I am confused because in every session tutorial
>>>I have ever read, the author invariably mentions the 2 main ways of
>>>propagating sessions - through cookies and appended to the URL. The
>>>author also almost always talks about the method being dependent on the
>>>user's preferences, for example whether he/she accepts cookies. I am so
>>
>>
>>>confused because I have tried setting my browser to reject all cookies,
>>
>>
>> Did you also *clean out* existing cookies?
>>
>> Gordon L. Burditt
>
>Gordon,
>
>Thanks for the reply. Yes, I've cleaned out all existing cookies and
>deleted all files and history just to start clean (even though I doubt
>the latter 2 have any bearing). I've also restarted apache numerous
>times and tried both IE and Firefox, all to no avail.
>
>This is from my php.ini file as viewed through phpinfo():
>session.use_cookies On On
>session.use_only_cookies On On
>session.use_trans_sid Off Off
>
>Now that I think about it, what good would clearing all existing cookies
>in the browser do?
If you tell the browser to reject all cookies, that may well tell it to
reject all *NEW* cookies, and to keep (and send) the ones it's already
got. If the session cookie is already in there, it stays in there.
So when you set the browser to reject all cookies *without* restarting
it, it keeps the session cookie.
>That clears the temp directory,
What temp directory? I'm not aware of a *browser* that keeps cookies
in a temp directory, especially not those that expire when the
browser closes (which are normally just kept in RAM while the browser
is running).
The directory PHP uses to store session files is on the *server*,
not the *client* (a relevant distinction even if they happen to
be on the same machine).
>where php's cookies
>aren't anyways... I have the default lifetime set as 0, which means they
>should die once the browser is closed right?
Are you sure you closed *ALL* the browser windows? On IE with Windows,
this might even require a reboot; I'm not sure.
>Given all the info I have provided, am I correct in assuming my sessions
>should *not* be working? Obviously I am missing something because they
>are in fact working exactly as they always have.
I don't think you've given sufficient information to conclude that.
>I should mention I am doing all this testing on my localhost. Does this
>have any bearing on it? I wouldn't think so but I thought it was worth
>mentioning anyways.
>
>As always, thanks for everyone's insightful help.
Gordon L. Burditt
Navigation:
[Reply to this message]
|