Web lists-archives.com

Re: [PHP] Re: cookie management





On February 19, 2018 6:44:55 PM UTC, Jeffry Killen <jekillen@xxxxxxxxxxx> wrote:
>
>> On Feb 19, 2018, at 6:24 AM, Christoph M. Becker <cmbecker69@xxxxxx>
>wrote:
>> 
>> On 16.02.2018 at 22:04, Jeffry Killen wrote:
>> 
>>> I am working on a project that has to manage 
>>> cookies both by php and by javascript.
>>> 
>>> A cookie is set for a user. 
>>> 
>>> Now if the same user opens a new window in the browser and navigates
>to the same page
>>> that set the cookie in the first window, how will the server be able
>to differentiate, assuming
>>> the cookie has the same name, set in the same client in both opened
>windows? The second
>>> would overwrite the first if the values are different, right?
>> 
>> Yes.
>> 
>>> I am thinking of cookie arrays but I am not sure that would be the
>solution.
>> 
>> You can store an *arbitrary* string in a cookie (note that there are
>> usually rather tight limits regarding the size of all cookies of a
>> domain, though).  You could store a JSON string inside the cookie, or
>> use multiple cookies.  However, that wouldn't appear to solve your
>issue.
>> 
>> It seems to me that the problem is: "how will the server be able to
>> differentiate".  Why should the server differentiate which tab made
>the
>> request, at all?
>> 
>> -- 
>
>Thank you for the reply:
>
>
>> Why should the server differentiate which tab made the
>> request, at all?
>
>I just want to know if it was possible for a user to have two
>sessions opened to the same domain at the same time 
>from the same client.
>
>I am working on a modular registration and log in - log out
>system. So I play the role of both the user who would
>be using my work, and the developer. I am anticipating
>potential difficulties owing to this sort of situation.
>
>JK
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php

You're trying to use cookies and sessions for something they were never really intended to do. Given why you're trying to do this, I see two choices: 1. Use different browsers (or a browser in incognito mode), or 2. Pass the session token through as part of the request URL.

Thanks,
Ash

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php