At 02:42 15.11.2002, Sascha Cunz said:
[snip]
>This sounds like a pretty good idea to work around that problem :-)
>
>Does this system work, if the user decides to split "one session" accross
>multiple "Browser-Windows", i.e. the uses the "Open in new window
Hi Jochen,
> How can I process $_SESSION variables if the user disables cookies
> and session.use_trans_sid = 0 ?
You could use a combination of outputbuffering and a self-written
session-handler.
So you could build a trans_sid-alike system, that would do more checks (i.e.
compare IP-Addresses)
> Simply put - you can't.
>
> You need a way to transmit the session identifier, and AFAIK there's
> nothing except either cookies or SID.
>
> Using SID for security relevant issues presents a problem - users can send
> links with a SID to friends by mail or else, so this is not really a secure
> s
At 02:18 15.11.2002, Jochen Kächelin said:
[snip]
>How can I process $_SESSION variables if the user disables cookies
>and session.use_trans_sid = 0 ?
[snip]
Simply put - you can't.
You need a way to transmit the ses
I made a test with the Phoenix-Browser and ENABLE COOKIES = OFF in
the Privacy configuration of the browser.
my index.php:
index2.php\n";
?>
my index2.php:
My php.ini:
session.use_trans_sid = 0
on index2.php there's no result -> $_SESSION["test"] is not set.
when I enable
session.use_tr
5 matches
Mail list logo
