Sessions Appear In Links Only Sometimes

**sandersans** · September 9th, 2003, 8:14 PM

I am hoping one of you knows what is going on. I can't find an explanation anywhere. Here is the deal:

Somtimes the links on my page have the session appended to them. This doesn't happen all the time. The session should only be carried through the url when the user has cookies turned off. session.use_trans_sid is set to on in surpasses php.ini which tells php to append the session id to urls when cookies are turned off.

Any ideas?

spitcircle.com

**patrickb** · September 10th, 2003, 12:22 PM

Are you trying to disable this feature or replicate it?

**sandersans** · September 10th, 2003, 1:13 PM

I am not trying to disable the feature or replicate it. Basically what is happening is effectively a bug. With session.use_trans_id on, the session should only be appended to url strings when the user has cookies turned off in their browser. The problem is that the when using a cookie enabled browser the session information is sometimes appended to the url. This should never happen since cookies are enabled in my browser.

spitcircle.com

**patrickb** · September 10th, 2003, 2:49 PM

It is quite possibly a bug. There are a few quirks with the sessions in PHP unfortunately.

Its actually more likely a bug with the browser than anything else. If for some reason the cookie is not sent by the browser, then the server will use the SID through the URL. Not sure what would cause the cookie to not be sent, but there are many factors. I think there is a limit of 6 cookies for a domain, so make sure you're not setting a bunch of other cookies as well.

If you dont mind forcing your visitors to use cookies, then insert this statement before session_start();

ini_set("session.use_only_cookies", "1");

Alternatively, turn off the session.use_trans_id

September 9th, 2003, 8:14 PM	#1 (permalink)
sandersans Surpass Fan Seasoned Poster Joined in Jun 2003 Lives in SoCal Hosted on Vega 86 posts Gave thanks: 1 Thanked 0 times	I am hoping one of you knows what is going on. I can't find an explanation anywhere. Here is the deal: Somtimes the links on my page have the session appended to them. This doesn't happen all the time. The session should only be carried through the url when the user has cookies turned off. session.use_trans_sid is set to on in surpasses php.ini which tells php to append the session id to urls when cookies are turned off. Any ideas? spitcircle.com __________________ funny, witty, thought provoking signature

September 10th, 2003, 12:22 PM	#2 (permalink)
patrickb the one who was Super #1 Joined in Jul 2003 Lives in Memphis 1,967 posts Gave thanks: 0 Thanked 3 times	Are you trying to disable this feature or replicate it? __________________ Patrick Warnings: The program(s) might crash unexpectedly or behave otherwise strangely. (But of course, so do many commercial programs on Windows.) --www.gimp.org

September 10th, 2003, 1:13 PM	#3 (permalink)
sandersans Surpass Fan Seasoned Poster Joined in Jun 2003 Lives in SoCal Hosted on Vega 86 posts Gave thanks: 1 Thanked 0 times	I am not trying to disable the feature or replicate it. Basically what is happening is effectively a bug. With session.use_trans_id on, the session should only be appended to url strings when the user has cookies turned off in their browser. The problem is that the when using a cookie enabled browser the session information is sometimes appended to the url. This should never happen since cookies are enabled in my browser. spitcircle.com __________________ funny, witty, thought provoking signature

September 10th, 2003, 2:49 PM	#4 (permalink)
patrickb the one who was Super #1 Joined in Jul 2003 Lives in Memphis 1,967 posts Gave thanks: 0 Thanked 3 times	It is quite possibly a bug. There are a few quirks with the sessions in PHP unfortunately. Its actually more likely a bug with the browser than anything else. If for some reason the cookie is not sent by the browser, then the server will use the SID through the URL. Not sure what would cause the cookie to not be sent, but there are many factors. I think there is a limit of 6 cookies for a domain, so make sure you're not setting a bunch of other cookies as well. If you dont mind forcing your visitors to use cookies, then insert this statement before session_start(); ini_set("session.use_only_cookies", "1"); Alternatively, turn off the session.use_trans_id __________________ Patrick Warnings: The program(s) might crash unexpectedly or behave otherwise strangely. (But of course, so do many commercial programs on Windows.) --www.gimp.org

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread:

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)