John, et al --
...and then John W. Holmes said...
%
% You can pass the session ID in a form, too. Just use POST, and make it a
% hidden element passed to the next page.
Yeah, I figured that.
%
% input type=hidden name=PHPSESSID value=?=$PHPSESSID?
%
% It's no different than passing it in
Justin, et al --
...and then Justin French said...
%
% on 07/10/02 11:32 AM, David T-G ([EMAIL PROTECTED]) wrote:
%
% It's a start; it confirms some of what I think I understand about
% sessions. Now if only I can get the session ID out of the URL without
% using any cookies... Any ideas,
on 07/10/02 7:18 PM, David T-G ([EMAIL PROTECTED]) wrote:
% re-write any relative URLs in your pages to include the session ID... it's
So I can code without having to put the ID on the URLs myself? So the
transparent-ness is for the programmer? Well, I do like that...
Yes.
% So, this
% The most common method is plain cookies. But if you want guaranteed
state,
Sure, but I know that cookies won't work, so that rules them out.
Won't work, or you don't want to use them?
% So, this rules out a complaint about complicated URLs, because you
don't
% have to type them.
I
Hi, all --
I've seen a recent flurry of discussion on sessions, and that's good;
lovely how that has shown up just as I need to dig into sessions. I
think I've come to understand, though, that you can't manage sessions
without either URL extensions or cookies, and that's bad (for me, at
least).
I think you're under a little misconception about how sessions are used.
Maintaining a session is simply just having a unique identifier for each
user, so that the server can recognise the user from page to page,
maintaining state.
Typically this is done by passing a session id around in he URL
Justin, et al --
...and then Justin French said...
%
% I think you're under a little misconception about how sessions are used.
Perhaps. I'm new to them :-)
% Maintaining a session is simply just having a unique identifier for each
% user, so that the server can recognise the user from page
General list
Cc: Justin French
Subject: Re: [PHP] sessions without cookies *or* URLs
Justin, et al --
...and then Justin French said...
%
% I think you're under a little misconception about how sessions are
used.
Perhaps. I'm new to them :-)
% Maintaining a session is simply just
on 07/10/02 11:32 AM, David T-G ([EMAIL PROTECTED]) wrote:
It's a start; it confirms some of what I think I understand about
sessions. Now if only I can get the session ID out of the URL without
using any cookies... Any ideas, anyone?
I Thought I made it clear, but I'll try again :)
You
Hi, thanks for all the replies on my two previous postings relating to
sessions and cookies.
I have set my mind on using sessions but without cookies, so that
entails passing the SID via relative URL's.
My problem comes in here, when I create a simple login page with a form
that send username
[EMAIL PROTECTED]
Subject: [PHP] Sessions without cookies : forms
Hi, thanks for all the replies on my two previous postings relating to
sessions and cookies.
I have set my mind on using sessions but without cookies, so that
entails passing the SID via relative URL's.
My problem comes
maintain state accross requests. This is done in 3 different ways.
1. Cookies
2. URL Mangling
3. HTTP Authentication
#4 Passing a SID/Session info in hidden fields, but it means
you must push every page move through a submit (which can be
done with Javascript, image buttons, etc),
We have a shopping cart product we're developing in PHP, and I've
recently come across I dilemma that I need to find a reliable solution
to.
Many of the people who will be shopping on our sites have cookies
disabled, which presents a problem when using sessions. Now, I am aware
of the fact that
Use standard HTTP authentication over SSL - that's the only other way.
On Tue, 14 May 2002, Matthew Walker wrote:
We have a shopping cart product we're developing in PHP, and I've
recently come across I dilemma that I need to find a reliable solution
to.
Many of the people who will be
On Tue, 14 May 2002, Matthew Walker wrote:
Many of the people who will be shopping on our sites have cookies
disabled, which presents a problem when using sessions. Now, I am aware
of the fact that we could append the SID constant to every URL, but this
will not work for us. None of our sites
Senior Software Engineer
ePliant Marketing
-Original Message-
From: Miguel Cruz [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 14, 2002 5:48 PM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] Sessions Without Cookies or SID Passing...
On Tue, 14 May 2002, Matthew Walker wrote:
Many
Lerdorf [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 14, 2002 5:42 PM
To: Matthew Walker
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] Sessions Without Cookies or SID Passing...
