Re[6]: [Phplib-users] new Session4 changes
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
Re[6]: [Phplib-users] new Session4 changes
|
From: Maxim D. <max...@bo...> - 2002-12-02 17:13:41
|
RH> So what you end up with is something that sounds good on paper, but causes RH> problems in MANY situations. Can you imagine being the sysadmin and trying RH> to figure out why sessions just go away for SOME people, SOME of the time? Well, I'm just this kind of sysadmin, and I'm fed up of persuading users to turn their cookies on, because many of them don't read that cookies must work on our site, others don't know what the cookies are and don't know how to turn it on back. And sometimes browsers f@#k up and don't handle cookies properly (e.g. Opera6.01 and IE6 in some installations). And sometimes proxies cache cookies with other headers and send them to everybody using those proxies. I have the situation when the session just go away for SOME people, in SOME circumstances, and I have it now. And I understand that we live in not such a perfect world where things are beyond our control in spite of rich and available specifications. So, don't expect that this is so uncommon - such things will last forever. I just sat down and calculated a bit. Let us have the stats of cookie usage - the stats are available everywhere. In Russia it is common that the rate of cookie-disabled browsers is from 3 to 5 per cent. So, we have a risk that 5 per sent of users won't be able to use our service if we enforce cookie usage. Then, what is the probability of changing client's IP during the session. I don't think it would be more then 30% (in the worst case). So, we can lower the risk by 2/3 without a loss (since we enforced cookies on everybody before). Does it matter? I think, yes, I'll have only third of those people who may experience problems with my site. -- Best regards, Maxim Derkachev mailto:max...@bo... IT manager, Symbol-Plus Publishing Ltd. phone: +7 (812) 324-53-53 www.books.ru, www.symbol.ru |
