In my PHP application, I used UserName & Pwd and check the user table in the database to check the validity of users. After the login is successful, I stored the credentials in the Server Session as below:
$_SESSION['username'] = $username;
$_SESSION['pwd'] = $pwd;
And I checked the session to ensure that the user has already logged in. You can see the code below:
if (empty($_SESSION['userId']))
header("Location: login.php");
The problem is if I disabled the cookie in the browser, I could not go into another page even though the log in is successful. I found out that, the PHP session uses the cookie to store some values in the browser. Is there anyway to use cookieless session in PHP5?