i have a login form, which is in login.php. after authorization i moove client to some.php file! so, from following two methods, which is better?
- i can send information aboud user
- i can use
SESSION- s for this
what is more preferred?
and two words about why i ask this question.
i hear somewhere that
SESSIONs aren't good programing method, and it's not suggested to use them in such situations...
Sessions are indeed the preferred solution. You can't trust data sent in the querystring ($_GET, $_POST, $_COOKIE etc) because all of those can be changed by the user, but you can trust the that noone has tampered with the $_SESSION data since $_SESSION is stored on the server.
The content is written by members of the stackoverflow.com community.
It is licensed under cc-wiki