Page 1 of 1
PHP inserting Session ID
Posted: Sun Oct 20, 2002 2:18 pm
by Takuma
Hi,
When does PHP try to put Session ID onto the links? Cos my website is doing that at the moment, and I don't know why?
Posted: Sun Oct 20, 2002 2:20 pm
by hob_goblin
It's a setting in your php.ini -- if you're worrying about validation, try putting the full url in, it seems to work:
a href="something.php" // will probably get tagged
a href="
http://www.something.com/something.php" // probably won't.
or you could mess around with the session settings in php.ini
Posted: Sun Oct 20, 2002 2:25 pm
by Takuma
MMmmmm, it odd, I made my own session handling script (using mysql db) and since then it looks like it adding the id... Any idea here's the code I'm using for the session mangement.
Code: Select all
<?php
session_module_name("user");
include("library/config.php"); //Include MySQL details
function session_db() {
return("ticktaku");
}
function session_table() {
return("session");
}
function session_open($path,$name) {
mysql_pconnect("localhost","ticktaku","w185943e");
return(true);
}
function session_close() {
return(true);
}
function session_read($id) {
$connect = @mysql_select_db(session_db());
if(!$connect) {
return(false);
}
$sql = "SELECT * FROM ".session_table()." WHERE id = '$id'";
$result = @mysql_query($sql);
if(!$result) {
return false;
}
$num = mysql_num_rows($result);
if($num != 0) {
$row = mysql_fetch_array($result);
return($rowї'data']);
} else {
return("");
}
}
function session_write($id,$data) {
$connect = @mysql_select_db(session_db());
if(!$connect) {
return(false);
}
unset($connect);
$sql = "UPDATE ".session_table()." SET data = '".addslashes($data)."'";
if(isset($_SERVERї'PHP_AUTH_USER'])) {
$sql .= ", user = '".addslashes($_SERVERї'HTTP_AUTH_USER'])."'";
}
$sql .= "WHERE id = '$id'";
$result = mysql_query($sql);
if(!$result) {
return false;
}
$affected = mysql_affected_rows($result);
if(mysql_affected_rows() != 0) {
return(true);
}
$sql = "INSERT ".session_table()." SET data = '".addslashes($data)."', id = '$id'";
$result = mysql_query($sql);
if(!$result) {
return false;
} else {
return(true);
}
}
function session_remove($id) {
$connect = @mysql_select_db(session_db());
if(!$connect) {
return(false);
}
unset($connect);
$sql = "DELETE ".session_table()." WHERE id = '$id'";
$result = mysql_query($sql);
if(!$result) {
return(false);
} else {
return(true);
}
}
function session_gc($life) {
$connect = @mysql_select_db(session_db());
if(!$connect) {
return(false);
}
$sql = "DELETE ".session_table()." WHERE time < '".date("YmdHis",time() - $life)."'";
$result = mysql_query($sql);
if(!$result) {
return(false);
} else {
return(true);
}
}
session_set_save_handler("session_open", "session_close", "session_read", "session_write", "session_remove", "session_gc");
?>
I include the this script on every page I'm using sessions.