Instead of Cookies, I use Sessions which is run on hte server side.  So, I
use the

  $salt = strtoupper(md5(uniqid(rand())));
  header("Location: https://xxx.yyy.zzz/index.php?".SID."&init_login=TRUE";);

to create the identifer for an unique person.  Then use the php script that
take care of the session management such as logging the user out when time
is up as an example.  Another script was used to prevent the direct access
attempt.  Another script was used to detect whether the server have the
user's identifier in the server, if not exist then would force the web
browser to the login page.

As for the newbie, well, sometime they had to learn it from the pro.
Although it would be nice if there is documentation somewhere.

"Cord Schneider" <[EMAIL PROTECTED]> wrote in message
> "Phpcoder" <[EMAIL PROTECTED]> wrote in message
> > I'm really battling with this whole session thing.
> > My first impressions are that cookies are OK, and really helps to make
> > sessions workable and efficient, YET, from a developers point of view, I
> [..snip..]
> > Does anyone out there have a view/practise when it comes to
> > session/cookies? - basically I am still not convinced that using
> > sessions/cookies is a good idea, but I would love to be educated as to
> > why I should...
> A number of people have offered their opinion why cookies are a bad idea.
> a developer new to PHP, if cookies are such a big a big no-no, how does
> do effective session management without storing anything client-side??
> in mind that the browser is stateless and, the user can disconnect and
> reconnect in between fetching pages from your site.
> Regards,
> Cord

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to