[nycphp-talk] problem SOLVED: session variables disappear after redirection
Cliff Hirsch
cliff at pinestream.com
Thu Jun 14 21:09:34 EDT 2007
On 6/14/07 8:58 PM, "Michael Southwell" <michael.southwell at nyphp.com> wrote:
> Rolan Yang, David Krings, and Paul Jones all suggested that the
> problem might be caused by users who weren't accepting cookies (and
> for whom the session id therefore needed to be passed as a $_GET
> variable); they were right. As soon as I fixed the redirect to
> include that, the problems went away. Thanks, guys, and everybody
> else who responded.
>
> Michael Southwell, Vice President for Education
> New York PHP
> http://www.nyphp.com/training - In-depth PHP Training Courses
Just remember, its a balancing act between usability and security. By
including the session id in the URL, you are exposing it, allowing it to be
bookmarked, forwarded, etc. I'm sure Chris or Chris could provide far more
insight.
More information about the talk
mailing list