session id is determined by the cookie?

[jrefactors]

When we open a new web browser, all the windows that are open from that
web browser belong to the same session. However, if we open a new web
browser, then it will be different sessions. Is that the correct
concept?

Another question is if session id is generated by the web server?
Session ID is determined by the cookies? Otherwise, how can the web
server know this is new session, or old session?

 

[Daniel Tryba]

(e-mail address removed) wrote:

FUP to comp.lang.php (and there is generally no reason to crosspost
between clj.help and clj.programmer).

When we open a new web browser, all the windows that are open from that
web browser belong to the same session. However, if we open a new web
browser, then it will be different sessions. Is that the correct
concept?

No, depends on browser and how the new "windows" get opened.

Another question is if session id is generated by the web server?

Atleast for PHP the client can set the sessionID.

Session ID is determined by the cookies?

Could be. Depends on server configuration.

Otherwise, how can the web server know this is new session, or old
session?

The webserver doesn't care (atleast with PHP), if you actually care you
have to write your own code to do sessionID generation and checking.

 

[newB]

1) no, that's wrong. everything would be saved to ur pc. just like a
cookie

2) session is saved to local pc as the cookies

 

[Sudsy]

1) no, that's wrong. everything would be saved to ur pc. just like a
cookie

2) session is saved to local pc as the cookies

I'm afraid that it's you who's wrong. Some clients don't accept cookies
so there has to be an alternate way of maintaining session state. It's
typically achieved through the use of "URL rewriting". I suggest that
you refer to the applicable documentation.

 

[R. Rajesh Jeba Anbiah]

1) no, that's wrong. everything would be saved to ur pc. just like a
cookie

2) session is saved to local pc as the cookies

No and no. http://in2.php.net/session

 

[minhazr]

session is not belongs to the web browser...when the first time a
request come from a user to a server the sever automitacally give hime
a session.. what ever the browser the user is use.after a successfulyy login-- u see that all the autheticate page you
are browsing

cockies is used by some of the web hoster to track u .to find that u r
browsing their site for the first time or for the seccond time . when
basically we check on save pass check box this is save in our hard disk
as cockie. so seccond time when we logon to that particuler site that
cockie is send user name and password for us.settings E:\Documents and Settings\UR_USER_NAME\Cookies folder and if u
delete a cockie what may e set for yahoo or hotmail so nexttime when u
going to logon their pages the auto loging system will not work

HTTP protocols are stateless, so one state dont know about other state.
session id is nedded to be handeld by server side scipting .usually it
is handeld by programer. so it is basically our responsibility to play
with a session, check it in every pages.. send it to one page to other
u can do that in many when like by checking when u give him the id
their is many way u can handel a id, like for a page-the id will valid
only in a page in a whole session or for some default timing.
if in ur websites theire is no securitu like no user name and login
system then u can easily forget aout this session and cockie things
bye
take care

 

[Sudsy]

session is not belongs to the web browser...

<snip body of post which gave me a headache trying to understand...>

A session is shared between the client and the server. The client or
web browser has to present their credentials every time they attempt
to access the server so that the server can associate the request
with an existant session. Whether via cookies or URL rewriting, the
functionality is the same.
You are correct about one thing: HTTP /is/ stateless. Adding state
to the conversation is what sessions are all about.