PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I run the above and everytime i see "timothy" but run this over explorer 6 it shows the session as unset and a warning is presented saying "cookies blocked" what worries me is i haven't change the standard settings meaning no explorer 6 users can use my website seems a big gap of possible users
i look at any resource and they all do it this way so i am hoping i just chose a bad explorer 6 machine to test this on
well looking at it ... in the actual used script it is in capitals ... i hand written that example to show the sorta task i expected from the sessions variable which seemed simple of uses
this is my findings when running tests trying to debug the problem
Opera (linux) - works
Mozilla (linux) - works
konquerer (linux) - works
netscape -newer then my version of mozilla- (windows) - works
IE5 (windows) - works
IE6 (windows) FAILS although works on other sites
i mean the jist of the problem is that other browsers have absolutely no problem but when it comes to IE6 for some reason it has decided to block my cookies only mine as the browser has no problem with other peoples :S which is the confusing bit... what is it about my sessions that has triggered this response ... i cant seem to pass anything without triggering this type of response from IE6 my assumption was that the way i was using sessions was the problem but nobody as of yet has told me they do anything differently
the exact error in my words is "internet explorer has blocked the following cookies as the content could contain personal information and the user was not asked first"
If you have access to php.ini set session.use_trans_sid=1 (default is 0, i.e. off). That way you don't exclusively rely on cookies, the session-id will be part of the URL (i.e. $_GET).
This has the following implications:
- security: the session-id is transparent and you will need some kind of session management to handle that, i.e. log session ids in the DB and check every session id that against that table. If it doesn't exist, ask the user to sign in (if the respective page requires that level of security).
- navigation: people will be able to bookmark a page with their session-id - which you will need to validate if necessary (see point above)
Alternatively, do a cookie-test. If it fails ask the visitor to enable cookies, include a privacy statement ("No third party involved...private date....only used until you close down the browser...etc.).
Obviously, the second option is the easier, and cleaner, one.