How to avoid passing session id through url

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
mak
Forum Newbie
Posts: 5
Joined: Tue Feb 10, 2004 12:41 am
Contact:

How to avoid passing session id through url

Post by mak »

hi all
i am facing with the problem regarding to the session id
i used a session_start(); in my page and when the page loads first time when i clicked any of the link on the page it generates a session id in the url how to avoid to stop generating/passing this session id through url
please
bye
mak
User avatar
Michael 01
Forum Commoner
Posts: 87
Joined: Wed Feb 04, 2004 12:26 am

Post by Michael 01 »

Do you have any of the session variables in your links, or defined as such in your settings?

Code: Select all

IE. http://www.eatcheetos.com/factory.php?session=$sessionhash
mak
Forum Newbie
Posts: 5
Joined: Tue Feb 10, 2004 12:41 am
Contact:

Post by mak »

no not as such i don't have any session variable in that url
session id is automatically get attached to the url
mahara
Forum Commoner
Posts: 37
Joined: Wed Nov 13, 2002 1:08 am
Location: Bandung, Jawa Barat, Indonesia

Post by mahara »

Are annoying with the generated session id? The reason of why it keeps on being generated may be caused by cookie setting in your browser. Please check whether cookie is enabled. PHP session uses two ways in implementing session for the client. First, it tries to use cookie (session id it's stored within it), if it's disabled however it will pass the session id through url.

Hope helps.
Last edited by mahara on Tue Feb 10, 2004 1:24 am, edited 1 time in total.
mahara
Forum Commoner
Posts: 37
Joined: Wed Nov 13, 2002 1:08 am
Location: Bandung, Jawa Barat, Indonesia

Post by mahara »

Are you annoying with the generated session id? The reason of why it keeps on being generated may be caused by cookie setting in your browser. Please check whether cookie is enabled. PHP session uses two ways in implementing session for the client. First, it tries to use cookie (session id is stored within it), if it's disabled however it will pass the session id through url.

Hope helps.
Last edited by mahara on Tue Feb 10, 2004 1:53 am, edited 2 times in total.
mak
Forum Newbie
Posts: 5
Joined: Tue Feb 10, 2004 12:41 am
Contact:

Post by mak »

hi mahara thanks for suggetion where is the settings to enable the cookies?
User avatar
Michael 01
Forum Commoner
Posts: 87
Joined: Wed Feb 04, 2004 12:26 am

Post by Michael 01 »

mahara wrote:Are annoying with the generated session id? The reason of why it keeps on being generated may be caused by cookie setting in your browser. Please check whether cookie is enabled. PHP session uses two ways in implementing session for the client. First, it tries to use cookie (session id it's stored within it), if it's disabled however it will pass the session id through url.

Hope helps.
That be it. I read up on the settings, and it amazes me how much they changed the session settings/defaults as of late.
mahara
Forum Commoner
Posts: 37
Joined: Wed Nov 13, 2002 1:08 am
Location: Bandung, Jawa Barat, Indonesia

Post by mahara »

Generally, for whatever browser you use, you can change the settings in options page. In Internet Explorer, click Tools, Internet Options, then tabs in Privacy, click Advanced... (Advanced Privacy Settings), click the checkbox of "Override automatic cookie handling", then enabled any of parties-cookies and check "Always allow user session cookie", click OK for the rest.
In Netscape you can find the settings in preferences page, then click at privacy and cookie setting. Make sure cookies are enabled then.

Hope helps.
mak
Forum Newbie
Posts: 5
Joined: Tue Feb 10, 2004 12:41 am
Contact:

Post by mak »

hi mahara can you see the following link in your browser and keep cursor on any of the hyperlink in the browser then
let me know would you able to see the session id in the url or not please

http://www.tridentindia.net/finance/test.php

regards
mak
mahara
Forum Commoner
Posts: 37
Joined: Wed Nov 13, 2002 1:08 am
Location: Bandung, Jawa Barat, Indonesia

Post by mahara »

For first time, it shows the session id but for the rest I'm not about finding it again. I use Internet Exlorer 6 Service Pack 1. What about you?
mak
Forum Newbie
Posts: 5
Joined: Tue Feb 10, 2004 12:41 am
Contact:

Post by mak »

As i am using IE-5 but did your cookies are enabled or what?
If enabled then i think it is not the problem of cookies and browser it is the problem with server what do u think?
And what would be the solution for this?
Regards
mak
mahara
Forum Commoner
Posts: 37
Joined: Wed Nov 13, 2002 1:08 am
Location: Bandung, Jawa Barat, Indonesia

Post by mahara »

I have done the second try to your site and it works still the same for me.

I suggest you that solution because I've encountered thing like that before. Because that doesn't work for you, try opening again the privacy settings and see if there's a website section, click edit and see whether your site you mentioned before are blocked.

If it doesn't work for you, I think you should consider upgrading your browser to IE 6 SP 1 or install any browser like Netscape 7.1.

Hope helps.
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

check the settings in you php.ini file.

WHat are the seetigns for the following?

session.use_cookies
session.save_path

Mark
mahara
Forum Commoner
Posts: 37
Joined: Wed Nov 13, 2002 1:08 am
Location: Bandung, Jawa Barat, Indonesia

Post by mahara »

Bech100 wrote: WHat are the seetigns for the following?

session.use_cookies
session.save_path
I don't think that's the problem because it works for me (you check up the following url). But you can try first whether those settings work or not.
mak wrote: let me know would you able to see the session id in the url or not please

http://www.tridentindia.net/finance/test.php
Post Reply