At 09:03 PM 1/31/2002 -0400, Miles Thompson wrote:
>If you want persistence then use a cookie to
>- store the information
>- to provide a key for fetching data from a database
>or accept that if preservation of inter-invocation data is impt enough to
>require registration of users and a login if the client has cookies turned off.
>Sessions are supposed to be evanescent!
>(If someone else has responed, forgive me.)
hmmm, i think i stated this badly.
when a user logs in to my site, i load a bunch of stuff about them from a
database and put it in session variables. right now i have the session
expiration time set to a pretty large value.
they can come back later in the day and still have all their information
remembered, or they can hit the logout button to have their session destroyed.
i see what you're saying about using a cookie, but the session IS a
cookie! it just seems like it would be better to have just the one
cookie. especially as the contents of a session cookie are hard to guess
at. i'm not sure what sort of cookie i could give someone for persistent
login that isn't easily forged.
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]