I had thought about this idea to storage the session information in a database. However, what's happening if a user just closes the browser without logout from the application or if the browser crashes. The session will be in the database and the user is gone. How to track this? Thanks. Andre -- Andre Matos andre.matos@xxxxxxxxxxxx -----Original Message----- From: Bastien Koert [mailto:bastien_k@xxxxxxxxxxx] Sent: Friday, October 22, 2004 1:22 PM To: andre.matos@xxxxxxxxxxxx; h.dudeness@xxxxxxxxx Cc: php-db@xxxxxxxxxxxxx Subject: RE: How to send a SID in a security way What about writing a function that will store some of those required variables into a db. Then on the second site, open a link to the first db and query for those values that you need? bastien >From: "Andre Matos" <andre.matos@xxxxxxxxxxxx> >To: "'Matt M.'" <h.dudeness@xxxxxxxxx> >CC: <php-db@xxxxxxxxxxxxx> >Subject: RE: How to send a SID in a security way >Date: Fri, 22 Oct 2004 12:59:00 -0400 > >Hi Matt, > >I am trying to solve my problem to have one browser accessing two different >applications (each one in a different window) where each application has >its >own and unique sessionID. I really don't want to use cookie because I will >need that the user enable the option "accept cookies" in the browser. > >However, I am afraid to pass the sessionID on the URL because someone can >cat it. > >I am using currently using SSL. > >Can you see any solution for my problem? > >Thanks. > >-- >Andre Matos >andre.matos@xxxxxxxxxxxx > >-----Original Message----- >From: Matt M. [mailto:h.dudeness@xxxxxxxxx] >Sent: Friday, October 22, 2004 12:35 PM >To: Andre Matos >Cc: php-db@xxxxxxxxxxxxx >Subject: Re: How to send a SID in a security way > > > How can I send a SID (SessionID) in a security way from one page to >another? > > Is it "security" to do this? > >not sure what exactly you want. You could just use cookies, dont >allow it to be in form fields or query strings. > >you could use ssl. > >-- >PHP Database Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php > >-- >PHP Database Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
