if I use session in a web app
can I be assured that every guest who visits the site has a unique session id?
and for example I use a rand() to generate and store a $_SESSION
can I be assured that every set of rand() is also unique?
say min is 123456789 and max is 1234567890
if not
how can I check each of sessions stored to see whether rand() has already generated same number?
is there such thing as looping through sessions?
thanks!
Jump to Postcan I be assured that every guest who visits the site has a unique session id?
No, though the likelihood of a collision is rather low.
and for example I use a rand() to generate and store a $_SESSION
can I be assured that every set of rand() is also …
Jump to Postcustomer id genrated by rand will then be updated to real customer id once customer has logged in.
I'm not sure I understand the logic. You're generating a temporary id for some reason?
what do you suggest then? is there such thing as setting a certain session id?
I'd need …
can I be assured that every guest who visits the site has a unique session id?
No, though the likelihood of a collision is rather low.
and for example I use a rand() to generate and store a $_SESSION
can I be assured that every set of rand() is also unique?
Certainly not, and the likelihood of repeated random numbers is very good. If you want a unique customer id then I'd recommend looking into options other than just a pseudorandom number.
Is the customer id only used for that session, or are you storing it in a database for later retrieval?
Is the customer id only used for that session, or are you storing it in a database for later retrieval?
t wont be saved in the database, customer id genrated by rand will then be updated to real customer id once customer has logged in.
No, though the likelihood of a collision is rather low.
what do you suggest then? is there such thing as setting a certain session id?
thanks!
customer id genrated by rand will then be updated to real customer id once customer has logged in.
I'm not sure I understand the logic. You're generating a temporary id for some reason?
what do you suggest then? is there such thing as setting a certain session id?
I'd need a better idea of what you're trying to accomplish to make a suggestion.
Why don't you create a visitors table linked to session id. When the session is no longer valid it gets garbaged along with the visitor id. However, if a visitor performs an action that means that the data should be transferred to the main tables, you shouldn't have any collisions - you could set a cron job to do this or set up DB sessions. As mentioned rand() should never be used to get unique numbers. A db table set with an autoincrement field linked to the session *should* obviate collision. My 2p - correct me if I'm wrong.
session id's are unique
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.