Need Help.

--000e0cd4d4acd89c6e046ea48ea2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Dear Sir,

I am facing two problem while developing my site in php.
1) I want to delete browser history whenever i migrate from one page to
another. so that user can never press "Back" button.
2) I have 20 users who have access to my site. Right now I am checking this
using cookies. I want to know which is better to track user login : Cookies
or Session ?

Please do reply.

With regards,

Girish

--000e0cd4d4acd89c6e046ea48ea2--

Re: Need Help.

Hi Girish,
You can save the SEssion id in a Cookie to make it available over
requests and over days too. If you use Sessions stored on DB, you can
get more security, when the SEssion Cookie is stored Encrypted. Other
Option is to send the Session id, most know as PHPSESSIONID, as GET
Variable.

REgards

Carlos

Ashley Sheridan schrieb:
> On Tue, 2009-07-14 at 11:59 +0530, Girish Padia wrote:
>> Dear Sir,
>>
>> I am facing two problem while developing my site in php.
>> 1) I want to delete browser history whenever i migrate from one page to
>> another. so that user can never press "Back" button.
>> 2) I have 20 users who have access to my site. Right now I am checking this
>> using cookies. I want to know which is better to track user login : Cookies
>> or Session ?
>>
>> Please do reply.
>>
>> With regards,
>>
>> Girish
>
> You can't delete the users browser history, but what you can do is use
> an entirely AJAX based website, so that there is no back/forward option.
> However, this may be a little complex for you unless you have at least a
> fair understanding of HTML Dom, and Javascript.
>
> To understand which is betterm you need to understand how they work.
> Cookies are persistent text files left on the users computer. They are
> limited in the amount of data you can store in them, but they can store
> information across physical browsing sessions. For example, you could
> use them to remember a users preferred layout for your site, etc.
>
> Sessions variables are all stored on your server, and generally last
> only for the time that a visitor is on your site. They are referenced
> automatically by PHP through a session ID, which is usually stored in a
> cookie, but you can force it to be sent only in the URL if you wish.
>
> The advantage that sessions have over cookies is the ability to store
> more data, and as it is server-side, you can store things without
> worrying too much about that data being accessed by someone other than
> your user. Cookies have the advantage of persistence over time
> (depending on how long you prefer to store them). You should not that
> some users see cookies as invasive, and may have them turned off in the
> browser. I'd say if you can do something server or client-side, you're
> better off doing it where you have the greatest control, a la
> server-side.
>
> Thanks
> Ash
> www.ashleysheridan.co.uk
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Need Help.

On Tue, 2009-07-14 at 11:59 +0530, Girish Padia wrote:
> Dear Sir,
>
> I am facing two problem while developing my site in php.
> 1) I want to delete browser history whenever i migrate from one page to
> another. so that user can never press "Back" button.
> 2) I have 20 users who have access to my site. Right now I am checking this
> using cookies. I want to know which is better to track user login : Cookies
> or Session ?
>
> Please do reply.
>
> With regards,
>
> Girish

You can't delete the users browser history, but what you can do is use
an entirely AJAX based website, so that there is no back/forward option.
However, this may be a little complex for you unless you have at least a
fair understanding of HTML Dom, and Javascript.

To understand which is betterm you need to understand how they work.
Cookies are persistent text files left on the users computer. They are
limited in the amount of data you can store in them, but they can store
information across physical browsing sessions. For example, you could
use them to remember a users preferred layout for your site, etc.

Sessions variables are all stored on your server, and generally last
only for the time that a visitor is on your site. They are referenced
automatically by PHP through a session ID, which is usually stored in a
cookie, but you can force it to be sent only in the URL if you wish.

The advantage that sessions have over cookies is the ability to store
more data, and as it is server-side, you can store things without
worrying too much about that data being accessed by someone other than
your user. Cookies have the advantage of persistence over time
(depending on how long you prefer to store them). You should not that
some users see cookies as invasive, and may have them turned off in the
browser. I'd say if you can do something server or client-side, you're
better off doing it where you have the greatest control, a la
server-side.

Thanks
Ash
www.ashleysheridan.co.uk


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Need Help.

Hi Girish,

1. You cannot modify the browser Back button (any thing on the
client's computer for that matter).
2. I strongly oppose the use of Cookies for tracking the user login,
due to security reasons. Cookies are saved on the client's computer
and he/she can easily modify the information present. But that is
impossible with sessions.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Need Help.

hahahahahaha

How are you to delete my history?
The fact that you "develop" a website does not allow you to take the
control of my browser.

But you can avoid the history to be populated by using javascript


Click to lalalal


The replace() method loads a new page, specified by URL, in the
current browser window.
The new page replaces the previous page's position in the history list.

On Tue, Jul 14, 2009 at 5:51 AM, kranthi wrote:
> Hi Girish,
>
> 1. You cannot modify the browser Back button (any thing on the
> client's computer for that matter).
> 2. I strongly oppose the use of Cookies for tracking the user login,
> due to security reasons. Cookies are saved on the client's computer
> and he/she can easily modify the information present. But that is
> impossible with sessions.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>



--
Martin Scotta

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Need Help.

From: Martin Scotta
>=20
> hahahahahaha
>=20
> How are you to delete my history?
> The fact that you "develop" a website does not allow you to take the
> control of my browser.
>=20
> But you can avoid the history to be populated by using javascript
>=20
> onclick=3D"document.location.replace(this.href)">
> Click to lalalal
>

That would prevent me from navigating the site since I won't enable
JavaScript in my browser until I have trust in your website not to allow
any installation of malware on my computer. That trust must be earned by
you, since trust is not associative. Yes, there are a lot of sites that
I can't visit because of that. Right now I won't even enable JS for
either my bank or credit card issuer since neither has demonstrated the
knowledge, desire or ability to protect their servers or my browser.

Bob McConnell

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Need Help.

I know... this is not for a php thread... but...

If you look at the HTML the "a" tag is made completely unobtrusive.
The link will still working without javascript.

This is the original tag (with javascript)

Click to lalalal


This is how the browser looks it without javascript

Click to lalalal


I've said it is not for a php thread

On Tue, Jul 14, 2009 at 10:29 AM, Bob McConnell wrote:
> From: Martin Scotta
>>
>> hahahahahaha
>>
>> How are you to delete my history?
>> The fact that you "develop" a website does not allow you to take the
>> control of my browser.
>>
>> But you can avoid the history to be populated by using javascript
>>
>> ">
>> =A0 =A0 =A0Click to lalalal
>>
>
> That would prevent me from navigating the site since I won't enable
> JavaScript in my browser until I have trust in your website not to allow
> any installation of malware on my computer. That trust must be earned by
> you, since trust is not associative. Yes, there are a lot of sites that
> I can't visit because of that. Right now I won't even enable JS for
> either my bank or credit card issuer since neither has demonstrated the
> knowledge, desire or ability to protect their servers or my browser.
>
> Bob McConnell
>



--=20
Martin Scotta

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php