[Sigia-l] mixing apples and oranges and tomatoes
diannes at dbfields.com
diannes at dbfields.com
Sat Apr 13 01:25:36 EDT 2002
On Fri, 12 Apr 2002, Ziya Oz wrote:
> Technically speaking, if there's a unique ID/variable involved in
> identifying a specific user/session, then that portion of the URL
> cannot really be eliminated.
Um... not quite true. There are really two scenarios
possible:
1) user has cookies enabled
2) user has cookies disabled
If #1 (cookies enabled), it's quite possible to generate
a unique ID and send it back to the user's computer in
a cookie; that cookie is then sent back to the user with
every subsequent request. The server can keep track of
who's who, the user never sees the ugly session ID, and
everyone is happy.
Case #2 (cookies disabled) is more complicated--in that
situation, if unique IDs are required there are a couple
of alternatives. The common one (where ordinary text hyperlinks
are required) is to append the ID to the URL of every local
hyperlink in the page. There *is* at least hypothetically
an alternative--make all local hyperlinks form buttons and
submit them using POST, including the ID as a hidden field
--but that would be terribly cumbersome and I've never seen
anyone actually do it in practice.
What makes life interesting is that a good programmer
really *should* design for both Case #1 and Case #2--
that is, users that enable cookies get nice URLs and
only users who don't enable them have to accept the
tradeoff of ugly ones. At least that's what a developer
who gives a damn about both groups (like me!) does.
The relative difficulty of this task varies a lot
by programming language. For instance, in PHP all
that is required is this command:
session_start();
That's it! That checks to see if a unique session ID
was sent via cookie or URL, and if not, it generates
one and tries to send it back via cookie--if the cookie's
not accepted, it then appends it to every local URL in
the version of the page that's sent back to the user.
It's great out-of-the-box functionality like that that's
made PHP my new favorite for quick & dirty small projects.
Implementing the same functionality from scratch,
however, would not be a terribly trivial task--and
would obviously have to be prioritized along with
everything else that was wanted. But definitely
don't be afraid to ask :-).
JFWIW,
Dianne
diannes at dbfields.com
More information about the Sigia-l
mailing list