"Simon Woods" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi All, > > Sorry if I am asking a vfaq but I was unable to find anything in the > archives. > > I am using PHP4 with session handling to track users which have logged > in to my server. > > I would like to (non intrusively) check to see if a user is logged in > without having to start a new session. 95% of my users do not log in at > all and do not want to be fed with cookies for no apparent reason. I > wanted to avoid giving my visitors the impression that I am tracking > them as well. I posted session helper html sample at zend code exchange. I might want to use to detect cookie and javascript are enabled. You might want to use and modify code to show reason why you are using cookie. Search keyword with 'session' and look for session helper HTML. Or if you need session only for users logged in, you could write following code and put each pages you might want to use session for logged in users. // If you are only using session cookie // No auto start in php.ini. Check session value/format/referer also, if you need. if (!empty($HTTP_COOKIE_VARS['PHPSESSION'])) { session_start(); } to avoid sending cookie to users who are not logged in. (You must set session id when users are logged in) > I could check to see if the cookie PHPSESSION or what ever I called my > cookie has been returned by the browser, but I have no guarantee that > the session is still or at all valid. Checking to see if there are > corresponding session files or writing my own handler start to get over > complicated. I think all you need to do is checking session value format. HTML session is easily hijacked if session key is known to users anyway. Also, writing your own session handlers are not difficult. There are many session handlers for verious databases. How about look for one and modify? Regards, Yasuo Ohgaki > I hope that I have overlooked something. > > Thanks in advance, > > -- > Simon Woods > > Siemens Business Services > SBS EBS D CKS > Munich Germany 089 / 636 54347 > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
