On Fri, 24 May 2002, Alex Shi wrote: > I have created several web sites using php. In all these sites > session id is passed via cookie. However I noticed that some > times it was passed by url. I am thinking that to pass session > id by url will be safer than by cookie.
You are thinking incorrectly; there's no particular difference. It's prettier by cookie, but doesn't work for everyone, so it's easiest to just use the built-in transparent session ID functionality as described in the manual. Most people get cookies, and those for whom that doesn't work get GET args. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php