[nycphp-talk] Cakephp
Paul Houle
paul at devonianfarm.com
Wed Dec 13 18:10:48 EST 2006
dkov at optonline.net wrote:
> Does anyone use the Cakephp framework? If you do, I have tried using
> thier session component to create and manage sessions. I have read
> every bit of information I can find on the internet. I still can't
> get my sessions working correctly. Please teach me.
I avoid session variables -- most applications that use session
variables are "broken by design". If you do manage to get sessions to
work, the next thing you'll be asking us is how to disable the back button.
The "stateless" paradigm of web programming is responsible for many
of it's advantages: the reasons why we're writing web-based business
apps instead of other applications.
It turns out that the behavior of cookies in mainstream web browsers
are largely undocumented; it's bad enough if you've got control of the
cookies that you're sticking on people, but things get really
mysterious when some library you don't control is doing it.
PHP locks the $_SESSION variable when it's in use -- this causes
lots of problems for apps that have multiple frames, use AJAX, etc.
If you want to write reliable web apps, keep your "session" state
in well-engineered database tables, and use signed cookies to attach a
session id to users. You'll spend a less time dealing with mysterious
behavior on the part of the $_SESSION object.
More information about the talk
mailing list