Hi guys,
I have a site where the users have to login. After the login page I would like to show the sessionid in the url. I have no clue how to do that? Would be great if anyone could tel me hwo to do that. Thanks so much in advance!
php session id in url
Moderator: General Moderators
Re: php session id in url
Try this:
But if you want this permanently, it's better to change it in php.ini itself.
Code: Select all
ini_set("session.use_cookies",0);
ini_set("session.use_trans_sid",1);-
gwolff2005
- Forum Commoner
- Posts: 68
- Joined: Sun Apr 05, 2009 10:58 am
Re: php session id in url
Hi Apollo, thanks for that. By any chance, do you know how to create a crypted ssl. I dont wanna buy a ssl certificate but afterr a login page show in the url bar a secure url like
http://www.guntmarwolff.com/index.php?908143hfru()UH3??)(jfdoisAhOdfihsad09
IS there a code/command?
Thanks ver much in advance!
http://www.guntmarwolff.com/index.php?908143hfru()UH3??)(jfdoisAhOdfihsad09
IS there a code/command?
Thanks ver much in advance!
Re: php session id in url
Uhm.. Exactly what are you trying to encrypt?
-
gwolff2005
- Forum Commoner
- Posts: 68
- Joined: Sun Apr 05, 2009 10:58 am
Re: php session id in url
ok maybe not encrypt..
I have a login page. after the people login, because I don't have a ssl certificate, they see in the url bar just the normal address (http://www.guntmarwolff.com/intro.php) I would like to change this so, after they login it creates a certain amount of numbers mixed with letters, that it is or at least look safe (http://www.guntmarwolff.com/intro.phpiu ... iUuhIUi{98? In a way that it looks like a ssl url which you get when you log onto a ssl secure site...)
I have a login page. after the people login, because I don't have a ssl certificate, they see in the url bar just the normal address (http://www.guntmarwolff.com/intro.php) I would like to change this so, after they login it creates a certain amount of numbers mixed with letters, that it is or at least look safe (http://www.guntmarwolff.com/intro.phpiu ... iUuhIUi{98? In a way that it looks like a ssl url which you get when you log onto a ssl secure site...)
Re: php session id in url
To do that, instead of using intro.php as the action for the login form, you could use yoursite.com/SoMeWeIrDLoOkInGAdDrEsS and redirect that internally with .htaccess to the actual intro.php
But that does not offer any actual protection whatsoever. One way to do it properly, is simply checking in intro.php (or whatever page you want to restrict to logged in users only) whether the user has a valid login session.
But that does not offer any actual protection whatsoever. One way to do it properly, is simply checking in intro.php (or whatever page you want to restrict to logged in users only) whether the user has a valid login session.
-
gwolff2005
- Forum Commoner
- Posts: 68
- Joined: Sun Apr 05, 2009 10:58 am
Re: php session id in url
yeah i did that. it is linked to mysql databank and no on can go on there unmless he is logged in. BUT I would liek to make it visible for the users as well, by creating a ssl url...
Re: php session id in url
There's no such thing as an SSL url, other than urls starting with https:// to specify they're using the https protocol.
But you need an SSL certificate for that.
I don't get what you mean with "make it visible to the users as well", make what visible?
If you think you gain anything by obfuscating urls, notice that people can copy unreadable urls from eachother just as well as normal urls. No real protection there at all.
But you need an SSL certificate for that.
I don't get what you mean with "make it visible to the users as well", make what visible?
If you think you gain anything by obfuscating urls, notice that people can copy unreadable urls from eachother just as well as normal urls. No real protection there at all.