SitePoint Sponsor

User Tag List

Results 1 to 13 of 13
  1. #1
    SitePoint Enthusiast rev909's Avatar
    Join Date
    Mar 2002
    Location
    Romania
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Get rid of the session identifier from the URL

    Hello,

    I'm trying to log the hits a user generates on my site but sometimes I get these (just examples):

    /page.php?PHPSESSID=b775b1dd426578b97f69738e9b312e41
    /page.php?PHPSESSID=b775b1dd426578b97f69738e9b312e41&id=4
    /page.php?id=42&bla=ab&sesID=b775b1dd426578b97f69738e9b312e41

    I want a reliable way to strip out the session identifier with a regular expression if possible (argh! my worst enemies).

  2. #2
    La la la la la bronze trophy lieut_data's Avatar
    Join Date
    Jun 2003
    Location
    Waterloo, ON
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm not an ereg guru, but I'll give it a shot:
    PHP Code:
    $url ereg_replace ("PHPSESSID=[0-9abcdef]*&?"""$url); 
    Don't kill me if this doesn't work, I'm not at PHP enabled workstation... (and I suck at regular expressions)...

    Cheers!
    My name is Steve, and I'm a super-villian.

  3. #3
    SitePoint Enthusiast rev909's Avatar
    Join Date
    Mar 2002
    Location
    Romania
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks!

    But this doesn't really work as I want it to work. It only removes the string. It doesn't remove the ? (only if the session identifier is the first query term) or & from the beginning.

  4. #4
    La la la la la bronze trophy lieut_data's Avatar
    Join Date
    Jun 2003
    Location
    Waterloo, ON
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by rev909
    Thanks!

    But this doesn't really work as I want it to work. It only removes the string. It doesn't remove the ? (only if the session identifier is the first query term) or & from the beginning.
    Ok, modfy as such:

    PHP Code:
    $url ereg_replace ("\??&?PHPSESSID=[0-9abcdef]*&?"""$url); 
    My name is Steve, and I'm a super-villian.

  5. #5
    SitePoint Enthusiast rev909's Avatar
    Join Date
    Mar 2002
    Location
    Romania
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Still not cool. :P

    PHP Code:
    $url "/dnb/hamham.php?PHPSESSID=b775b1dd426578b97f69738e9b312e41&asd=35";
    $url ereg_replace ("\??&?PHPSESSID=[0-9abcdef]*&?"""$url);
    echo(
    $url);
    $url "/dnb/hamham.php?asd=35&PHPSESSID=b775b1dd426578b97f69738e9b312e41&bnm=54";
    $url ereg_replace ("\??&?PHPSESSID=[0-9abcdef]*&?"""$url);
    echo(
    $url); 
    Will output:

    /dnb/hamham.phpasd=35
    /dnb/hamham.php?asd=35bnm=54

    I'd like to have:

    /dnb/hamham.php?asd=35
    /dnb/hamham.php?asd=35&bnm=54

  6. #6
    SitePoint Member
    Join Date
    Feb 2003
    Location
    mars
    Posts
    17
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Add following line to .htaccess file:
    php_flag session.use_trans_sid off
    that should remove session ids from URL.

  7. #7
    La la la la la bronze trophy lieut_data's Avatar
    Join Date
    Jun 2003
    Location
    Waterloo, ON
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by leom
    Add following line to .htaccess file:
    php_flag session.use_trans_sid off
    that should remove session ids from URL.
    Barring such an excellent answer as that, you could use:

    PHP Code:
     $url ereg_replace ("\??&?PHPSESSID=[0-9abcdef]*&?""?"$url); 
    Resulting in a ? for every removed Session ID, allowing you to preserve other query string variables.
    My name is Steve, and I'm a super-villian.

  8. #8
    SitePoint Enthusiast rev909's Avatar
    Join Date
    Mar 2002
    Location
    Romania
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for all the answers! However I'd prefer not using PHP INI flags. But Data's answer is getting REALLY close now...

