i have a login form, which is in login.php. after authorization i moove client to some.php file! so, from following two methods, which is better?

  1. i can send information aboud user id e.t.c by GET
  2. i can use SESSION - s for this

what is more preferred?

and two words about why i ask this question. i hear somewhere that SESSIONs aren't good programing method, and it's not suggested to use them in such situations...

thanks

Comments

Which is better for what?

Written by Col. Shrapnel

@Col. Shrapnel just for storing user data

Written by Syom

thanks all of you, i understand

Written by Syom

you can't store user data in the GET. Because GET is the HTTP method.

Written by Col. Shrapnel

yes, you're true, but i can send it by get, and save it there during all operations

Written by Syom

Accepted Answer

Sessions are indeed the preferred solution. You can't trust data sent in the querystring ($_GET, $_POST, $_COOKIE etc) because all of those can be changed by the user, but you can trust the that noone has tampered with the $_SESSION data since $_SESSION is stored on the server.

Written by Emil Vikström
This page was build to provide you fast access to the question and the direct accepted answer.
The content is written by members of the stackoverflow.com community.
It is licensed under cc-wiki