look at this inside the PHP.INI ; trans sid support is disabled by default. ; Use of trans sid may risk your users security. ; Use this option with caution. ; - User may send URL contains active session ID ; to other person via. email/irc/etc. ; - URL that contains active session ID may be stored ; in publically accessible computer. ; - User may access your site with the same session ID ; always using URL stored in browser's history or bookmarks. session.use_trans_sid = 0 vincent -----Original Message----- From: blackwater dev [mailto:blackwaterdev@xxxxxxxxx] Sent: Thu 30/11/2006 14:42 To: php-general@xxxxxxxxxxxxx Subject: turning use session cookies off still uses cookies? I asked a similar question the other day but I have been having an issue lately with my sessions and certain browsers. I then tried to set my session.use_cookies var in php.ini to 0 yet if I log in and don't have cookies turned on, the sessions still don't seem to work. Can I really use sessions without using cookies? Below is my code and sessions settings. If I can use sessions without cookies, seems like that would solve the issue of people having cookies turned on. Thanks, //this is from the login routine if ($this->db->getField('user_id')){ session_start(); $_SESSION['user']['user_id']=$this->db->getField('user_id'); $_SESSION['user']['email']=$this->db->getField('email'); return true; } <? //only show if they are logged in if (isset($_SESSION['user']['user_id']) && !$_REQUEST['mlsid']){ //show something } ?> Session Support enabled Registered save handlers files user Registered serializer handlers php php_binary wddx DirectiveLocal ValueMaster Value session.auto_startOffOff session.bug_compat_42OffOff session.bug_compat_warnOnOn session.cache_expire 180180 session.cache_limiternocachenocache session.cookie_domain*no value**no value* session.cookie_lifetime00 session.cookie_path// session.cookie_secure OffOff session.entropy_file*no value**no value* session.entropy_length00 session.gc_divisor10001000 session.gc_maxlifetime14401440 session.gc_probability11 session.hash_bits_per_character55 session.hash_function00 session.namePHPSESSIDPHPSESSID session.referer_check *no value**no value* session.save_handlerfilesfiles session.save_path /var/lib/php/session/var/lib/php/session session.serialize_handlerphpphp session.use_cookiesOffOff session.use_only_cookiesOffOff session.use_trans_sid00 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php