Jump to content

Archived

This topic is now archived and is closed to further replies.

mmosel

Q about Sessions and URL variables

Recommended Posts

Ok, my site uses sessions. When I'm logged in, my site's sessions remember me as logged in. I can leave the site altogether and go somewhere else, come back, and it shows that I'm still logged in. This is great - this is how I would expect it to behave. So, why would I want or need to place my user's SID in the URL? I don't see the need for it. Please enlighten me!

Share this post


Link to post
Share on other sites
It's simple, the session ID can be stored in a cookie file or passed through the URLs.

Placing the SID in URLs will ensure that sessions will work if your visitor disabled cookies.

Share this post


Link to post
Share on other sites
[!--quoteo(post=365760:date=Apr 17 2006, 06:46 PM:name=poirot)--][div class=\'quotetop\']QUOTE(poirot @ Apr 17 2006, 06:46 PM) [snapback]365760[/snapback][/div][div class=\'quotemain\'][!--quotec--]
It's simple, the session ID can be stored in a cookie file or passed through the URLs.

Placing the SID in URLs will ensure that sessions will work if your visitor disabled cookies.
[/quote]

I thought session information was stored server side?

Share this post


Link to post
Share on other sites
Yes it is, but the client should have the session ID.

Share this post


Link to post
Share on other sites
[!--quoteo(post=365805:date=Apr 17 2006, 08:20 PM:name=poirot)--][div class=\'quotetop\']QUOTE(poirot @ Apr 17 2006, 08:20 PM) [snapback]365805[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Yes it is, but the client should have the session ID.
[/quote]

Ok, gotcha. The thing I don't like about passing the SID in the url is that it can then be more easily passed around. For securing content, such as downloads, this kinda sucks.

I think that I'll require cookies for my site - but only cookies that expire at the end of the session.
I hope that doesn't turn off too many users!

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.