"Ed Lazor" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > I'm using PHP sessions for user tracking. My host provider's server is > dropping session data. He swears it's my scripts and says I should be using > cookies for better security. That goes completely opposite to my > understanding, so I'd like to run it by you guys. Which is more secure: > PHP sessions or cookies? > > > > In case you're curious, more details on the specifics of the problem I'm > experiencing: > > > > I have a prepend file that executes start_session. The script assumes the > user is a guest if $_SESSION["UserID"] is not set. All guests route to the > login screen. Successful authentication sets $_SESSION["UserID"] and sends > you to the original requested page. > > > > It seems fairly straight forward to me. People are able to login and start > using the site, but the login screen displays randomly after they've already > authenticated successfully. > > > > It sounds like PHP session data is being lost on the server. I've also seen > error messages on web pages that report PHP / MySQL as having trouble > reading from the temp directory. Here's the extact message: ERRORError > writing file '/tmp/MYiYcf7q' (Errcode: 28).
Hi Ed, have you tried storing your session data in a database? Storing session data in a database has some advances over the standard file based solution, mainly data security und comfort. For example, if you want to get the number of the active sessions just do a simple "select count(*) from sessions". Regards, Torsten Roehr -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
