Ernest E Vogelsinger wrote:
Definetely yes.
After reading Justin's post I realized that.
I don't get what you mean here. Can you explain a bit more? Sounds like what I need but I don't understand. You say you have cookies switched off but send the user a cookie ... a contradiction.What I usually do (I also have session cookies switched off) is to send the user a session cookie when he logs in. This way I can use cookieless sessions, but when it comes to sensitive areas I can be sure that bookmarking or giving away the SID wouldn't automatically transfer the login session...
I didn't know that but it doesn't matter as I don't do OO in PHP. Being also a Java programmer I can't wrap my brain around how PHP does pseudo-OO.I always recomment NOT using session.auto_start. It effectively disables making objects session-persistent
Jc
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
