Sessions are the best thing to use, cookies are nice as a supplement. If you want your users to be able to "auto-login" cookies are just the thing to use, but apart from this cookies are not my favourite.
Another thing is that many browsers nowaydays have turned cookies all off.. I remember a friend of mine did a supportsystem where the loggin system was pure cookies... Man - did their staff get a lot of support from people who didnt manage to logg into the system... As mentioned - this were users with cookies turned off.... As the other users mentioned, the /tmp folder might be out of space, however your provider might also have some custom setup on that server which screws up the /tmp folder here and there. I know for a fact one large provider here in Norway who has this problem on one of their servers due to a heavy site which from time to time sucks up resources resulting in the /tmp folder getting messed up. If you still havnt solved your problem, get your provider to move you to another of his servers (physically!), or change provider. You shouldnt be having theese problems. -- -- Kim Steinhaug ------------------------------------------------------------------------- There are 10 types of people when it comes to binary numbers: those who understand them, and those who don't. ------------------------------------------------------------------------- www.steinhaug.com - www.easywebshop.no - www.easycms.no www.webkitpro.com ------------------------------------------------------------------------- "Ed Lazor" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > I'm using PHP sessions for user tracking. My host provider's server is > dropping session data. He swears it's my scripts and says I should be using > cookies for better security. That goes completely opposite to my > understanding, so I'd like to run it by you guys. Which is more secure: > PHP sessions or cookies? > > > > In case you're curious, more details on the specifics of the problem I'm > experiencing: > > > > I have a prepend file that executes start_session. The script assumes the > user is a guest if $_SESSION["UserID"] is not set. All guests route to the > login screen. Successful authentication sets $_SESSION["UserID"] and sends > you to the original requested page. > > > > It seems fairly straight forward to me. People are able to login and start > using the site, but the login screen displays randomly after they've already > authenticated successfully. > > > > It sounds like PHP session data is being lost on the server. I've also seen > error messages on web pages that report PHP / MySQL as having trouble > reading from the temp directory. Here's the extact message: ERRORError > writing file '/tmp/MYiYcf7q' (Errcode: 28). > > > > Anyway, those are the details. I look forward to hearing what you think. > > > > -Ed > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
