954,170 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Have something to say? Contribute New Article Reply to this Article
7 Years Ago
0

SOMETIMES, my SID gets embedded in the URL

The problem is that SOMETIMES, my SID gets embedded in the URL,
although at the begining of every page I have this code:

ini_set('session.use_only_cookies', "1");
session_set_cookie_params(60*60);
session_start();
session_register("blabla");
if (!$_SESSION["logged_in"])
session_destroy();
etc, etc;

So there are days/times when the SID isn't embedded in the URL (and in
the links of the page), and days/times when it is, regardless of what
value $_SESSION["logged_in"] has.
I tested the value returned by ini_set and it's always different from
false.
What gives ???
Stranger is the fact that phpinfo() says session.use_only_cookies is on !

Another thing: I'm losing my session when redirecting to a relative
url, although session.use_trans_sid is on in php.ini!, shouldn't
session.use_trans_sid take care of that, embedding SID's into urls
when they are relative urls ?

ubik
Newbie Poster
2 posts since Oct 2004
Reputation Points: 10
Solved Threads: 0
 
7 Years Ago
0

I tried ini_set('session.use-trans-sid', 0). Right after I made the change, the sid was gone, urls didn't contain it anymore, BUT, the next day, today, when I accessed the site from my office (another computer), the SID is there again!

And this is exactly like when I first added ini_set('session.use_only_cookies', "1") : before the addition the sid was sometimes there, after the addition it wasn't. Few days later it was there again.
Then I added ini_set('session.use-trans-sid', 0) and it was ok, today it's not.
Don't know what to believe anymore...

The strange thing is, phpinfo() says session.use_only_cookies is ON and session.use_trans_sid likewise.
So if session.use_trans_sid is on, why do I lose my session after redirecting to a relative url ? The docs say that "relative URIs will be changed to contain the session id automatically".

Also when I access the forums on my site (IPB), the sid isn't embedded.

So my question is: if session.use_only_cookies is ON, why on earth is the sid present in the url ?
PS: php is version 4.3.8.

ubik
Newbie Poster
2 posts since Oct 2004
Reputation Points: 10
Solved Threads: 0
 

This article has been dead for over three months

Post: Markdown Syntax: Formatting Help
You
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed