Re: RE: Sessions without cookies

From: "Mitch Vincent" <mitch(at)venux(dot)net>
To: "Christian Marschalek" <cm(at)chello(dot)at>, "'Dan Wilson'" <phpPgAdmin(at)acucore(dot)com>
Cc: "[PHP] PostgreSQL" <pgsql-php(at)postgresql(dot)org>
Subject: Re: RE: Sessions without cookies
Date: 2001-05-09 17:05:43
Message-ID: 005e01c0d8aa$484d9da0$1251000a@windows
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-php

> > Why? If the user accepts the cookie, then they don't have a
> > problem with it. If the user doesn't then it uses other
> > functionality (URL re-writing). I don't see any problem with
> > that. Leave it up to the user to decide how they want PHP to
> > keep track of their session.
>
> Well because cookies are a security flaw, aren't day?

Only if you make them one. :-)

Cookies by in and of themselves are harmless. Just treat what ever you store
in a cookie as if anyone could see it (because they probably can)..

-Mitch

In response to

Responses

Browse pgsql-php by date

  From Date Subject
Next Message Dan Wilson 2001-05-09 17:54:05 Re: RE: Sessions without cookies
Previous Message Christian Marschalek 2001-05-09 16:41:26 RE: RE: Sessions without cookies