Does removing PHPSESSID cancel out sessions?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Mr Tech
Forum Contributor
Posts: 424
Joined: Tue Aug 10, 2004 3:08 am

Does removing PHPSESSID cancel out sessions?

Post by Mr Tech »

I've been doing some searching about PHPSESSID's and search engines and it apparently isn't good for rankings. There are some methods to get rid of it such as putting the following code in your PHP file:

php_flag session.use_trans_sid off

But does that cancel out all the sessions or just PHPSESSID?

Is there a better way to get rid of PHPSESSID's with some PHP code? Or is the best thing to do is only add session_start() to pages that really need it?
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Re: Does removing PHPSESSID cancel out sessions?

Post by pickle »

I'm fairly confident setting a PHP session ID cookie has no effect on SEO. I can't imagine why any search engine would even take that into consideration.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
User avatar
Mr Tech
Forum Contributor
Posts: 424
Joined: Tue Aug 10, 2004 3:08 am

Re: Does removing PHPSESSID cancel out sessions?

Post by Mr Tech »

I think the problem is the search engines will sometimes index the URL like this:

http://www.domain.com/index.php?page=ab ... 4566677888

Because the PHPSESSID is different everytime, it stuffs the search engines around and causes duplicate content issues etc etc.

That's why I want to get rid of PHPSESSID. better safe than sorry. Is there a good way to do it?

Wordpress for example. Wouldn't it use sessions to login to its admin? It seems to get rid of it's PHPSESSID's...
User avatar
php_east
Forum Contributor
Posts: 453
Joined: Sun Feb 22, 2009 1:31 pm
Location: Far Far East.

Re: Does removing PHPSESSID cancel out sessions?

Post by php_east »

Mr Tech wrote: I've been doing some searching about PHPSESSID's and search engines and it apparently isn't good for rankings. There are some methods to get rid of it such as putting the following code in your PHP file:

php_flag session.use_trans_sid off

But does that cancel out all the sessions or just PHPSESSID?

Is there a better way to get rid of PHPSESSID's with some PHP code? Or is the best thing to do is only add session_start() to pages that really need it?
from the PHP manual,


Passing the Session ID
There are two methods to propagate a session id:

Cookies
URL parameter

The session module supports both methods. Cookies are optimal, but because they are not always available, we also provide an alternative way. The second method embeds the session id directly into URLs.

PHP is capable of transforming links transparently. Unless you are using PHP 4.2 or later, you need to enable it manually when building PHP. Under Unix, pass --enable-trans-sid to configure. If this build option and the run-time option session.use_trans_sid are enabled, relative URIs will be changed to contain the session id automatically.

Note: The arg_separator.output php.ini directive allows to customize the argument seperator. For full XHTML conformance, specify & there.

Alternatively, you can use the constant SID which is defined if the session started. If the client did not send an appropriate session cookie, it has the form session_name=session_id. Otherwise, it expands to an empty string. Thus, you can embed it unconditionally into URLs.


thus, if a cookie was sent, SID is blank. very useful.

so, no it does not cancel out the session, but the particluar application would be messed up if they rely on this get mechanism to obtain session id. if not, you're fine, as the cookies will do the magic.

and session start should be start of session of the user on your site, regardless of the page
IMHO .
User avatar
Mr Tech
Forum Contributor
Posts: 424
Joined: Tue Aug 10, 2004 3:08 am

Re: Does removing PHPSESSID cancel out sessions?

Post by Mr Tech »

Do you think worrying about people having cookies disabled is not worth my while? Will cookies do the trick?
User avatar
php_east
Forum Contributor
Posts: 453
Joined: Sun Feb 22, 2009 1:31 pm
Location: Far Far East.

Re: Does removing PHPSESSID cancel out sessions?

Post by php_east »

nope, no worries, php takes care of that as per the above extract of php manual.
Post Reply