UcGaming.co.uk
New Member
I am a little confused about the session management in PHP. A lot of focus in the docs is devoted to the magic PHPSESSID cookie. I program Ajax and am actually thinking of getting rid of cookies. I understand that I can do so in the php.ini file. It also seems possible to suppress the PHPSESSID by means of a simple ini_set("session.use_cookies",0) at the top of my login script. Don't get me wrong, I do want sessions. My Ajax hand-shakes will, where required, POST the session id. From the cookie-centric docs, one just gains the impression that all session expiry handling is done via the time stamp on the cookie. I am unclear on how exactly a timestamp of a cookie can prompt the server to expire the session cache over a stateless connection? Put another way, in a cookie-less setup, how can I instruct the server to clean down the session cache after a while? Would I still be calling session_set_cookie_params? Seems quaint...If I understand well, then I should call sessionID(sid) and check the return for "" to make out whether "sid" is dead. Correct?Thanks.