Re: [PHP] sessions and 'normal practice'
Well that must mean that they are using session_name() and session_id(). I really don't know why they are using that (considering it'll add unnecessary overhead of calling session_name(),session_id() twice). My guess is that they don't have a clue about the SID constant that automatically gets generated as "PHPSESSIONID=dsfgsdgsdfgsgsdfg" if the browser does not accept cookies and is empty otherwise. I bet they are a bunch of asp developers ;-) ed At 03:39 PM 5/29/2002 +0200, Nick Wilson wrote: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA1 > > >* and then Ed Gorski declared > > 1. This is done for users that don't use cookies. Believe it or not but > > there are people out there that are afraid of cookies and automatically > > turn them off. Without appending the sessionid to the end of the URL, > > sessions won't work for these people. Now how does your host append to > > the end of each URL? Do they do it manually in the code or do they use > > the SID? An easy way to test for this is to fire up a browser with > > cookies enabled and see if the sessionid gets appended to each url. If > > so tell them to use the SID constant. Let me know and I can help you > > further > >Thanks ed, I knew most of that. >My browser has cookies *on* and I see PHPSESSID=sdkfldsdslkj in the urls >and in my markup. > >Does that help? >- -- >Nick Wilson // www.tioka.com > > > >-BEGIN PGP SIGNATURE- >Version: GnuPG v1.0.6 (GNU/Linux) > >iD8DBQE89NoqHpvrrTa6L5oRAi49AJ4rv0/3lXIMvtT1WI4ZFbRrD/6YcgCeKE7T >hMyaCC/w6A/NClStvvb7Sww= >=93f9 >-END PGP SIGNATURE- > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions and 'normal practice'
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 * and then Ed Gorski declared > 1. This is done for users that don't use cookies. Believe it or not but > there are people out there that are afraid of cookies and automatically > turn them off. Without appending the sessionid to the end of the URL, > sessions won't work for these people. Now how does your host append to > the end of each URL? Do they do it manually in the code or do they use > the SID? An easy way to test for this is to fire up a browser with > cookies enabled and see if the sessionid gets appended to each url. If > so tell them to use the SID constant. Let me know and I can help you > further Thanks ed, I knew most of that. My browser has cookies *on* and I see PHPSESSID=sdkfldsdslkj in the urls and in my markup. Does that help? - -- Nick Wilson // www.tioka.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) iD8DBQE89NoqHpvrrTa6L5oRAi49AJ4rv0/3lXIMvtT1WI4ZFbRrD/6YcgCeKE7T hMyaCC/w6A/NClStvvb7Sww= =93f9 -END PGP SIGNATURE- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions and 'normal practice'
1. This is done for users that don't use cookies. Believe it or not but there are people out there that are afraid of cookies and automatically turn them off. Without appending the sessionid to the end of the URL, sessions won't work for these people. Now how does your host append to the end of each URL? Do they do it manually in the code or do they use the SID? An easy way to test for this is to fire up a browser with cookies enabled and see if the sessionid gets appended to each url. If so tell them to use the SID constant. Let me know and I can help you further ed At 03:27 PM 5/29/2002 +0200, Nick Wilson wrote: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA1 > >Hi all >I have 2 questions relating to how session id's are passed from page to >page: > >1: My host uses the 'append to url and hidden fields' method. I dislike >this as it makes my urls untidy and my pages won't validate. So, is it >considered normal practice to do it this way? > >2. I spent some time pouring over the manual and must be missing the >point somewhere ;-) How can I explain/use the alternative to the above >and if you believe I shouldn't, why? > > >Hope someone will be kind enough to put this in simple terms for me, I >just got a little lost in the manual and need a few facts before >confronting my host. > >Many thanks.. >- -- >Nick Wilson // www.tioka.com > > > >-BEGIN PGP SIGNATURE- >Version: GnuPG v1.0.6 (GNU/Linux) > >iD8DBQE89Nc7HpvrrTa6L5oRAt0KAJ9TfQv2a5j52D7VfCANZvRC6tfB5gCghqCU >SXuXMzllAOq0GY19UK4mE0g= >=EsWR >-END PGP SIGNATURE- > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php