Using PHP 4.3.9, we have these settings: session.use_cookies = 1 session.use_only_cookies = 1 session.use_trans_sid = 0 (verified by a display of phpinfo() ) with the goal of preventing URLs with session IDs appended. That works fine, but when a page is validated by W3C, it throws an error, and indicates that a link on the page (which contains a query string), also contains the session ID. If I click the link, it doesn't show the session ID, but W3C can see it. Any ideas appreciated. Sandy Keathley -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
