www.webdeveloper.com
Results 1 to 6 of 6

Thread: [RESOLVED] sessions w/o cookies

  1. #1
    Join Date
    Jan 2005
    Location
    Los Angeles, CA
    Posts
    4,887

    resolved [RESOLVED] sessions w/o cookies

    Why session cookies is not an option:
    Users will enter my PHP page and I want them to be able to reload the page as many times as they want and be given a new session nor do I want to lose users or receive complaints about cookies being enabled. If I were to use session cookies, the cookie wouldn't expire upon page reload and give the user a new session.

    The user enters my page via a GET request: filloutform.php and is given a unique session
    The user submits the form via a POST request: filloutform.php?step=2 the session from the first page is passed along
    The user submits that form via a POST request: filloutform.php?step=3 the session is passed along from the 2nd page that was passed from the first page which was generated when the user first entered the entry page.
    etc.

    Upon the entry of the system filloutform.php, I want PHP to generate a unique string for the user e.g. b6b6991099b90dfe8c76b474a5790842 store it in a variable $sessionid, log it into the database and use it twice within my form:
    Code:
    <form method="post" action="filloutform.php?step=2">
    ...
    <img src="imagegenerator.php?sessionid=<? echo $sessionid; ?>" alt="Confirmation Image">
    <input type="text" name="confirmationcode" value="">
    <input type="hidden" name="sessionid" value="<? echo $sessionid; ?>">
    ...
    </form>
    How would I generate a unique string for each user that enters the entry of the system and each time they reload the entry page it would generate a new string?

  2. #2
    Join Date
    May 2006
    Location
    the netherlands
    Posts
    454
    http://www.php.net/session
    if session.use_only_cookies is set to 0 PHP will automatically pass the session-id through the url instead of cookies, when cookies are not available

    p.s. i think trans-id also has te be enabled.
    anyways, you can find all the info at that page - including the risks of using the url
    Last edited by themarty; 07-21-2006 at 06:58 AM.
    Free Scripts (PHP, Javascript, MySQL), homemade in the Excudo Devshed
    Create your own personal Startpage for free

  3. #3
    Join Date
    Jan 2005
    Location
    Los Angeles, CA
    Posts
    4,887
    Thanks for the information themarty, not quite what I was looking for...
    I think the buzz word I was looking for here was a UUID (Universal Unique Identifier).
    Code:
    mysql_query("SELECT UUID()")
    The function uniqid also seems to do what I want.
    Code:
    md5(uniqid(rand(), true))

  4. #4
    Join Date
    May 2006
    Location
    the netherlands
    Posts
    454
    but why wouldn't you just let PHP handle it? with the settings i gave you, you won't have to worry about excluding people who have cookies disabled.
    involving mysql just generates extra overhead. .. unless you want to create your own session-handler using a database
    Free Scripts (PHP, Javascript, MySQL), homemade in the Excudo Devshed
    Create your own personal Startpage for free

  5. #5
    Join Date
    Jul 2006
    Posts
    73
    I think that's exactly what he wants to do. I don't see the reason for it however, you still have to keep track of who the user is somehow .

  6. #6
    Join Date
    May 2006
    Location
    the netherlands
    Posts
    454
    I don't see the reason for it however, you still have to keep track of who the user is somehow
    well, that's not too hard.
    when someone's trying to log in, you've already appointed a session-id to him, so once he has succesfully logged in you can record his user-id with his session-id
    Free Scripts (PHP, Javascript, MySQL), homemade in the Excudo Devshed
    Create your own personal Startpage for free

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles