Why session cookies is not an option:
Users will enter my PHP page and I want them to be able to reload the page as many times as they want and be given a new session nor do I want to lose users or receive complaints about cookies being enabled. If I were to use session cookies, the cookie wouldn't expire upon page reload and give the user a new session.
The user enters my page via a GET request: filloutform.php and is given a unique session
The user submits the form via a POST request: filloutform.php?step=2 the session from the first page is passed along
The user submits that form via a POST request: filloutform.php?step=3 the session is passed along from the 2nd page that was passed from the first page which was generated when the user first entered the entry page.
Upon the entry of the system filloutform.php, I want PHP to generate a unique string for the user e.g. b6b6991099b90dfe8c76b474a5790842 store it in a variable $sessionid, log it into the database and use it twice within my form:
but why wouldn't you just let PHP handle it? with the settings i gave you, you won't have to worry about excluding people who have cookies disabled.
involving mysql just generates extra overhead. .. unless you want to create your own session-handler using a database