[pmwiki-users] Setting and getting cookies in PmWiki
jo at durchholz.org
Sat Mar 25 14:53:56 CST 2006
Bellave Jayaram schrieb:
> Thanks a lot. This helps a great deal. After reading the caveats, I
> have one question - what can I do in PHP to create a unique code (maybe 3 or
> 4 digits) for each string I want to store in the list_of_strings and then
> decode it back to the string in the generating function? I don't yet know
> how large my session data could get but if it does become large, this would
> be one way to reduce it, wouldn't it?
Yes, but I wouldn't worry unless the data becomes really large.
> Alternatively, if I want to avoid $_SESSION completely, I am wondering if I
> could use the (?name) markup that Pm said he might provide as a recipe in
> the 'getting form variables' thread - (provided it can be used on more than
> one form submit and not just the last submit).
Hmm... that would mean putting everything into form data (using hidden
fields), in the form of
<input type="hidden" name="whatever" data="..." />
On the plus side:
1) Session storage will be kept to a minimum.
2) The server isn't responsible for storing the data. Session data
typically "dies" after half an hour of inactivity, while data in a form
will live even if the user is away for lunch.
On the minus side:
3) The data will be sent across the network. If there's so much data
that session storage becomes a problem, then it's also enough data that
network transmission will take noticeably longer (unless server and
browser are on the same local network, in which case this point doesn't
4) The user will be able to inspect and even modify that data. Don't
trust the data you'll be getting back, particularly not for things
involving money or a service for which you give monetary guarantees.
5) You have to HTML-encode the data before placing it in the <input
type="hidden".../> field, and HTML-decode it when retrieving it from
$_REQUEST. This encoding and decoding may have subtle bugs (particularly
if your data is binary, or may contain umlauts or other "funny
characters"), and it also takes CPU time (most Internet servers are
either network-constrained or CPU-constrained, disk space is far less of
More information about the pmwiki-users