..sessions are easier IMHO
On Wed, 14 Jul 2004 16:40:33 +0100, Harlequin
[EMAIL PROTECTED] wrote:
I am using PHP sessions for my site. Have done the numbers and have to agree
that although cookies make life easier for the developer the whole reason
for cookies is to make life easier for the browser.
We have to accept that not all users can interrogate a cookie download and
verify if the site is safe, so sessions it is :)
--
-
Michael Mason
Arras People
www.arraspeople.co.uk
-
Ed Lazor [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I'm using PHP sessions for user tracking. My host provider's server is
dropping session data. He swears it's my scripts and says I should be
using
cookies for better security. That goes completely opposite to my
understanding, so I'd like to run it by you guys. Which is more secure:
PHP sessions or cookies?
In case you're curious, more details on the specifics of the problem I'm
experiencing:
I have a prepend file that executes start_session. The script assumes the
user is a guest if $_SESSION[UserID] is not set. All guests route to
the
login screen. Successful authentication sets $_SESSION[UserID] and
sends
you to the original requested page.
It seems fairly straight forward to me. People are able to login and
start
using the site, but the login screen displays randomly after they've
already
authenticated successfully.
It sounds like PHP session data is being lost on the server. I've also
seen
error messages on web pages that report PHP / MySQL as having trouble
reading from the temp directory. Here's the extact message: ERRORError
writing file '/tmp/MYiYcf7q' (Errcode: 28).
Anyway, those are the details. I look forward to hearing what you think.
-Ed
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
!DSPAM:40f55213116972033915540!
--
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder
paperCrane --Justin Patrin--
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php