Using sessions when all cookies are blocked by browser?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
flycast
Forum Commoner
Posts: 37
Joined: Wed Jun 01, 2005 7:33 pm

Using sessions when all cookies are blocked by browser?

Post by flycast »

I am checking to see if a customer is from a certain state. If they hit the index page the I have a script that checks for either a cookie or a session variable called state. If there is not one then they are redirected to a page called entry.php. At entry.php they select a state in a form and the form submits to the same page (entry.php). Entry.php checks to see if there is a state set using $_REQUEST['State'] and if there is sets a cookie and goes to the original page requested.

It works when I have cookies enabled but does not it I deny all cookies or deny the session cookie. My functions.php has "session_start()" at the top but that seems to reset the session id every time any page that calls it is executed.

How do I use sessions when all cookies are blocked?
flycast
Forum Commoner
Posts: 37
Joined: Wed Jun 01, 2005 7:33 pm

Post by flycast »

Oops!
My session settings are:

session.auto_start Off
session.use_cookies On
session.use_only_cookies Off
session.use_trans_sid Off
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Sessions should default to using URI passed session ids when cookies are not available. What are you session settings in php.ini?
flycast
Forum Commoner
Posts: 37
Joined: Wed Jun 01, 2005 7:33 pm

Post by flycast »

Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path /home/2106/data/tmp /tmp
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid Off Off
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

In a nutshell, if cookies are disabled, your going to have to pass the Session ID in the URL for every page request.
flycast
Forum Commoner
Posts: 37
Joined: Wed Jun 01, 2005 7:33 pm

Post by flycast »

Is that because even with transparent session id's enabled that the browser still has to set a cookie to keep track of the session?
Post Reply