Paul M Foster wrote:
This is in two parts. First cookies. I'm a little unclear on how they work. From what I've read, cookies are stored by the browser. When a request for that cookie comes in from the server, the browser returns only the value, and no other data. One question: When the browser requests a page from a server, does it automatically search its cookies for that domain and send them along with the other requests? If that's now how it works, then how does it work?
Yep (afaik).
Second part is about sessions. According to the notes for the cookies page at php.net, it's considered bad practice to store user IDs and passwords in cookies. It's considered better practice to use PHP's native session-handling code to do this. But if a user has cookies turned on in the browser, then PHP will store the session information (possibly user ID and password) as a cookie. So what's the difference?
When a page request comes in, the browser sends a cookie - but it's only the session id. No other info is stored in the cookie or browser.
PHP then looks for that session id in a specified location (session.save_path) and then loads that data from the server.
-- Postgresql & php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
