SOMETIMES, my SID gets embedded in the URL

Expand Post »

The problem is that SOMETIMES, my SID gets embedded in the URL,
although at the begining of every page I have this code:

ini_set('session.use_only_cookies', "1");
session_set_cookie_params(60*60);
session_start();
session_register("blabla");
if (!$_SESSION["logged_in"])
session_destroy();
etc, etc;

So there are days/times when the SID isn't embedded in the URL (and in
the links of the page), and days/times when it is, regardless of what
value $_SESSION["logged_in"] has.
I tested the value returned by ini_set and it's always different from
false.
What gives ???
Stranger is the fact that phpinfo() says session.use_only_cookies is on !

Another thing: I'm losing my session when redirecting to a relative
url, although session.use_trans_sid is on in php.ini!, shouldn't
session.use_trans_sid take care of that, embedding SID's into urls
when they are relative urls ?

Similar Threads

imWl2X.exe? virus? in Windows NT / 2000 / XP
Saving postscript in OSX (Panther) in Mac OS X
CPU help in Motherboards, CPUs and RAM
Installing Forte for Java 4 on Linux in Linux Applications and Software

ubik

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

2 posts
since Oct 2004

Permalink

Oct 11th, 2004

Re: SOMETIMES, my SID gets embedded in the URL

I tried ini_set('session.use-trans-sid', 0). Right after I made the change, the sid was gone, urls didn't contain it anymore, BUT, the next day, today, when I accessed the site from my office (another computer), the SID is there again!

And this is exactly like when I first added ini_set('session.use_only_cookies', "1") : before the addition the sid was sometimes there, after the addition it wasn't. Few days later it was there again.
Then I added ini_set('session.use-trans-sid', 0) and it was ok, today it's not.
Don't know what to believe anymore...

The strange thing is, phpinfo() says session.use_only_cookies is ON and session.use_trans_sid likewise.
So if session.use_trans_sid is on, why do I lose my session after redirecting to a relative url ? The docs say that "relative URIs will be changed to contain the session id automatically".

Also when I access the forums on my site (IPB), the sid isn't embedded.

So my question is: if session.use_only_cookies is ON, why on earth is the sid present in the url ?
PS: php is version 4.3.8.

ubik

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

2 posts
since Oct 2004

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in PHP Forum Timeline: phpBB 2.2 CVS Files

Next Thread in PHP Forum Timeline: phpBB 2.1.2 Demo Board

DaniWeb Message

Cancel Changes

User Name
Password