Re: session id is determined by the cookie?

From: Daniel Tryba (spam_at_tryba.invalid)
Date: 12/31/04 

Date: 31 Dec 2004 19:56:33 GMT

jrefactors@hotmail.com wrote:

FUP to comp.lang.php (and there is generally no reason to crosspost
between clj.help and clj.programmer).

> When we open a new web browser, all the windows that are open from that
> web browser belong to the same session. However, if we open a new web
> browser, then it will be different sessions. Is that the correct
> concept?

No, depends on browser and how the new "windows" get opened.

> Another question is if session id is generated by the web server?

Atleast for PHP the client can set the sessionID.

> Session ID is determined by the cookies?

Could be. Depends on server configuration.

> Otherwise, how can the web server know this is new session, or old
> session?

The webserver doesn't care (atleast with PHP), if you actually care you
have to write your own code to do sessionID generation and checking.

Relevant Pages

  • Re: ASP sessionstate
    ... ASP doesn't know or care what browser it ... ticket number given when the first item is added to the cart. ... How can a Response.Write write to the server screen? ... :> delete the cart file and set the session ...
    (microsoft.public.inetserver.asp.general)
  • "Compaq Web Agent" management session can be re-used without the need to perform authentic
    ... destructive actions (as server reboot). ... Compaq Web Agent Service 6.0.0.0 using Compaq HTTP Server 5.1.0 on ... servers via a secured HTTP session from a browser client, ... via a legitimate authenticated SSL session - if he closes the session by ...
    (Bugtraq)
  • Re: Attempt to de-mystify AJAX
    ... >>maintaining a session via URL is not a problem. ... >> around cookies and JS, but it seems to be tough. ... >> as needed back to the server. ... but as I mentioned before - a non-dynamic request by the browser can ...
    (comp.databases.pick)
  • Re: Problem with a session
    ... Your first posting was a bit vague, but now I understand your problem. ... the POSTDATA and sets againg the session variable to true and anyone ... This IS a real problem, and you cannot 100% solve it. ... try to tell the browser NOT to chache it. ...
    (comp.lang.php)
  • Re: php session without cookie useage
    ... >>> browser or the application to maintain the state if needed. ... >>> transfer a session key created on login to subsequent pages via a POST ... >>> browser via a cookie or via POST or GET. ... > That may block legitimate users using a round-robin proxy (different ...
    (comp.lang.php)