Richard Lynch wrote:
Sandy Keathley wrote:
Using PHP 4.3.9, we have these settings:
session.use_cookies = 1
session.use_only_cookies = 1
session.use_trans_sid = 0
(verified by a display of phpinfo() )
with the goal of preventing URLs with session IDs appended. That
works fine, but when a page is validated by W3C, it throws an error,
and indicates that a link on the page (which contains a query string),
also contains the session ID. If I click the link, it doesn't show the
session ID, but W3C can see it.
W3C can't see anything you can't see with "View Source" in your browser.
So is the session ID there or not?...
W3C claims it is: You claim it isn't.
One of you has to be wrong. :-)
Your PHP code could easily be creating a URL with the session ID in it.
Or W3C could be incorrectly interpreting your HTML.
if you're using a decent browser, try turning OFF cookies and reloading
the same page. Then make sure that the link REALLY doesn't contain the sid
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
