q: what exactly must be done on the server php side so that the session id's will propagate ONLY via cookies and NEVER via urls (server side cookies)?
iam reading this
http://si2.php.net/manual/en/ref.session.php
but my php knowhow is way to low to actually comprehend that.
(i do remember that HA was running via url sessions long time ago, what exactly was done to kill that behaviour? was that simply the board upgrade or what?)
----
php info:
PHP Version 4.3.11
session part:
session
Session Support enabled
Registered save handlers files user
Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 Off Off
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 1000 1000
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path /var/php_sessions /var/php_sessions
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid On On
Full Version: php and sessions
Maybe change session.use_only_cookies to on in php.ini?
Sebastian_Mares, allready tested that.., what is
session.cookie_path(); for?
(defaults to '/')
session.cookie_path(); for?
(defaults to '/')
I don't use PHP, but it looks to me after some brief reading that session.use_trans_sid should be off. Worth a try anyway.
http://uk2.php.net/manual/en/ref.session.p...ssion.idpassing
http://uk2.php.net/manual/en/ref.session.p...ssion.idpassing
Synthetic Soul, yes i tested that as well, wont work, seems that cookies just wont work for some unknown reason... (will write to host 
)
tnx for all the answers.
---
i do wonder about this thought:
Cookies are optimal, but because they are not always available, we also provide an alternative way
i mean, in what case cookies wont be available?
---
edit: fixed, host did a custom php.ini for my account..., not sure how/what/where was changed thought.
)tnx for all the answers.
---
i do wonder about this thought:
Cookies are optimal, but because they are not always available, we also provide an alternative way
i mean, in what case cookies wont be available?
---
edit: fixed, host did a custom php.ini for my account..., not sure how/what/where was changed thought.
QUOTE(smok3 @ Nov 30 2005, 01:37 PM)
i mean, in what case cookies wont be available?
When the user selected that he doesn't want to accept cookies for example.
sure, but thats like the only time right?
(iam still getting weird behaviour - in some cases cookies wont work, the same script will work perfectly when installed on my home server..., oh well, it is way better than my old silly portal.)
(iam still getting weird behaviour - in some cases cookies wont work, the same script will work perfectly when installed on my home server..., oh well, it is way better than my old silly portal.)
Did you ask for server restart after setting session.use_only_cookies 1 ?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.