Using session ID

nightman

Hi ppl
I made a login script as it retrieve information from the MySql DB. Everything works fine, but I wanted to do this with a Session ID to be send with URL?SessionID=xxxxxxxx.
The reason for this is after a user logged in he/she can click though some links (i.e wizard) so if I store a session ID in the DB, and send that alone with the URL, it can be compared with the ID in the DB for every page to make sure the information viewed by the user is correct and only "belong" to him/her. And I want to block 2 users use the same login info at the same time.

How do I do that? I am using PHP4 in the server.

Or any other way I can do this more easier, I do not want to use cookies though

alcapone

hi there,
yeah you sure can pass session id through the url, and you can call it like this:
<?php
printf("<a href=URL?SessionID=%s">here</a>", session_id());
?>
but I would recommend just to generate uniq session ids so that no two persons will bump into each other's accounts.

cheers,
AlCapone

nightman

Thank you, but do you have any scripts or links which explain the unique id's?

alcapone

how can you explain unique id?? thats why they call it unique so that noone could predict it. If you mean how to get a complitly unique number then here's the combination I use:
part of a user ip, microtime, execution time of a scipt, # of visitors at a time
and pass all this through mt_rand().
Combination garanties ~99.999999% random number.

cheers,
AlCapone