Sigh, phpsessid appearing in urls and breaking pages

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
freefall
Forum Commoner
Posts: 48
Joined: Sun Jun 18, 2006 3:55 am

Sigh, phpsessid appearing in urls and breaking pages

Post by freefall »

I'm building a cms and I've noticed 2 things.

a) phpsessid keeps appearing in urls
b) quite often links to new pages bring up blank pages until I hit ctrl-f5 (no its not my browser settings).

I am totally at a loss to whats going on. I have tried everything I can to remove the phpsessid from appearing but to no avail.

I am utterly bemused. Any help would be greatly appreciated.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

try setting session.use_trans_sid=off in your php.ini
freefall
Forum Commoner
Posts: 48
Joined: Sun Jun 18, 2006 3:55 am

Post by freefall »

cant do that

I actually fixed it by setting it in the .htaccess file.

Crazy.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

What did you do to fix this using .htaccess? From what I understand about PHP sessions, they first try to store a cookie and then write serialized session data to the host. If that doesn't work, PHP appends the URL with the session id as a way of grabbing information from GET instead of COOKIE. Blank pages suggest syntax errors in the code and display errors set to off. Maybe a headers already sent notice or something like that is triggering your blank pages.
freefall
Forum Commoner
Posts: 48
Joined: Sun Jun 18, 2006 3:55 am

Post by freefall »

I added this to the .htaccess file

Code: Select all

<IfModule mod_php4.c>
php_value session.use_only_cookies 1
php_value session.use_trans_sid 0 
</IfModule>
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

phpsessid is stored in the URL when a user agent doesn't support cookies...you have no control over that

I can't see how having that ID propagated across your web site through your URL would cause any problems...except that maybe your experiencing a caching issue because of previously clean URL's then dirtied with PHPSESSID...

I need more details ;)
User avatar
aaronhall
DevNet Resident
Posts: 1040
Joined: Tue Aug 13, 2002 5:10 pm
Location: Back in Phoenix, missing the microbrews
Contact:

Post by aaronhall »

Hockey wrote:phpsessid is stored in the URL when a user agent doesn't support cookies...you have no control over that
The server doesn't know whether or not the client supports cookies (because it isn't told). It can only print the "add cookie" header to the output buffer and hope that the client understands what it means. PHP doesn't not decide whether or not to use a transparent SID -- the setting is in php.ini under session.use_trans_sid.

Anyway, use_trans_sid has security issues -- try not to use it.
freefall
Forum Commoner
Posts: 48
Joined: Sun Jun 18, 2006 3:55 am

Post by freefall »

yeah, anothr good reason to do what I've done
Post Reply