To view the terms under which this email is distributed, please go to http://disclaimer.leedsmet.ac.uk/email.htm On 15 November 2004 06:13, nate@xxxxxxxxxxxxxxxx wrote: > Looks like you're making it way more complicated than it > needs to be. PHP > will automatically tack on the Session ID tag to your local > url's, but only > if it needs to. There is no need to append the SID to url's manually. Not to most URLs, no, but if the SID is being passed in the URL you *must* append it to any header("Location: ...") URL. Fortunately, this, too, is easy, and the OP was making it way more complicated than it needs to be! ;) The constant SID only contains the session name and id *when it needs to* -- otherwise it's defined as the empty string. So you can unconditionally append it to URLs and get the right result: header('Location: simple2.php?'.SID); The only tidying-up you might want to do, if you're really obsessional about neatness, is suppress the '?' if SID is empty, so: header('Location: simple2.php'.SID?('?'.SID):''); I can't see any benefit in applying strip_tags() to SID, unless you're terminally paranoid -- as it's generated internally by PHP, there shouldn't be any way it can contain anything that strip_tags() would defend against. Cheers! Mike --------------------------------------------------------------------- Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning & Information Services, JG125, James Graham Building, Leeds Metropolitan University, Headingley Campus, LEEDS, LS6 3QS, United Kingdom Email: m.ford@xxxxxxxxxxxxxx Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
