Kim Johnson schreef: > Thanks to all three of you for the responses :) > > To explain a bit more about the extent of how I use > the sessions, the majority of why I use them is to > restrict access to certain areas. I have varying > levels of permissions on each user account, and do the > usual "check if they are logged in on each page" > scenario. In addition I allow selecting a "permanent" > skin choice, which I put into a session variable that > expires a zillion years in the future. There are a few > other optional flags that I need to know about on each > page, per user/session, for similar skin-type reasons > -- things that they have chosen not to see, how to see > it, etc. > > I've also sometimes passed an object as a session > variable because I didn't want to have to deal with > the $_POST array, but that could very well be a > terrible coding choice. > > Given those exact things, do you three (or anyone > else) have an opinion on which would be better in php > or jquery? The auth, at least, will need to be almost > everywhere. > > the logged in variable is best stored in a session variable, the same with level of permission. It's also good practice to not only identify the user by sessionid. Sessionid's can be hijacked.
the permanent skin data is best stored in a non expiring cookie. If you put it in a session and you have a lot of users you are going to have a large sessioncookie directory because of the permanent sessioncookie. If there are a lot of flags put them in a database or alternatively you can put them in a per user json file. Putting post data in a session isn't a good choice because cookies and sessioncookies have a limited file size. If you want to use $_POST i suggest you write a function for it and use global variables for them, $postFormnameInputname could be a way to identify them. Post data shouldn't live longer than needed for database manipulation or form redirecting if an error has occurred. You could also create a second cookie to hold the form data but i've never done that. -- David Duymelinck ________________ [EMAIL PROTECTED] _______________________________________________ jQuery mailing list [email protected] http://jquery.com/discuss/
