Mobile phone problem: Sessions not saved (no cookies?)

[eluser]Leon Stafford[/eluser]
Hi,

I need help getting my sessions saved in the db instead of cookies as I think it currently is.

I'm using FreakAuthLight for authentication and have a couple of pages which need to be logged in from some Japanese mobile phone platforms (special, crappy, limited browsers).

A quick search brought up OBsession, which hasn't been updated for a year.

Is it still the best alternative? Should it have any problems working with FAL? Am I totally wrong and there is an easier way around this???

Cheers,

Leon

[eluser]simonmaddox[/eluser]
For mobiles, the best way to store persistent session data is to store a session id in the URL. We're using modified routing to build URL's like this:

http://domain.com/lsdkw5erddfh/some/page/here/

"lsdkw5erddfh" relates to a session in the database, where we store all of the data we need to about the user.

We don't use it for authentication, so you'd have to figure out how to prevent session hijacking better than we have...

[eluser]Leon Stafford[/eluser]
[quote author="simonmaddox" date="1239803930"]For mobiles, the best way to store persistent session data is to store a session id in the URL. We're using modified routing to build URL's like this:

http://domain.com/lsdkw5erddfh/some/page/here/

"lsdkw5erddfh" relates to a session in the database, where we store all of the data we need to about the user.

We don't use it for authentication, so you'd have to figure out how to prevent session hijacking better than we have...[/quote]

Hi Simon,

Thanks for your help. I think that way seems very practical.

I ran out of time and the mobile pages aren't doing anything dangerous, so they get .htaccess protection for now

Cheers,

Leon