    PHP Code:
    $url "/dnb/hamham.php?PHPSESSID=b775b1dd426578b97f69738e9b312e41&asd=35";
    $url ereg_replace ("\??&?PHPSESSID=[0-9abcdef]*&?""?"$url);
    echo(
    $url.'<br>'); 
    $url "/dnb/hamham.php?asd=35&PHPSESSID=b775b1dd426578b97f69738e9b312e41&bnm=54";
    $url ereg_replace ("\??&?PHPSESSID=[0-9abcdef]*&?""?"$url);
    echo(
    $url); 
    Outputs:

    /dnb/hamham.php?asd=35
    /dnb/hamham.php?asd=35?bnm=54

    First line is OK. Second line is not.

  9. #9
    La la la la la bronze trophy lieut_data's Avatar
    Join Date
    Jun 2003
    Location
    Waterloo, ON
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by rev909
    Thanks for all the answers! However I'd prefer not using PHP INI flags. But Data's answer is getting REALLY close now...

    PHP Code:
    $url "/dnb/hamham.php?PHPSESSID=b775b1dd426578b97f69738e9b312e41&asd=35";
    $url ereg_replace ("\??&?PHPSESSID=[0-9abcdef]*&?""?"$url);
    echo(
    $url.'<br>'); 
    $url "/dnb/hamham.php?asd=35&PHPSESSID=b775b1dd426578b97f69738e9b312e41&bnm=54";
    $url ereg_replace ("\??&?PHPSESSID=[0-9abcdef]*&?""?"$url);
    echo(
    $url); 
    Outputs:

    /dnb/hamham.php?asd=35
    /dnb/hamham.php?asd=35?bnm=54

    First line is OK. Second line is not.
    Ok, I think I've finally got it:

    PHP Code:
    $url ereg_replace("PHPSESSID=[0-9abcdef]*&?"""$url); 
    I ran a few tests on this:

    /dnb/hamham.php -> /dnb/hamham.php

    /dnb/hamham.php? -> /dnb/hamham.php?

    /dnb/hamham.php?PHPSESSID=b775b1dd426578b97f69738e9b312e41 -> /dnb/hamham.php?

    /dnb/hamham.php?PHPSESSID=b775b1dd426578b97f69738e9b312e41&asd=35 -> /dnb/hamham.php?asd=35

    /dnb/hamham.php?asd=35&PHPSESSID=b775b1dd426578b97f69738e9b312e41&bnm=54 -> /dnb/hamham.php?asd=35&bnm=54
    My name is Steve, and I'm a super-villian.

  10. #10
    SitePoint Enthusiast rev909's Avatar
    Join Date
    Mar 2002
    Location
    Romania
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by lieut_data
    /dnb/hamham.php? -> /dnb/hamham.php?
    /dnb/hamham.php?PHPSESSID=b775b1dd426578b97f69738e9b312e41 -> /dnb/hamham.php?
    Last wish. I'd like to lose the question mark from the end. But if that's not possible I'll remove it with a second instruction. Thanks for the answers.

  11. #11
    La la la la la bronze trophy lieut_data's Avatar
    Join Date
    Jun 2003
    Location
    Waterloo, ON
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm not sure if this is possible in one comand, just since it would require knowing if there were elements at the end, and variably removing the question mark.

    Just run the following after:
    PHP Code:
     $url ereg_replace("?$"""$url); 
    Cheers!
    My name is Steve, and I'm a super-villian.

  12. #12
    SitePoint Enthusiast rev909's Avatar
    Join Date
    Mar 2002
    Location
    Romania
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I read that ereg_replace is a lot slower than 'native' PHP functions. So I think it's better to use the following to strip the question mark from the end.
    PHP Code:
    if($url[strlen($url) - 1] == '?'$url substr($url0strlen($url) - 1); 

  13. #13
    SitePoint Enthusiast rev909's Avatar
    Join Date
    Mar 2002
    Location
    Romania
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Final version (?)

    OK. So here's my function which will hopefully process a URL and remove all traces of PHP session IDs. Pass it the $url and an array with the expected session IDs. For example $session_id_array = Array('PHPSESSID', 'myID', 'sesID');
    PHP Code:
    function url_remove_session_id($url$session_ids) {
        foreach(
    $session_ids as $session_id) {
            if(
    strstr($url$session_id)) {
                
    $url ereg_replace($session_id.'=[0-9abcdef]*&?'''$url); 
                if(
    $url[strlen($url) - 1] == '?'$url substr($url0strlen($url) - 1);
                if(
    $url[strlen($url) - 1] == '&'$url substr($url0strlen($url) - 1);
            }
        }

        return(
    $url);
    }; 


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •