sessions... why use them?

_0_05_

Whats the point to using sessions?
i mean its just putting all the values in the url bar... why does it matter if people can see the information they submitted or not??

personally, i cant see the advantages of them - can someone please point this out?

vallette

Well lets see here's a few reasons...

maybe you don't want the user to see what they're posting.
maybe the user doesn't want the rest of the world to see what they're posting
maybe you don't want to have to mess with storing information from multi-part forms in hidden fields
maybe the data being stored isn't appropriate for being passed back and forth via http (i.e., binary data)
maybe you don't want to pass sensitive information back and forth between the browser
maybe, as a developer you want to simplify the process of tracking information unique to users on your site
maybe you want a easy to implement method of timing out user sessions

I'm sure there's about 1000 more . Anybody else want to contribute?

Dave

Begby

A couple of session uses

Tracking to see if someone is logged in or not, then marking them as logged out when the session expires.
Not having to fill up the url with ten million variables on every link when instead all the variables can be stored as sessions and accessed as needed.
Convenient way to pass more complex data between pages

driverdave

Yet another good reason to use them is to keep a user from setting your variables via POST or GET. You can trust your session vars, if you create them in a secure manner.

Also, session objects are very nice, and would be cumbersome to pass via GET or POST.

morphy_6deex

yeah security... but the session_id is always passed via clients.... cookies or get... isnt it a security failure? should i configure php (or scripts) in some special way... ? is the sid usefull for people who want attack the system? id like to know more about sid to improve my system's security... thnx in advance

_SuperString

If the need arises for user information tracking with some security then use sessions, if not then dont bother.
Its like anything else, use it if it fits your needs !!!

crisward

I use flash a lot for my web app front end. You can store user data in the app so sessions aren't really needed. It much simpler too.

Does anyone know any problems with this??

Cris.