I think I would rather do it using a new table than have to handle
sessions. It actually sounds harder to do it this way but I like hard. :)



On Mon, 30 Sep 2002, John W. Holmes wrote:

> > It would be possible to do this if I then created another table to
> load
> > their profile data to and use the unique id as the identifier. It
> would
> > make it alot harder for someone to guess an ID. I would then need a
> way to
> > flush out their records from the second table when they are finished.
> > Easily enough done using a logout script but who actually does this
> > anymore. It would be possible to create a script to run through cron
> to
> > delete records from that table that are more than say 30 minutes old.
> Yeah, that would be a good way to do it. Save a timestamp along with the
> unique identifier. Update the timestamp whenever the user does
> something. Then delete the unique identifier if the timestamp ever gets
> to be more than X minutes old (cron is best way for that). 
> What you are basically doing, though, is recreating sessions with the
> trans_sid enabled. PHP will go through your code for you and
> automatically add the session ID to all URLs and forms. You can turn off
> cookies in php.ini, too, so you have to use the URL method. Only setback
> is that PHP must be compiled a certain way (--enable_trans_id or
> something) for it to work.
> ---John Holmes... 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to