Re: SOMETIMES, my SID gets embedded in the URL ???

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I tried ini_set('session.use_only_cookies', "1").
I also tried ini_set('session.use-trans-sid', 0). Right after I made the
change, the sid was gone, urls didn't contain it anymore, BUT, the next
day, today, when I accessed the site from my office (another computer),
the SID is there again!

And this is exactly like when I first added
ini_set('session.use_only_cookies', "1") : before the addition the sid was
sometimes there, after the addition it wasn't. Few days later it was there
again.
Then I added ini_set('session.use-trans-sid', 0) and it was ok, today it's
not.
Don't know what to believe anymore...

The strange thing is, phpinfo() says session.use_only_cookies is ON and
session.use_trans_sid likewise.
So if session.use_trans_sid is on, why do I lose my session after
redirecting to a relative url ? The docs say that "relative URIs will be
changed to contain the session id automatically".

Also when I access the forums on my site (IPB), the sid isn't embedded. 

So my question is: if session.use_only_cookies is ON, why on earth is the
sid present in the url ?
PS: php is version 4.3.8.


Marek Kilimajer wrote:

> PHPDiscuss - PHP Newsgroups and mailing lists wrote:
> > he problem is that SOMETIMES, my SID gets embedded in the URL, although at
> > the begining of every page I have this code:
> > 
> > ini_set(session.use_only_cookies, "1");

> The above sets sessionuse_only_cookies to 1. I did not miss a dot, 
> session and use_only_cookies are interpreted as constants. You need quotes:

> ini_set('session.use_only_cookies', "1");

> > session_set_cookie_params(60*60); 
> > session_start();
> > session_register("blabla");
> > if (!$_SESSION["logged_in"])
> > session_destroy();
> > etc, etc; 
> > 
> > So there are days/times when the SID isn't embedded in the URL (and in the
> > links of the page), and days/times when it is, regardless of what value
> > $_SESSION["logged_in"] has.
> > I tested the value returned by ini_set and it's always different from
> > false.
> > What gives ???
> >

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux