This will store a cookie with a userid and an unique number ($token) as
session-id (??).
If I'm not mistaken, this session-id is not checked here. Thus serves no
purose. Anybody who retrieve the cookie from the cookie file on the system
can use it to resume the session (if done within the set 3600sec.). Even if
the browser has been closed.
In case of login/password required sites, I use the login and password as
cookie values and have _no_ expiredate set. Every time a request is made
_both_ cookie values (login and password) are checked with that on the
server. When the browser is closed, the cookie is gone.
It works but I think it's quite an unconventional way ... any
suggestions/comments on this method?
Cheers;
Eelco.
> Try this:
>
> // Set Cookie if not already set
> if (!isset($user_id)) {
> $token = md5(uniqid(rand()));
> setcookie("user_id", $token, time()+3600,"/",".yourdomain.com");
> }
>
> look at the setcookie function on php.net to figure out all the
> parameters:
> http://www.php.net/manual/en/function.setcookie.php
>
> -Shane
>
> ----- Original Message -----
> From: "phpLover" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, February 03, 2001 11:25 PM
> Subject: [PHP] Session With Cookies
>
>
> > How can I maintain a user session using cookies?
> >
> > Thanks
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
