On Thu, Apr 25, 2002 at 06:59:21PM +0200, Harald Radi wrote:
> > On Thu, Apr 25, 2002 at 03:04:36PM +0200, Harald Radi wrote:
> > > sounds very useful, go ahead ;)
> > >
> > > would you mind extending it that
> > session_set_userdata(array("thies" =>
> > > "1", "harald" => "2", "knorp" => "100")) would be possible ?
> >
> > nope - that would make the url_scanner slower.
> > but you can always ancode as much data as you want into the
> > one userdata var.
>
> can you explain me why this affects the url_scanner ?
i'm a liar;-)
no, if architected smart it would make no real difference.
but - do we really want it? session-data belongs into the
session. this new function just allows you to identify
different browser-windows within the same session (if used
right). i really see no point in extending it -but- wait....
we could of course add a real API to the trans-sid module
that allows for
url_rewriter_add('bal' , 'hallo');
url_rewriter_add('SID' , session_id());
etc etc.. so you could run you session in hidden vars on the
page - and the security nightmare starts again (ppls will use
that to store stuff in hidden vars that _belong_ in the
sesseon).
on the other hand i think it might be useful to run the
session using a cookie and still be able to add things (like
comments?
tc
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
