On Fri, 2010-01-22 at 08:58 +1100, clanc...@cybec.com.au wrote:

> On Thu, 21 Jan 2010 08:54:44 -0500, tedd.sperl...@gmail.com (tedd) wrote:
> >At 12:15 PM +1100 1/21/10, clanc...@cybec.com.au wrote:
> >>On Wed, 20 Jan 2010 20:05:42 -0200, bsfaja...@gmail.com (Bruno Fajardo) 
> >>wrote:
> >>
> >>  >Well, I hope this information is helpful.
> >>
> >>Yes, thanks to everyone who contributed.  I now have a better 
> >>understanding of what
> >>cookies are, and have turned on output buffering, enabling me to put 
> >>the handler where I
> >>want, and still be able to debug it.
> >>
> >>Clancy
> >
> >One last thing.
> >
> >I use sessions for the storage of variables I need between pages, but 
> >I use cookies to leave data on the user's computer in case they come 
> >back to my site and want to pick up where they left off.
> >
> >Both operations store variables, but are for different purposes.
> Yes; I'm doing that too.  I am setting up a private website, and using 
> cookies to control
> access to it.
> Clancy

Don't use cookies, use sessions for this. Information stored in cookies
is susceptible to being read by pretty much anyone, hence the scare of
using cookies that people get. Cookies in themselves are not the
problem, but using them for anything you want to keep safe, like login
details, etc, is a bad idea. Generally, a session ID is stored in the
cookie, which gives nothing away to anyone trying to read it.


Reply via email to