Use standard HTTP authentication over SSL - that's the only other way.
On Tue, 14 May 2002, Matthew Walker wrote:
We have
is, and other related information.
Matthew Walker
Senior Software Engineer
ePliant Marketing
-Original Message-
From: Rasmus Lerdorf [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 14, 2002 5:42 PM
To: Matthew Walker
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] Sessions Without Cookies
On Tue, 14 May 2002, Matthew Walker wrote:
The sites are not dynamic, but the shopping cart /is/. The problem is,
if people don't have cookies on, when they return to the site to order
more products, they loose the SID that has been appended to the links
inside the cart, and thus loose the
Walker
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] Sessions Without Cookies or SID Passing...
I am understanding the problem perfectly. HTTP is stateless. You want to
maintain state accross requests. This is done in 3 different ways.
1. Cookies
2. URL Mangling
3. HTTP Authentication
You said you
]
Subject: RE: [PHP] Sessions Without Cookies or SID Passing...
I am understanding the problem perfectly. HTTP is stateless. You want
to
maintain state accross requests. This is done in 3 different ways.
1. Cookies
2. URL Mangling
3. HTTP Authentication
You said you did not want to do 1 or 2
:[EMAIL PROTECTED]]
Sent: Wednesday, May 15, 2002 10:04 AM
To: Matthew Walker
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] Sessions Without Cookies or SID Passing...
I am understanding the problem perfectly. HTTP is stateless. You want to
maintain state accross requests. This is done in 3
Could you explain how this could be accomplished, because I'm not
understanding how to do it.
As I understand HTTP Authentication (correct me if I'm wrong), the
user's computer still has to send a 'username/password' pair to perform
the authentication. I can't see how this could be used to
: RE: [PHP] Sessions Without Cookies or SID Passing...
You're missing one method - using the user's IP address
It's not a guaranteed fool-proof method, but if you don't want to use
cookies or the URL, then this sorta works.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit
PROTECTED]]
Sent: Tuesday, May 14, 2002 5:30 PM
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] Sessions Without Cookies or SID Passing...
If it ain't foolproof then only a fool would use it ...
IP addresses are just about the worst way to identify anyone.
-Original Message-
From: Martin Towell
Engineer
ePliant Marketing
-Original Message-
From: Rasmus Lerdorf [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 14, 2002 6:26 PM
To: Matthew Walker
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] Sessions Without Cookies or SID Passing...
Could you explain how this could be accomplished, because
You're missing one method - using the user's IP address
It's not a guaranteed fool-proof method, but if you don't
want to use cookies or the URL, then this sorta works.
Unless there's a firewall using NAT or a proxy cache involved. I know
for a fact that our internal network only ever
Hi, can someone point me toward a tutorial that shows how to register info
(e.g. username, login status, and user preferences) and do this in a session
without using cookies... is this even possible?
thanks!
duirfire
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail:
You can use URL mode for PHP4 session if you want session w/o cookie.
How about read this link?
http://www.zend.com/zend/tut/session.php
--
Yasuo Ohgaki
"duirfire" [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi, can someone point me toward a tutorial that
How can you get something like:
header ("Location: $PHP_SELF?");
to redirect with the sessid in the url? In my tests, it redirects, but
does not append the sessid.
I have compiled with --enable-trans-sid. Transparent sid is working, I
can use it on links like:
A HREF="?php echo "$PHP_SELF?";
How can you get something like:
header ("Location: $PHP_SELF?");
to redirect with the sessid in the url? In my tests, it redirects, but
does not append the sessid.
I have compiled with --enable-trans-sid. Transparent sid is working, I
can use it on links like:
A HREF="?php echo
Would there be any point in using php sessions if you aren't using cookies?
You have to store login info anyway, why not just use a temp table to store
transaction info and write to the database at the end of a session? From
what I've read on sessions, you have to use cookies
thanks
--
PHP
if yours only storeing one or two variables in a db, dont mind writing
either functions to store all this in the db, or having 5-10 lines of code
per page to this then fine. But sessions are so simple...
?
session_start();
$test[] = '123';
$test[] = '456';
33 matches
Mail list logo
