[REBOL] Re: Rebol/command, fastCGI, session id, frames, etc....
From: gchiu:compkarori at: 24-Jun-2001 11:56
On Sat, 23 Jun 2001 22:21:27 +0200
"Petr Krenzelok" <[petr--krenzelok--trz--cz]> wrote:
> thanks a lot - I am just discussing other possibilities
> with Allen in RIM
> conference. Maybe another option is to completly bypass
> sessions at all?
> Allen thinks sessions don't scale too well.
Why not?
> So what about using some form, hiddent field, post
> method, and some kind of
> encrypted string (containing info about time, for
> detection of timeout),
> which would be sent to page each time?
>
These are just ways of implementing session handling.
If I had to do this, I would probably use cookies. And of
course advise the end user that cookies need to be enabled.
Hidden fields mean that every page has to be posted, and
mangling the URL is ugly.
So, something like this
1. browser request - no cookie? create new session id and
send cookie which holds the session id
2. store session id in session table with time stamp
3. has cookie - check to see if valid session id, and if it
is, update time stamp in session table. If not, create new
session id.
4. periodically remove expired session ids from session
table.
>From memory, session handling in PHP is done by cookies as
well.
--
Graham Chiu
