You can save the SEssion id in a Cookie to make it available over
requests and over days too. If you use Sessions stored on DB, you can
get more security, when the SEssion Cookie is stored Encrypted. Other
Option is to send the Session id, most know as PHPSESSIONID, as GET
Ashley Sheridan schrieb:
On Tue, 2009-07-14 at 11:59 +0530, Girish Padia wrote:
I am facing two problem while developing my site in php.
1) I want to delete browser history whenever i migrate from one page to
another. so that user can never press "Back" button.
2) I have 20 users who have access to my site. Right now I am checking this
using cookies. I want to know which is better to track user login : Cookies
or Session ?
Please do reply.
You can't delete the users browser history, but what you can do is use
an entirely AJAX based website, so that there is no back/forward option.
However, this may be a little complex for you unless you have at least a
To understand which is betterm you need to understand how they work.
Cookies are persistent text files left on the users computer. They are
limited in the amount of data you can store in them, but they can store
information across physical browsing sessions. For example, you could
use them to remember a users preferred layout for your site, etc.
Sessions variables are all stored on your server, and generally last
only for the time that a visitor is on your site. They are referenced
automatically by PHP through a session ID, which is usually stored in a
cookie, but you can force it to be sent only in the URL if you wish.
The advantage that sessions have over cookies is the ability to store
more data, and as it is server-side, you can store things without
worrying too much about that data being accessed by someone other than
your user. Cookies have the advantage of persistence over time
(depending on how long you prefer to store them). You should not that
some users see cookies as invasive, and may have them turned off in the
browser. I'd say if you can do something server or client-side, you're
better off doing it where you have the greatest control, a la
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php