Hi,
When does PHP try to put Session ID onto the links? Cos my website is doing that at the moment, and I don't know why?
PHP inserting Session ID
Moderator: General Moderators
- hob_goblin
- Forum Regular
- Posts: 978
- Joined: Sun Apr 28, 2002 9:53 pm
- Contact:
It's a setting in your php.ini -- if you're worrying about validation, try putting the full url in, it seems to work:
a href="something.php" // will probably get tagged
a href="http://www.something.com/something.php" // probably won't.
or you could mess around with the session settings in php.ini
a href="something.php" // will probably get tagged
a href="http://www.something.com/something.php" // probably won't.
or you could mess around with the session settings in php.ini
MMmmmm, it odd, I made my own session handling script (using mysql db) and since then it looks like it adding the id... Any idea here's the code I'm using for the session mangement.
I include the this script on every page I'm using sessions.
Code: Select all
<?php
session_module_name("user");
include("library/config.php"); //Include MySQL details
function session_db() {
return("ticktaku");
}
function session_table() {
return("session");
}
function session_open($path,$name) {
mysql_pconnect("localhost","ticktaku","w185943e");
return(true);
}
function session_close() {
return(true);
}
function session_read($id) {
$connect = @mysql_select_db(session_db());
if(!$connect) {
return(false);
}
$sql = "SELECT * FROM ".session_table()." WHERE id = '$id'";
$result = @mysql_query($sql);
if(!$result) {
return false;
}
$num = mysql_num_rows($result);
if($num != 0) {
$row = mysql_fetch_array($result);
return($rowї'data']);
} else {
return("");
}
}
function session_write($id,$data) {
$connect = @mysql_select_db(session_db());
if(!$connect) {
return(false);
}
unset($connect);
$sql = "UPDATE ".session_table()." SET data = '".addslashes($data)."'";
if(isset($_SERVERї'PHP_AUTH_USER'])) {
$sql .= ", user = '".addslashes($_SERVERї'HTTP_AUTH_USER'])."'";
}
$sql .= "WHERE id = '$id'";
$result = mysql_query($sql);
if(!$result) {
return false;
}
$affected = mysql_affected_rows($result);
if(mysql_affected_rows() != 0) {
return(true);
}
$sql = "INSERT ".session_table()." SET data = '".addslashes($data)."', id = '$id'";
$result = mysql_query($sql);
if(!$result) {
return false;
} else {
return(true);
}
}
function session_remove($id) {
$connect = @mysql_select_db(session_db());
if(!$connect) {
return(false);
}
unset($connect);
$sql = "DELETE ".session_table()." WHERE id = '$id'";
$result = mysql_query($sql);
if(!$result) {
return(false);
} else {
return(true);
}
}
function session_gc($life) {
$connect = @mysql_select_db(session_db());
if(!$connect) {
return(false);
}
$sql = "DELETE ".session_table()." WHERE time < '".date("YmdHis",time() - $life)."'";
$result = mysql_query($sql);
if(!$result) {
return(false);
} else {
return(true);
}
}
session_set_save_handler("session_open", "session_close", "session_read", "session_write", "session_remove", "session_gc");
?>