[FX.php List] Re: Storing session variables

Andrew Denman adenman at tmea.org
Wed Jan 3 12:44:29 MST 2007 

According to the PHP docs: http://us3.php.net/manual/en/ref.session.php
 
The default method of handling sessions is through files on the server.  The
php.ini file setting "session.save_path" determines where these files are
stored.  These files contain all of the session data (encrypted) and are
named with the user's session ID.  The cookie on a user's computer only
holds the session ID.
 
For PHP to associate a user's session data with them it needs the session
ID, so the answer to Kevin's original question is yes.  You can configure
PHP to pass the session ID through the URL, but there are security concerns
(as mentioned on the PHP docs page above).
 
Andrew Denman


  _____  

From: fx.php_list-bounces at mail.iviking.org
[mailto:fx.php_list-bounces at mail.iviking.org] On Behalf Of Bob Patin
Sent: Wednesday, January 03, 2007 11:59 AM
To: Kevin Becker
Cc: FX.php Discussion List
Subject: [FX.php List] Re: Storing session variables
 
Hi Kevin,
 
>From what I can tell, the cookie stores whatever session data is stored, but
I'm not sure... I don't think any session variable data is stored
server-side though, but this would be a great question for Chris Hansen (who
wrote FX.php); I'll CC this to the list as well.
 
So how about it, list? I see that anytime I use a session variable for a
site, a cookie is stored to that domain name. Does all the session variable
data get crammed into that cookie, or is it actually server-side somehow?
 
Inquiring minds want to know,
 
Bob Patin
Longterm Solutions
bob at longtermsolutions.com
615-333-6858
http://www.longtermsolutions.com
 
CONTACT US VIA INSTANT MESSAGING:
AIM or iChat: longterm1954
Yahoo: longterm_solutions
MSN: tech at longtermsolutions.com
ICQ: 159333060
 
 
 
On Jan 3, 2007, at 8:08 AM, Kevin Becker wrote:



Hi Bob,
 
Hey, I see that session cookie now. I learn something new everyday. It
looks like it only stores the session ID for my sites, but the rest of the
data I'm storing is server side. So it would still be a problem for you
if that initial cookie can't be stored. 
 
Kevin Becker
FileMaker & Web Developer
740-389-4798 ext 250
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.iviking.org/pipermail/fx.php_list/attachments/20070103/62c1deec/attachment.html

More information about the FX.php_List mailing list