Session vs Cookies

**DKCK** · Mar 18th, 2002, 01:01 PM

Here is my problem in a nutshell. I'm am trying to make my site work with both users who allow cookies and those who don't. When I go to check for cookies, I try to pass a session variable back to my script. However those that don't have cookies for some reason don't get the session variable either. Any ideas why this happens?

**sebs** · Mar 18th, 2002, 03:00 PM

cuz there's 2 diferent kind of cookies!

look in your security setting of your browser!

**Danial** · Mar 18th, 2002, 03:04 PM

Originally posted by DKCK
Here is my problem in a nutshell. I'm am trying to make my site work with both users who allow cookies and those who don't. When I go to check for cookies, I try to pass a session variable back to my script. However those that don't have cookies for some reason don't get the session variable either. Any ideas why this happens?

Thats because Session are implemented using cookies, the session id is passed at every request in a cookie so if one has cookie disabled then you wont be able to use session object.

**monte96** · Mar 19th, 2002, 10:45 AM

The only way to 100% cover those paranoid users that totally disable ciookies, is to pass the values from page to page in hidden input tags.

That is why many developers simply put disclaimers on their apps that cookies must be enabled.

This problem is overcome in ASP.Net because if you start a session, the session id is passed in the URL line/form data so that IIS can always identify a user.

**JoshT** · Mar 19th, 2002, 11:52 AM

This problem is overcome in ASP.Net because if you start a session, the session id is passed in the URL line/form data so that IIS can always identify a user.

I believe there's also an ISAPI filter in one of the IIS resource kits that'll do this.

Thread: Session vs Cookies

Thread Tools

Display

Session vs Cookies

Re: Session vs Cookies

Posting Permissions