RE: [PHP] Sessions Without Cookies or SID Passing...

maintain state accross requests. This is done in 3 different ways. 1. Cookies 2. URL Mangling 3. HTTP Authentication #4 Passing a SID/Session info in hidden fields, but it means you must push every page move through a submit (which can be done with Javascript, image buttons, etc),

Re: [PHP] Sessions Without Cookies or SID Passing...

Use standard HTTP authentication over SSL - that's the only other way. On Tue, 14 May 2002, Matthew Walker wrote: We have a shopping cart product we're developing in PHP, and I've recently come across I dilemma that I need to find a reliable solution to. Many of the people who will be

Re: [PHP] Sessions Without Cookies or SID Passing...

On Tue, 14 May 2002, Matthew Walker wrote: Many of the people who will be shopping on our sites have cookies disabled, which presents a problem when using sessions. Now, I am aware of the fact that we could append the SID constant to every URL, but this will not work for us. None of our sites

RE: [PHP] Sessions Without Cookies or SID Passing...

Senior Software Engineer ePliant Marketing -Original Message- From: Miguel Cruz [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 14, 2002 5:48 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] Sessions Without Cookies or SID Passing... On Tue, 14 May 2002, Matthew Walker wrote: Many

RE: [PHP] Sessions Without Cookies or SID Passing...

Lerdorf [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 14, 2002 5:42 PM To: Matthew Walker Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Sessions Without Cookies or SID Passing... Use standard HTTP authentication over SSL - that's the only other way. On Tue, 14 May 2002, Matthew Walker wrote: We have

RE: [PHP] Sessions Without Cookies or SID Passing...

is, and other related information. Matthew Walker Senior Software Engineer ePliant Marketing -Original Message- From: Rasmus Lerdorf [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 14, 2002 5:42 PM To: Matthew Walker Cc: [EMAIL PROTECTED] Subject: Re: [PHP] Sessions Without Cookies

RE: [PHP] Sessions Without Cookies or SID Passing...

On Tue, 14 May 2002, Matthew Walker wrote: The sites are not dynamic, but the shopping cart /is/. The problem is, if people don't have cookies on, when they return to the site to order more products, they loose the SID that has been appended to the links inside the cart, and thus loose the

RE: [PHP] Sessions Without Cookies or SID Passing...

Walker Cc: [EMAIL PROTECTED] Subject: RE: [PHP] Sessions Without Cookies or SID Passing... I am understanding the problem perfectly. HTTP is stateless. You want to maintain state accross requests. This is done in 3 different ways. 1. Cookies 2. URL Mangling 3. HTTP Authentication You said you

RE: [PHP] Sessions Without Cookies or SID Passing...

] Subject: RE: [PHP] Sessions Without Cookies or SID Passing... I am understanding the problem perfectly. HTTP is stateless. You want to maintain state accross requests. This is done in 3 different ways. 1. Cookies 2. URL Mangling 3. HTTP Authentication You said you did not want to do 1 or 2

RE: [PHP] Sessions Without Cookies or SID Passing...

:[EMAIL PROTECTED]] Sent: Wednesday, May 15, 2002 10:04 AM To: Matthew Walker Cc: [EMAIL PROTECTED] Subject: RE: [PHP] Sessions Without Cookies or SID Passing... I am understanding the problem perfectly. HTTP is stateless. You want to maintain state accross requests. This is done in 3

RE: [PHP] Sessions Without Cookies or SID Passing...

Could you explain how this could be accomplished, because I'm not understanding how to do it. As I understand HTTP Authentication (correct me if I'm wrong), the user's computer still has to send a 'username/password' pair to perform the authentication. I can't see how this could be used to

RE: [PHP] Sessions Without Cookies or SID Passing...

: RE: [PHP] Sessions Without Cookies or SID Passing... You're missing one method - using the user's IP address It's not a guaranteed fool-proof method, but if you don't want to use cookies or the URL, then this sorta works. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit

RE: [PHP] Sessions Without Cookies or SID Passing...

PROTECTED]] Sent: Tuesday, May 14, 2002 5:30 PM Cc: [EMAIL PROTECTED] Subject: RE: [PHP] Sessions Without Cookies or SID Passing... If it ain't foolproof then only a fool would use it ... IP addresses are just about the worst way to identify anyone. -Original Message- From: Martin Towell

RE: [PHP] Sessions Without Cookies or SID Passing...

Engineer ePliant Marketing -Original Message- From: Rasmus Lerdorf [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 14, 2002 6:26 PM To: Matthew Walker Cc: [EMAIL PROTECTED] Subject: RE: [PHP] Sessions Without Cookies or SID Passing... Could you explain how this could be accomplished, because

RE: [PHP] Sessions Without Cookies or SID Passing...

You're missing one method - using the user's IP address It's not a guaranteed fool-proof method, but if you don't want to use cookies or the URL, then this sorta works. Unless there's a firewall using NAT or a proxy cache involved. I know for a fact that our internal network only ever