-- I don't want to use cookies. I want to use session. When I use this code. It stores data on the harddrive. -- When you use Sessions, the data you put in the session is NOT stored on the users hard drive in a cookie. Only the Session ID is stored there. All of the other information you store in the session (say their userid, name, prefernces, security level, etc) is stored on the SERVER. The session ID stored in the cookie only serves as a pointer to the data stored on your server. The alternative to allowing PHP to store the users session id in a cookie is to have php re-write all of the urls on your page to include their session id. Generally this is not the preferred solution for several reasons: 1. URLs look a lot messier eg: a) without cookies http://forum.example.com/index.php?sid=a568a4c022a2f8491323c5f3ef5888d8 b) with cookies http://forum.edonkey.com/index.php 2. Users may accidentally give away their session id, and possibly open the door to session hijacking. 3. Users bookmark pages with stale session ids So, in summary. Using sessions only stores the session id on the users hard drive. The rest of the data stored in the session is saved on the server. paul -- Paul Reinheimer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
