perl-embperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Neal Gamradt" <>
Subject RE: cookie-less sessions..
Date Fri, 22 Oct 2004 02:25:04 GMT
Hello Stefan,

The way I used to handle sessions was by creating a huge random number that 
I would pass as a hidden field or in the query string.  I would try to make 
a mixture of characters and numbers so that it would be very difficult for 
someone walking by to try to write down if they saw it in the query string.  
I would then save this number in a database table with other session 
information to retrieve when needed.  I don't like this method because of 
the overhead but then cookies are not needed.  Now-a-days I write a lot of 
internal company applications so I know cookies are always turned on, so I 
use udat all of the time now.


From: Stefan Cars <>
Subject: cookie-less sessions..
Date: Wed, 20 Oct 2004 19:00:28 +0200


I have some trouble which I asked the list awhile ago with sessions without 
cookies. The trouble is that sessions works perfect when people use cookies 
but for people that do turn off cookies everything is not working so great. 
I have tried setting EMBPERL_SESSION_MODE 0x21 but this just doesn't do it, 
for some reason it seems to generate a new session_id everytime I visit the 
page, the second problem is that we have some annoying javascripts and 
redirects ($http_headers_out) the SDatparam doesn't work with. So what we 
want is probably smodeUDatUrl, which isn't implemented yet. Gerald, what is 
the status of this ? Maybe we could hire you for that implementation or is 
there any other ways to solve this problem ?

Kind Regards,
Stefan Cars

To unsubscribe, e-mail:
For additional commands, e-mail:

Express yourself instantly with MSN Messenger! Download today - it's FREE! 

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message