----- Original Message -----
Cc: "php-general" <[EMAIL PROTECTED]>
Sent: Thursday, July 18, 2002 6:18 AM
Subject: Re: [PHP] Sessions: watertight?

> Thanks
> OK, I have checked my phpinfo(); and the  *session.use_trans_sid* = 1 ;
> *session.use_cookies =* On, so I'm not sure if I need to turn the
> cookies bit off, but I would think it not to be necessary. ; So, I can't
> see why the URL's aren't changed on my pages...

Was PHP compiled with --enable_trans_sid or whatever flag is it??

> Now, something to contemplate so long; say I DO get the URL bit right,
> what method does PHP use to determine which URL's to append? Would this
> method have a considerable overhead on performance? ( given that there
> could be alot of session usage on my domains).

Yeah, it would affect performance. Not sure how much. I imagine that's why
you actually have to set a compile time option to enable this.

>I'm rather interested in
> the workings of this URL "detection", as it basically means that PHP
> runs forward through all my pages to see where the session stops and and
> it's difficult for me to see how PHP can tell which pages have to do
> with which sessions.

PHP knows it has to deal with sessions when you call session_start() at the
beginning of the page.

>Arguably one can have two session "threads" that
> has some overlapping files, and my mind boggles as to how php can track
> the session vars, secially if the one session thread were to use the
> same session variable names ( which is surely possible right?)

No, session names are unique. That's the whole idea...I use your unique
session id to identify you each time you return to my pages.

---John Holmes...

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to