Re: How to figure out if a page has already been loaded

Stefan Mueller wrote:
>> You could ID each page with an ID number and store the ID number in your
>> session, if the ID number from the session is the same as the pages, then
>> don't generate a new number.
>
> Yea, of course, I can store my random numbers within $_SESSION["..."]. I
> didn't realize that $_SESSION["..."] is a session variable. I was only
> focused on $_SESSION["count_session"].
>
> Many thanks
> Stefan
>
>>> PS: I don't like to use cookies
>> Session is a cookie.
>
> Does that mean that if a user disables cookies on this browser my page won't
> work?
> What will happen? Error message?

If cookies are disabled, it's will each time a page loaded result in that
isset($_SESSION["count_session"]) will be false, and your script will try to
set a new session but it will be ignored by the browser.

You should include a cookie check in your page (this could be done with
javascript and result in an alert if it notice that there hasn't been a cookie
set and tell the user that the site needs cookies to work properly, of course
the user could have disabled the javascript too and this case you can use a
reference check, if it notice that the reference is to your pages and it don't
find a cookie it could generate an error message to the page where telling
about cookies, but references can be turned off too).


//Aho
.

Relevant Pages

  • Re: Sessions vs Cookies
    ... There is a session cookie which simply allows the server to identify the client and retrieve relevant session data for it. ... If cookies can be read or forged, it makes little odds whether you have the master key or all the little keys,. ... Suppose you only send the PHPSESSID: Now you cannot change a thing on the server, even if you have the 'master key'. ...
    (comp.lang.php)
  • Re: session wont timeout
    ... Maybe this is a session cookie issue? ... client browser there is this one: WSS_KeepSessionAuthenticated Expires: At ... If I kill the session cookie using IE Developer Toolbar, ... possible and IIS would throw another challenge. ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: Is it safe to store user_id in Session?
    ... What I was wondering is how safe it is to store user_id or username or ... session so I do not need to search the database all the time. ... OVERRIDING BASIC SESSION COOKIE AUTHENTICATION ... So what is described in the article only works for bad php scripts. ...
    (comp.lang.php)
  • Chicken and egg issue with Cookie based login?
    ... I have few questions I hope someone can clear up for me with the cookie ... private web server. ... It also says this about the secret key: ... Second, would be an example of the "Session ID" or more general, what is an ...
    (comp.security.misc)
  • Re: [PHP] Question about authenticating people...
    ... Would I be better to store that in a cookie rather then a session variable? ... The search variable is not sensitive data, there's no need to keep it on the server so it's an ideal candidate for a cookie. ... Also bear in mind that the client can change the contents of a cookie at any time so you need to re-validate them on every page request. ... If you need to verify the contents of a cookie from request to request you can a) encrypt it, or b) add a checksum to it. ...
    (php.general)