Page 1 of 1

PHP5 sessions show set-cookie in headers

Posted: Sun Nov 04, 2007 11:11 am
by ripmg
I'm using PHP5 and use sessions in my web. I have recently seen that there is a header "Set-Cookie" when using web-sniffer.net . When I disable cookies in Firefox, the sessions no longer work. I thought that if I used sessions, my site would be usable even if cookies were disabled in the client's browser. Am I mistaken ?

Posted: Sun Nov 04, 2007 11:40 am
by John Cartwright
In your php.ini,

Code: Select all

session.use_cookies = 1 
session.use_trans_sid = 1
Basically this will check if the user can accept cookies, if not it will append the sid into the url.

Posted: Sun Nov 04, 2007 12:04 pm
by ripmg
It doesn't seem to work.

Here is my current php.ini :
expose_php = off
short_open_tag = off
session.name = ASPSESSIONID
mailparse.def_charset = UTF-8
sendmail_from = xxx@xxx.xxx
register_globals = off
session.hash_function = 1
asp_tags = off
allow_url_fopen = 0
session.use_cookies = 1
session.use_trans_sid = 1
I'm also using PHP5 with CGI and Zend Engine.

My searched my markup and show nothing with the work "cookie" in it.

Posted: Sun Nov 04, 2007 12:10 pm
by John Cartwright
Did you restart apache after editing your php.ini?

Posted: Sun Nov 04, 2007 12:37 pm
by ripmg
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


I have shared hosting so I cannot restart the engine but the changes you suggested are modified when checking with phpinfo();

My web still shows the "Set-Cookie" header and the site does not work if cookies are disabled in the browser.

This is my .htaccess file:

[syntax="apache"]AddType application/x-httpd-php5 .html .css .abc .xml .txt
AddHandler application/x-httpd-php5 .html .css .abc .xml .txt

ErrorDocument 403 /404.html
ErrorDocument 404 /404.html

<Files ~ "^[^\.]+$">
ForceType application/x-httpd-php5
SetHandler application/x-httpd-php5
</Files>

<Files ~ "\.(dat|htalock|inc|php|htaccess|ini|htpasswd)$">
order allow,deny
deny from all
</Files>

<LimitExcept POST GET>
Require valid-user
</LimitExcept>

feyd | Please use[/syntax]

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]