[Phplib-users] phplib-php4 object resumption differences
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
[Phplib-users] phplib-php4 object resumption differences
|
From: Giancarlo <gia...@na...> - 2002-09-26 22:12:15
|
Now I realize a basic difference among the two, and really appreciate sound phplib ideas like pt, classname, persistent slots etc. Let's see the auth object as an example, which seems I never know enough. In phplib It has 2 fashions: default_auth and normal. When phplib sess stores the object, it stores text, wich is in fact code that is evalued at runtime. This text says: generate a new class by that class name, and instantiate these varalues and properties. It does not reinsantiate all properties, but only those that were marked as persistent_slots. In practice it generates a new object with the name and definition available at runtime, and merges into theat the persistent_slots found. php4, on the other hand, stores full object and reinstiantiates them automatically at startup, with all the values like they were. At runtime these values are reloaded, ALL the values are taken back. It is not a merge. I think this is a major difference With persistent slot you don't leave unconscoiusly, unaccounted or unwanted data around. Wheren't we of phplib, those who leave the id and nothing more, for greater security? I read that in every example article about 'good session mangmnt rules': leave a minimud md5 ID, and hook most values in the db...So note that with php4 everything is written in the sess_ file, plaintext, passwd etc, if you don't provide tu unset everything not needd before page_close. Which is much the same as a reversing persistent_slot, but uglier ciao bonanotte Gian |
