--- Diana Castillo <[EMAIL PROTECTED]> wrote: > If you store session variables , but the user has session cookies > disabled, is there any way to recuperate those session variables?
Cookies come in two types: session cookies and persistent cookies. Session cookies have no set expiration date, so they expire as soon as the browser session ends. Persistent cookies don't expire until the date indicated, and this often involves persisting them in a file (cookies.txt, for example). So, I think you just mean to ask how to make sessions work when the user has disabled cookies. Cookies are only used to propagate the session identifier, so you don't lose session data. At worst, you would just be unable to identify the user on the next request. PHP handles this last potential problem for you with the session.use_trans_sid php.ini directive. This will rewrite your URLs (in links and such) to include the session identifier, and PHP will automatically check both for the bookie and the URL variable. So, you will probably not need to do anything special. Hope that helps. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security Handbook Coming mid-2004 HTTP Developer's Handbook http://httphandbook.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
