Page 1 of 1

Should I use session.use_trans_sid? Please post quick vote.

Posted: Thu May 08, 2008 8:25 pm
by johnsmith153
Should I use session.use_trans_sid?

Please vote. Any comments would be great also.

session.use_trans_sid sends the sessionid in the url if cookies are not enabled on the browser.

If session.use_trans_sid is set to off, as far as I am aware people who have disabled cookies will not be able to log in on my site. Log in is very important to my site and 98% of users will be loggin in.

Re: Should I use session.use_trans_sid? Please post quick vote.

Posted: Fri May 09, 2008 5:28 pm
by flying_circus
If sessions and security are important, why not run a check to see if the user has cookies enabled? If cookies are not enabled, redirect to an error page with an explanation of why it is vital that your site uses cookies to protect the users identity? Once the user has enabled cookies they should be able to proceed to the secure parts of your site.

I am actually curious about what other people have to say, but I believe for the most part that the greater majority of people have cookies enabled and it shouldnt be much of a problem.

I'm voting 1.