----- Original Message ----- From: "PHPCoder" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: "php-general" <[EMAIL PROTECTED]> Sent: Thursday, July 18, 2002 6:18 AM Subject: Re: [PHP] Sessions: watertight?
> Thanks > OK, I have checked my phpinfo(); and the *session.use_trans_sid* = 1 ; > *session.use_cookies =* On, so I'm not sure if I need to turn the > cookies bit off, but I would think it not to be necessary. ; So, I can't > see why the URL's aren't changed on my pages... Was PHP compiled with --enable_trans_sid or whatever flag is it?? > Now, something to contemplate so long; say I DO get the URL bit right, > what method does PHP use to determine which URL's to append? Would this > method have a considerable overhead on performance? ( given that there > could be alot of session usage on my domains). Yeah, it would affect performance. Not sure how much. I imagine that's why you actually have to set a compile time option to enable this. >I'm rather interested in > the workings of this URL "detection", as it basically means that PHP > runs forward through all my pages to see where the session stops and and > it's difficult for me to see how PHP can tell which pages have to do > with which sessions. PHP knows it has to deal with sessions when you call session_start() at the beginning of the page. >Arguably one can have two session "threads" that > has some overlapping files, and my mind boggles as to how php can track > the session vars, secially if the one session thread were to use the > same session variable names ( which is surely possible right?) No, session names are unique. That's the whole idea...I use your unique session id to identify you each time you return to my pages. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
