Results 1 to 1 of 1
Nov 30, 2002, 23:16 #1
- Join Date
- Nov 2002
- 0 Post(s)
- 0 Thread(s)
Cookie Detection (On|Off) in Browser?
Let me give you alittle more info why I need this(maybe there's a better way.)
I'm building a user management system that's going to use a session.class to handle user sessions through a database but the session $id still needs to be passed from page-to-page. Now I have Trans_ID truned off because search engines can't/won't traverse links with (?) in them so if cookies are off I have no way to carry the seesion id through the site. My solution is to the have a class which, upon detection of cookies being disabled, can then set-up a session_set_save_handler() to use an ID based on the users IP, browser and http_referrer strings to make a unique id for them. I know that ip based auth can be a problem for people behind proxies so I figure with the browser AND referrer strings as well as the fact it's only done this way with coookies being off should keep the possibility of transfered sessions to almost nonexistent (user would have to have the cookies off,the same IP(possible if behind a proxy) the same exact browser and version, and have come from the exact same page as another.... maybe something more can even be add to make it even more probable?).
Any ideas would be helpful. Hope this all makes sense.