Session Cookie Problems

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I have a website that authenticates users and then allows them to visit
member only parts of the site.

The authentication uses cookies. When the user has logged in and the
script has satisfied itself that the username and password are correct
(comparing against a MySQL table), the following session script is run:

$sname = *real name of user*
$slevel = *their membership level*
$semail = *their email address*
$sadminlevel = *there administration level*
$stime = *the time they logged in*

the time information is also stored in the mysql table along with an
"expires" time so that their session can be cancelled if they leave
their computer unattended for a specified period. The session is
started on every page so that the above session variables are available
to scripts while the session is valid.

This all works perfectly - except on computers with cookies turned off.
A large number of members now have desktop access at their workplace
and want to use the site at work - but they all have cookies switched
off on their desktops and cannot change this setting.

Is there a way of

1) recognising that cookies are disabled
2) if they are, implementing a different way of maintaining sessions?

Any help would be very gratefully received.


Re: Session Cookie Problems said the following on 04/01/2006 15:00:
Quoted text here. Click to load it

First of all, don't do that. Since PHP 4.2, use of session_register() is  
not recommended. Use $_SESSION["whatever"] instead. See .

Quoted text here. Click to load it

Yes, you can use a GET variable in all the URLs. PHP can do this  
automatically - see .

However, passing session IDs this way has a lot of issues associated  
with it (security, bookmarking, search-engine problems, etc.).

IMHO, I would use only cookies. If a user has cookies disabled  
irrationaly (IMO, again), they should just have to live with sites not  
working correctly. HTTP is a statless protocol, and complex modern sites  
usually require state information to provide useful functionality, and  
cookies are the best mechanism to provide that information.

    <insert flame here>


Re: Session Cookie Problems

Quoted text here. Click to load it

Thanks - will look into that.

Quoted text here. Click to load it

80% of the users of the site have no choice as their PCs are centrally
administered and the TOOLS->OPTIONS menu in Internet Explorer is
disabled on their PC/Terminal. I will try to encourage the
administrators to allow cookies for my site however.

Thanks for your help.

Site Timeline