another question about session.

joyce posted this at 05:08 — 22nd August 2002.

Joined: Nov 2001

hi, i'm using the $SID to pass around the session..
eg. http://www.abc.com?$SID

i understand tat i have to enabled session.use_trans_sid in order to use $SID.

everything works fine, until i upload my files into the server. values for $SID gone. i check the phpinfo and the session.use_trans_sid = 1, means it's enabled. wat is wrong?? is there anything to do with session.auto.start because it is set to 0 in the server.

pls help...

Mark Hensler posted this at 06:11 — 22nd August 2002.

He has: 4,048 posts

Joined: Aug 2000

from the manual: http://www.php.net/manual/en/ref.session.php

Quote: session.use_trans_sid whether transparent sid support is enabled or not. Defaults to 0 (disabled).

Quote:
There are two methods to propagate a session id:

o Cookies
o URL parameter

The session module supports both methods. Cookies are optimal, but since they are not reliable (clients are not bound to accept them), we cannot rely on them. The second method embeds the session id directly into URLs.

PHP is capable of doing this transparently when compiled with --enable-trans-sid. If you enable this option, relative URIs will be changed to contain the session id automatically. Alternatively, you can use the constant SID which is defined, if the client did not send the appropriate cookie. SID is either of the form session_name=session_id or is an empty string.

Quote: Note: Non-relative URLs are assumed to point to external sites and hence don't append the SID, as it would be a security risk to leak the SID to a different server.

If set to TRUE, PHP will automatically pass $SID transparently (via cookie) if possible, and [if successfull] $SID will be an empty string.

Mark Hensler
If there is no answer on Google, then there is no question.