SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    Web Genius
    Join Date
    Nov 2001
    Location
    Canada
    Posts
    708
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Why are some PHP sessions passed in the URL field?

    Why are some PHP sessions passed in the URL field? I'm curious why some scripts/programs pass the PHP session in the URL field?

    What is the purpose of doing this?
    Does it have any benefits of drawbacks?

    Thanks

  2. #2
    No. Phil.Roberts's Avatar
    Join Date
    May 2001
    Location
    Nottingham, UK
    Posts
    1,142
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP's native sessions does this automatically in the absense of cookies. Basically, if you disable cookies then it has to pass the id via the URL or there is no other way to maintain state between pages.

  3. #3
    Web Genius
    Join Date
    Nov 2001
    Location
    Canada
    Posts
    708
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I always thought cookies and sessions were different?
    So you're saying cookies and sessions are the same thing?

    I'm confused now.

    Are cookies and sessions actually the same thing - one being server side (session) and one being client side (cookie)? So the two of them work together to keep state between pages?

  4. #4
    SitePoint Member
    Join Date
    Mar 2002
    Posts
    23
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ramprage
    Are cookies and sessions actually the same thing - one being server side (session) and one being client side (cookie)? So the two of them work together to keep state between pages?
    Cookies and sessions are different things, but they do work together to maintain state between pages. If a user has cookies enabled, then PHP stores a cookie on the user's machine, with that user's session id. As I understand it, the cookie's name is the session name (default is 'PHPSESSID'), and the value is the session id (a unique long alphanumeric string).

    Then with every subsequent page view, PHP reads that cookie and matches that unique session ID to that user's session. If no cookie is present with a current session id, then PHP is forced to add the session name and id in the query string and pass it from page to page.

    However, I've noticed that sometimes the session info is added to the query string even if cookies are enabled. Usually this happens if you go to a page that already contains a query (page.php?x=y etc). Not sure why.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •