P is for Practical | |
PerlMonks |
Re: How do you do sessions in Web Sitesby pajout (Curate) |
on Oct 17, 2005 at 12:00 UTC ( [id://500703]=note: print w/replies, xml ) | Need Help?? |
I use following model: 1/ When new session created (for every user, including anonymous), session identificator is generated as random string, beginning with letter, for instance g4Kj90hUl. 2/ Depending on application requirement, that sess_id is included as hidden field in every application page, or/and the cookie with sess_id is sent. The advantage of hidden field is the possibility of two opened browser windows with different login, the advantage of cookie is the possibility of walking out of application url and back without lose of authentication. I think that GET or POST is another story. 3/ The aditional session informations, including expire rules, are stored in SQL (or Berkeley :) database under sess_id.
In Section
Seekers of Perl Wisdom
|
|