WTF ... IS WTF!?
We are a collective of people who believe in freedom of speech, the rights of individuals, and free pancakes! We share our lives, struggles, frustrations, successes, joys, and prescribe to our own special brand of humor and insanity. If you are looking for a great place to hang out, make new friends, find new nemeses, and just be yourself, WTF.com is your new home.

Session IDs - who the fuck are you?

Blaze Daily

<b>Banned - What an Asshat!</b>
146
0
0
#1
Yeah, this is how stressed I am over session ID's.

I hear you can use sessions to keep data flowing between scripts, as long as each script opens a session with session_start();

Rather redundant programming but wtf, no?

But my question regards a hypothetical situation. For example, I want to be able to log the number of times a visitor loads a thread. This number must be unique to the visitor, and not a global record of thread hits. Therefore the obvious solution would be to use sessions.

My problem is the unique visitor part - how do we distinguish visitors apart? Does the sessionID persist after the user has logged off? What do you store in the database to recall a session for a unique visitor?

Isn't it simpler to encode a unique string for each visior using setcookie() in an array with last visit, page views, and so forth? Obviously setting a cookie is not perfect, what if the user clears his cookie jar? That would fuck everything up and revert the page hits to zero...

Would using session ID's overcome this obvious flaw?
 

jamesp

In Memory...
1,714
1
0
#2
Blaze Daily said:
Yeah, this is how stressed I am over session ID's.

I hear you can use sessions to keep data flowing between scripts, as long as each script opens a session with session_start();

Rather redundant programming but wtf, no?

But my question regards a hypothetical situation. For example, I want to be able to log the number of times a visitor loads a thread. This number must be unique to the visitor, and not a global record of thread hits. Therefore the obvious solution would be to use sessions.

My problem is the unique visitor part - how do we distinguish visitors apart? Does the sessionID persist after the user has logged off? What do you store in the database to recall a session for a unique visitor?

Isn't it simpler to encode a unique string for each visior using setcookie() in an array with last visit, page views, and so forth? Obviously setting a cookie is not perfect, what if the user clears his cookie jar? That would fuck everything up and revert the page hits to zero...

Would using session ID's overcome this obvious flaw?
I guess you are right. Sessions contain information about a user, via a database, session IDs, or cookies. My personal favorite way is a session database, because it is powerful and easy. But you only put session_start() at the begining of every page. And session_destroy() to close the session (i.e. logout). If I was going to make a variable that contains a double that represents the number of times someone has viewed a thread I would do something like this:

Retrieve info from DB (or cookie) and store in sessions.

Open thread.

Manage variables (i.e. ThreadViews++)

Store updated variable in DB or cookie.
I am just writing the psuedocode because you learn a shitload more than if I just tell you how.