PHPSESSID
Moderator: General Moderators
PHPSESSID
hi, for some reason my links sometimes have something like
&PHPSESSID=722ea5c328f0384286073b7bc949d7ab
in them, could anyone please help with why and how to prevent it from showing?
thanks, any help appriciated.
&PHPSESSID=722ea5c328f0384286073b7bc949d7ab
in them, could anyone please help with why and how to prevent it from showing?
thanks, any help appriciated.
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
You need to read up on PHP session 
In PHP, each session is referenced by an id. This id can be propagated from page to page either by appending it to the uri (as you have seen) or by storing it to a cookie (preferred).
There are a few PHP setting to can use to force cookie use: for example
Read the manual for more info...
In PHP, each session is referenced by an id. This id can be propagated from page to page either by appending it to the uri (as you have seen) or by storing it to a cookie (preferred).
There are a few PHP setting to can use to force cookie use: for example
Code: Select all
ini_set('session.use_trans_sid','0');
ini_set('session.use_only_cookies', '1');- shiznatix
- DevNet Master
- Posts: 2745
- Joined: Tue Dec 28, 2004 5:57 pm
- Location: Tallinn, Estonia
- Contact:
perdy much. there is always the posibility for someone to hijack a session, example being i somehow figure out someone elses session id when they are logged and then change the numbers and stuff and that would allow them to be the other person. but this is not that easy to do and if your not some major website with a trillian visitors then you should not have any problems
Hello,
Are you using full path links or are you just calling them by page title?
If you are using this technique:
Try using the full path:
See if that helps,
Gypsy
Are you using full path links or are you just calling them by page title?
If you are using this technique:
Code: Select all
print "<a href=\"page.php\">Click Here</a>";Code: Select all
print "<a href=\"http://www.domainname.com/page.php\">Click Here</a>";Gypsy
ive tried using these:
but they didnt appear to get rid of the sessid from the url.
what gypsy suggested works but i was just wondering if there was a way of making it work without using the full path url.
thanks in advance.
Code: Select all
ini_set('session.use_trans_sid','0');
ini_set('session.use_cookies','1');
ini_set('session.use_only_cookies', '1');what gypsy suggested works but i was just wondering if there was a way of making it work without using the full path url.
thanks in advance.
using
seems to have fixed it.
Code: Select all
ini_set('url_rewriter.tags', '');