 |
 |
 |
 |
|
|
Date: 11/28/99
- Next message: Simon Sadler: "Re: [PHPLIB] Warning - Same session in two browsers?"
- Previous message: 25778535 <email protected>: "[PHPLIB] RE: More CABLE TV CHANNELS.....Only 7.00 Dollars"
- In reply to: Sam Liddicott: "Re: [PHPLIB] Warning - Same session in two browsers?"
- Next in thread: Samuel Liddicott: "RE: [PHPLIB] Warning - Same session in two browsers?"
- Reply: Samuel Liddicott: "RE: [PHPLIB] Warning - Same session in two browsers?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Thanks for your feedback Sam. See my recent reply to Florian about my
situation and possible solution.
> IMHO the session should store NOTHING about the current page. Any
> page specific stuff should ONLY be done with forms, and stored in
> hidden fields - encrypted if it needs to be secure.
Problem with hidden fields is that they can be edited on the client side to
feed back invalid data. Also with large variables in hidden fields, the user
has to suffer a longer download of the page and then a longer upload to send
it all back. Surely much better to store it on the server.
However, this whole episode has opened my eyes to persistent variables. The
way I see it is if you have two browser windows sharing the same session
then your registered variables will become corrupt. Of course this will only
happen if the pages actually modify the variables but most would. Does this
make persistent (registered) variables useless?
Simon.
----- Original Message -----
From: Sam Liddicott <hea176136 <email protected>>
To: Simon Sadler <simon.sadler <email protected>>; <phplib <email protected>>
Sent: 25 November 1999 10:53 am
Subject: Re: [PHPLIB] Warning - Same session in two browsers?
> Simon Sadler <simon.sadler <email protected>> said:
>
> > Thanks for your help Florian.
> >
> > I think my empty objects must be down to the multiple browser
> windows
> > sharing one session record. I was heading down that road anyway
> but you've
> > helped me confirm that. Thanks.
> >
> > I guess that the best way around this is to have the user log on
> every time
> > they open a new window. It would be even better if I could detect
> whether
> > they were already logged on in another window and create a new
> session
> > straight away. Then there would be different session IDs using
> different
> > records. Any idea how to do this?
>
> I think you just cannot tell the difference, CTRL-N in IE makes a
> new window with a copy of the contents without re-requesting.
>
> Which one is new? If you close your eyes when you do CTRL-N and
> atl-tab a few times, you won't know which one is new, neither will
> IE, and neither can the server.
>
> IMHO the session should store NOTHING about the current page. Any
> page specific stuff should ONLY be done with forms, and stored in
> hidden fields - encrypted if it needs to be secure.
>
> Sam
>
> -
> PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
> To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
> the body, not the subject, of your message.
>
-
PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
the body, not the subject, of your message.
- Next message: Simon Sadler: "Re: [PHPLIB] Warning - Same session in two browsers?"
- Previous message: 25778535 <email protected>: "[PHPLIB] RE: More CABLE TV CHANNELS.....Only 7.00 Dollars"
- In reply to: Sam Liddicott: "Re: [PHPLIB] Warning - Same session in two browsers?"
- Next in thread: Samuel Liddicott: "RE: [PHPLIB] Warning - Same session in two browsers?"
- Reply: Samuel Liddicott: "RE: [PHPLIB] Warning - Same session in two browsers?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]