POST or SESSION ?

Re: POST or SESSION ?

StinkFinger wrote:[color=blue]
> I am working on some simple pages that pass non-critical information (i.e.
> no passwords, usernames, etc.)
> to and from different pages. Currently, I am using FORMs w/the POST method.
> I am not using any cookies or anything stored on the client end, simply
> passing data.
>
> Should I read up on SESSIONS[/color]

Yes.
[color=blue]
> and use those instead of POST ?[/color]

Probably yes.
[color=blue]
> What are the benefits/drawbacks by switching to SESSIONS ?[/color]

POST data can be changed by the user (even hidden fields);
session variables cannot.

POST data has to travel back and forth through the 'net;
session variables never leave the server.

.... more differences .... anyone?

--
USENET would be a better place if everybody read: : mail address :
http://www.catb.org/~esr/faqs/smart-questions.html : is valid for :
http://www.netmeister.org/news/learn2quote2.html : "text/plain" :
http://www.expita.com/nomime.html : to 10K bytes :

Re: POST or SESSION ?


"Pedro Graca" <hexkid@hotpop. com> wrote in message
news:slrncbogvg .15k.hexkid@ID-203069.user.uni-berlin.de...[color=blue]
> StinkFinger wrote:[color=green]
> > I am working on some simple pages that pass non-critical information[/color][/color]
(i.e.[color=blue][color=green]
> > no passwords, usernames, etc.)
> > to and from different pages. Currently, I am using FORMs w/the POST[/color][/color]
method.[color=blue][color=green]
> > I am not using any cookies or anything stored on the client end, simply
> > passing data.
> >
> > Should I read up on SESSIONS[/color]
>
> Yes.
>[color=green]
> > and use those instead of POST ?[/color]
>
> Probably yes.
>[/color]

It's entirely dependant on the sort of data transferred between the client
and the server. No method is a particular best practise. If a lot of the
data transferred is intended to be persistent throughout a browsing session,
you should most definitely use sessions. If each transaction deals with
unique (ie. non-persistent) data, you probabely don't need sessions.
[color=blue][color=green]
> > What are the benefits/drawbacks by switching to SESSIONS ?[/color]
>
> POST data can be changed by the user (even hidden fields);
> session variables cannot.[/color]

POST data is the responsibility of the client, and is only stored/maintained
by the client. Session variables are never seen by the client, and their
maintenance and storage is the responsibility of the server. There are
performance and maintenance implications on the server-side, as storage and
destruction of this data must be managed by the server.

For large webservers, this may be an issue. For smaller webservers, the only
real concern is the required infrastructure to support session data storage.
You will have to weigh this up when deciding if sessions are appropriate.
[color=blue]
>
> POST data has to travel back and forth through the 'net;
> session variables never leave the server.
>[/color]

Another consideration.

Nathan

Re: POST or SESSION ?

Thanks everyone - all my questions (for now ;) have been answered.

"Nathan Gardiner" <nate@nate.id.a u> wrote in message
news:40bc52d8$0 $300$c3e8da3@ne ws.astraweb.com ...[color=blue]
>
> "Pedro Graca" <hexkid@hotpop. com> wrote in message
> news:slrncbogvg .15k.hexkid@ID-203069.user.uni-berlin.de...[color=green]
>> StinkFinger wrote:[color=darkred]
>> > I am working on some simple pages that pass non-critical information[/color][/color]
> (i.e.[color=green][color=darkred]
>> > no passwords, usernames, etc.)
>> > to and from different pages. Currently, I am using FORMs w/the POST[/color][/color]
> method.[color=green][color=darkred]
>> > I am not using any cookies or anything stored on the client end, simply
>> > passing data.
>> >
>> > Should I read up on SESSIONS[/color]
>>
>> Yes.
>>[color=darkred]
>> > and use those instead of POST ?[/color]
>>
>> Probably yes.
>>[/color]
>
> It's entirely dependant on the sort of data transferred between the client
> and the server. No method is a particular best practise. If a lot of the
> data transferred is intended to be persistent throughout a browsing
> session,
> you should most definitely use sessions. If each transaction deals with
> unique (ie. non-persistent) data, you probabely don't need sessions.
>[color=green][color=darkred]
>> > What are the benefits/drawbacks by switching to SESSIONS ?[/color]
>>
>> POST data can be changed by the user (even hidden fields);
>> session variables cannot.[/color]
>
> POST data is the responsibility of the client, and is only
> stored/maintained
> by the client. Session variables are never seen by the client, and their
> maintenance and storage is the responsibility of the server. There are
> performance and maintenance implications on the server-side, as storage
> and
> destruction of this data must be managed by the server.
>
> For large webservers, this may be an issue. For smaller webservers, the
> only
> real concern is the required infrastructure to support session data
> storage.
> You will have to weigh this up when deciding if sessions are appropriate.
>[color=green]
>>
>> POST data has to travel back and forth through the 'net;
>> session variables never leave the server.
>>[/color]
>
> Another consideration.
>
> Nathan
>
>[/color]