SitePoint Sponsor |
|
User Tag List
Results 1 to 5 of 5
Thread: Session Management and PHP 4
-
Oct 24, 2000, 07:09 #1
- Join Date
- Oct 1999
- Location
- Dublin, Ireland
- Posts
- 1,125
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
For those that are quite familiar with PHP, maybe you can give me concrete advise on this.
If I wanted to use sessions to store a particular ID for each login, but only for the period of time the person stayed logged in, would I be better off using session management to store the ID in a mySQL db or a file of some sort?
Also, are there any advantages to using one over the other?
thanks,
-
Oct 24, 2000, 13:05 #2
- Join Date
- Aug 2000
- Location
- Land of the long white cloud
- Posts
- 556
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
The problem with a file is it could be easily intercepted, if you are on a shared server (and that could obviously be bad)
If you are on a shared server i would go with a db, if you are on your own server store a file in a non-web directory and hope that no-one hacks you.
NB: If you are a bank or something disregard my comments.SiteOptions >> Services :: Products :: Contact
Developers of PHP, C++, Visual Basic, MySQL, and more!
-
Oct 24, 2000, 18:18 #3
- Join Date
- Aug 2000
- Location
- Silicon Valley
- Posts
- 2,241
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I am not sure why you need additional storage methods when using session management?
Since with session management in php, it will monitor the visitor moving from one to another page, so if you call session_start() at the beginning, those registered vars will be available to access/check for authorization
I believe the session management itself has several methods to store the session info. (cookie, session id, temp db, or temp text file)
- Son Nguyen
AdSpeed.com - Ad Serving and Ad Management Made Easy
-
Oct 24, 2000, 18:54 #4
- Join Date
- Oct 2000
- Location
- Austin, TX
- Posts
- 1,438
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
The session id isn't a method of storing the session by itself, it's just passed on the url when you're not using cookies, and then used to store the session in the right text file or database.
-
Oct 24, 2000, 19:32 #5
- Join Date
- Aug 2000
- Location
- Silicon Valley
- Posts
- 2,241
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
If the server supports transparent sessionID, you don't need to pass it with the URL
Check out phpinfo() for details of that feature- Son Nguyen
AdSpeed.com - Ad Serving and Ad Management Made Easy
Bookmarks