To clarify (assuming PHP):
- Sessions are a mechanism that allow PHP to preserve state between excecution.
- First PHP generates a unique thirty-two character string to identify the session.
- It then passes the value to the browser and simultaneously it creates a file on the server and include the session ID in the file name. So the only thing that's stored in the browser is a single cookie that contains the users session ID. One of the big selling points of PHP sessions is that they also work when cookies are disabled. If PHP detcts that cookies are disabled in the user's browser it will automatically add the session ID as a query string variable on all relative links on your page, thus passing the session ID onto the next page. For this to work, session.use_trans_sid must be enabled in your php.ini file.
- There are two methods by which PHP can inform a browser of its session ID:[list:464f72f000]
- By adding the ID to the query string of all relative links on the page or
- by sending it as a cookie
[*] Within the file that's stored on the server, PHP saves the names and values it has been told to store for the session.[*] Sessions may not only be stored on the server as files. It's also possible to store them in a database or even in shared memory. This can be useful for load balancing multiple Web servers using a single session repository, allowing visitors to (unknowingly) swap servers while maintaining their session.[*]
This only works on .php pages of your site. [/list:o:464f72f000]
Note: If you ever need it, you can add the session ID yourself to
absolute URL's like this:
<?php
session_start();
?>
MySite