Session URL propagation

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Session URL propagation

Post by alex.barylski »

I can't seem to get URL propagation working in PHP on Windows XP with cookies off...

I've checked my session config settings and use_cookies_only or whatever is OFF...

And still when I refresh the page and hover over a link...that link isn't containing my session ID????

Anyone have any ideas???

Doesn't work in FF wither :)

p.s-Can't figure it out in less than an hour...I'm gonna just roll my own using the same technique as builtin sessions....booooooooooooo :(

Cheers :)
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

is trans_sid on?
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

feyd wrote:is trans_sid on?
Edit: No it isn't...can I change that runtime using ini_set()???

I dunno...I'll take a peak :)
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

Dude.....

You are beautiful...you know that? :P

That was it...

Jesus...I hate that...I spent about 4 hours trying to get that B$ to work...

Thank you kindly :)

Just to recap...what settings should I set to ensure that COOKIES are tried first, but URL propagation should be tried secondly???

Cheers ;)
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

Also...

I don't suppose anyone can tell me if using URL propagation for sessions if it's possible to also session_regenerate_id() to prevent fixation attacks is possible???

I can't seem to get that to work now :(

Cheers :)
Post Reply