Re: [PHP] Re: Opinion: PHP Sessions or Cookies

[Justin Patrin]

..sessions are easier IMHO

On Wed, 14 Jul 2004 16:40:33 +0100, Harlequin
[EMAIL PROTECTED] wrote:
 I am using PHP sessions for my site. Have done the numbers and have to agree
 that although cookies make life easier for the developer the whole reason
 for cookies is to make life easier for the browser.
 
 We have to accept that not all users can interrogate a cookie download and
 verify if the site is safe, so sessions it is :)
 
 --
 -
  Michael Mason
  Arras People
  www.arraspeople.co.uk
 -
 Ed Lazor [EMAIL PROTECTED] wrote in message
 news:[EMAIL PROTECTED]
  I'm using PHP sessions for user tracking.  My host provider's server is
  dropping session data.  He swears it's my scripts and says I should be
 using
  cookies for better security.  That goes completely opposite to my
  understanding, so I'd like to run it by you guys.  Which is more secure:
  PHP sessions or cookies?
 
 
 
  In case you're curious, more details on the specifics of the problem I'm
  experiencing:
 
 
 
  I have a prepend file that executes start_session.  The script assumes the
  user is a guest if $_SESSION[UserID] is not set.  All guests route to
 the
  login screen.  Successful authentication sets $_SESSION[UserID] and
 sends
  you to the original requested page.
 
 
 
  It seems fairly straight forward to me.  People are able to login and
 start
  using the site, but the login screen displays randomly after they've
 already
  authenticated successfully.
 
 
 
  It sounds like PHP session data is being lost on the server.  I've also
 seen
  error messages on web pages that report PHP / MySQL as having trouble
  reading from the temp directory.  Here's the extact message:  ERRORError
  writing file '/tmp/MYiYcf7q' (Errcode: 28).
 
 
 
  Anyway, those are the details.  I look forward to hearing what you think.
 
 
 
  -Ed
 
 
 
 
 
 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php
 
 
 !DSPAM:40f55213116972033915540!
 
 


-- 
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder

paperCrane --Justin Patrin--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: Opinion: PHP Sessions or Cookies

[Ed Lazor]

 -Original Message-
 have you tried storing your session data in a database? Storing session
 data
 in a database has some advances over the standard file based solution,
 mainly data security und comfort. For example, if you want to get the
 number
 of the active sessions just do a simple select count(*) from sessions.

I'm not storing sessions into the database right now, but I have before and
I'll probably do it again =)

-Ed

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Opinion: PHP Sessions or Cookies

[Torsten Roehr]

  -Original Message-
  have you tried storing your session data in a database? Storing session
  data
  in a database has some advances over the standard file based solution,
  mainly data security und comfort. For example, if you want to get the
  number
  of the active sessions just do a simple select count(*) from sessions.

 I'm not storing sessions into the database right now, but I have before
and
 I'll probably do it again =)

I'm doing it with the help of PEAR::DB and PEAR::HTTP_Session - really
simple! Are you interested in sample code?

Regards, Torsten

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php