Alternative of $_SESSION
I've read may times that 'use $_SESSION as little as possible'.
While checking WordPress codes I could barely find $_SESSION used
and I do believe big sites won't use $_SESSION or uses too little.
I'm trying to find out the best solution and alternative of $_SESSION.
thanks in advance
The main issues with $_SESSION are:
- Security in shared hosting environments
- The trans-sid feature placing the session ID in the URL
The alternative is $_COOKIE, which is what $_SESSION is kinda based on. The session saves an identifier as a cookie, and uses that to reference a file.
You can solve the security issue by using your own session handlers to read/write data to a database instead of a file.
You can solve the trans-sid issue by... turning it off.
I'd love to hear what issues you've heard of with $_SESSIONs though, as I find most complaints to be unfounded and ridiculous.
is $_COOKIE the best alternative for $_SESSION ?
$_COOKIE is (IMO) not an alternative to $_SESSION, as cookies can be edited by the user at will. to do that with sessions is way harder. besides, session content is not exposed to the outside world (cookies are transferred with every HTTP Request/Response).
your own session handling: see session_set_save_handler()
Just use sessions and don't be so paranoid. Just don't put passwords and credit card info directly into a session and you'll be fine.
|All times are GMT +1. The time now is 09:50 AM.|
Powered by vBulletin®
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.