Re: Why cookie is created?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



 --
 I don't want to use cookies.
 I want to use session. When I use this code. It stores data on the harddrive.
 --
 
 When you use Sessions, the data you put in the session is NOT stored
 on the users hard drive in a cookie. Only the Session ID is stored
 there. All of the other information you store in the session (say
 their userid, name, prefernces, security level, etc) is stored on the
 SERVER. The session ID stored in the cookie only serves as a pointer
 to the data stored on your server.
 
 The alternative to allowing PHP to store the users session id in a
 cookie is to have php re-write all of the urls on your page to include
 their session id. Generally this is not the preferred solution for
 several reasons:
 1. URLs look a lot messier eg:
 a) without cookies
 http://forum.example.com/index.php?sid=a568a4c022a2f8491323c5f3ef5888d8
 b) with cookies
 http://forum.edonkey.com/index.php
 2. Users may accidentally give away their session id, and possibly
 open the door to session hijacking.
 3. Users bookmark pages with stale session ids
 
 So, in summary. Using sessions only stores the session id on the users
 hard drive. The rest of the data stored in the session is saved on the
 server.
 
 paul
 
 --
 Paul Reinheimer

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux