propagate SID - session ID - PHPBuilder Forums

propagate SID - session ID

Anon

if all the client not support cookies,
the only way i propagate the session id is
attach to the url after "?".

if one of the user bookmark the page with
session id "1234"(for example)

another day a new user use session 1234
, while he still using the website,
suddenly the previous go to the page from the
link she had bookmark. Do you think
they will sharing the same session data and
id ? do you think she will able to see his
session data ??

p/s : all cookies is off.

thank for ur answer

Anon

Yes. If you are passing the session_id in the get string then there is a chance of the session being hi-jacked (this same risk exists for using cookies). However the session_id is generated in such a way that it'll be very difficult to guess what the ID number is, and it'll be very rare to have an ID repeated in such a short time span.

Anon

Then this should be not secure enough.

i would like to ask do PHP server check
if two or more clients sharing the same
session id, then it reset both session id ?