On Thu, 17 Aug 2006 14:26:17 +1000 Chris <dmagick@xxxxxxxxx> wrote: > Michael B Allen wrote: > > On Thu, 17 Aug 2006 12:06:08 +1000 > > Chris <dmagick@xxxxxxxxx> wrote: > > > >> Michael B Allen wrote: > >>> Searching through the logs and browsing my site (see sig) I sometimes see > >>> PHPSESSID is used as opposed to cookies. I know it's not simply that the > >>> client doesn't support cookies because I can see the same IP transition > >>> to and from using PHPSESSID. Can someone explain why this is happening? > >> Is session.use_trans_sid switched on? > > > > Yes. It is. After reading about it I can't quite see what benifit it > > provides. Should I just turn it off? > > It depends on your site. > > If you do something like this for a search: > <snip> > > I could send someone a url with the sessionid on the end of it, and it > won't have to do the bit in the middle, it will be able to jump right to > the end (the foreach loop). I'm not doing anything like that. Sessions are only used to prevent duplicate form invokations. But my boilerplate code calls session_start for all .php pages. I suppose I should be more selective to make things a little more efficient. But I'm still confuse. Why aren't cookies alone sufficient to satisfy the session code? Is PHPSESSID used because of some kind of transition from a PHP page that calls session_start to a page that does not? Does session.use_trans_sid simply enable the PHPSESSID in URLs or does it have a deeper semantic? The URLs for the tabs my site are not dynamically generated and yet they're being rewritten. Is that PHP or Apache doing that? Mike -- Michael B Allen PHP Active Directory SSO http://www.ioplex.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
