Just as folks can turn off JavaScript, they can reject cookies. Sessions have some advantages over cookies.
> [Original Message] > From: Ed Lazor <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Date: 07/13/2004 2:47:31 PM > Subject: [PHP] Opinion: PHP Sessions or Cookies > > I'm using PHP sessions for user tracking. My host provider's server is > dropping session data. He swears it's my scripts and says I should be using > cookies for better security. That goes completely opposite to my > understanding, so I'd like to run it by you guys. Which is more secure: > PHP sessions or cookies? > > > > In case you're curious, more details on the specifics of the problem I'm > experiencing: > > > > I have a prepend file that executes start_session. The script assumes the > user is a guest if $_SESSION["UserID"] is not set. All guests route to the > login screen. Successful authentication sets $_SESSION["UserID"] and sends > you to the original requested page. > > > > It seems fairly straight forward to me. People are able to login and start > using the site, but the login screen displays randomly after they've already > authenticated successfully. > > > > It sounds like PHP session data is being lost on the server. I've also seen > error messages on web pages that report PHP / MySQL as having trouble > reading from the temp directory. Here's the extact message: ERRORError > writing file '/tmp/MYiYcf7q' (Errcode: 28). > > > > Anyway, those are the details. I look forward to hearing what you think. > > > > -Ed > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
