SitePoint Sponsor

User Tag List

Results 1 to 8 of 8
  1. #1
    SitePoint Zealot Tikila's Avatar
    Join Date
    Jun 2007
    Location
    Toronto
    Posts
    173
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Manually appending session-id,do I need to do that?

    Hi
    I tend to manually append the sid in my form actions and redirects in case a user has cookies disabled,do I need to do that manually or php automatically append it if it detects a user is disabling cookies?
    I only want it appended for those users who disables cookies,Not all the time for all users.
    But for php to automatically do that,does it need to have :
    session.use_trans_sid
    turned on?
    I have it turned off by default and I cannot change it,nor Can I change the values for :

    session.use_cookies On
    session.use_only_cookies Off

    I searched everywhere for a solution to hide the sid in urls but to no avail as I cannot change the above php.ini settings.So I thought perhaps,I just let php do it for me.That way,at least,I assume,it will only append it for users disabling cookies,instead of me hard coding it for all users.

    Should be most grateful if someone can clarify this to me.

  2. #2
    SitePoint Wizard silver trophy kyberfabrikken's Avatar
    Join Date
    Jun 2004
    Location
    Copenhagen, Denmark
    Posts
    6,157
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That's what trans_sid is for, yes.

    Are you sure, that you can't change those settings? If you're on a shared host, you might be able to set the flags, using a htaccess file.

  3. #3
    SitePoint Wizard stereofrog's Avatar
    Join Date
    Apr 2004
    Location
    germany
    Posts
    4,324
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    IIRC all session settings can be changed with ini_set, if called prior to session_start.

    As a general note, I'd suggest avoiding "trans_sid", because it's useless for human users (99% of which have session cookies enabled) but harmful for the robots (you don't want google to index all your pages with that PHPSESSID= thing).

  4. #4
    SitePoint Zealot
    Join Date
    Jul 2006
    Location
    Dundee, Scotland
    Posts
    179
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by stereofrog View Post
    IIRC all session settings can be changed with ini_set, if called prior to session_start.
    That is correct as long as it is before session_start you can indeed use ini_set.

  5. #5
    SitePoint Zealot Tikila's Avatar
    Join Date
    Jun 2007
    Location
    Toronto
    Posts
    173
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you all for shedding light on this for me.
    I was finally able to override those above setting thru flagging them in .htaccess.
    Am still confused though as to the benefit of appending SID in urls versus its SE disadvantages.


    Yesterday I disabled cookies in ie7,removed the SID and found I could not access that part of my site with sessions nor any other site's logins.Php didnt default to append it for me automaticcally though with sid_trans enabled.

    The page only displayed:

    "Internet Explorer cannot display the webpage"

    Is there anyway instead of this error,I can detect cookies being disabled and display a message to the user regarding enabling cookies?

    I only intend to append it on 6 pages that are member-only areas where there is nothing in their content that is google-feeding(they are just upload forms)

  6. #6
    SitePoint Wizard silver trophy kyberfabrikken's Avatar
    Join Date
    Jun 2004
    Location
    Copenhagen, Denmark
    Posts
    6,157
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by stereofrog View Post
    As a general note, I'd suggest avoiding "trans_sid", because it's useless for human users (99% of which have session cookies enabled) but harmful for the robots (you don't want google to index all your pages with that PHPSESSID= thing).
    Interesting. I never really thought about that, but you're right of course. Good to keep in mind.

  7. #7
    play of mind Ernie1's Avatar
    Join Date
    Sep 2005
    Posts
    1,252
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Assuming you aren't allowing the SID to be passed via URL...

    It's as simple as setting a session variable. Next time you want to know if they accepted the cookie, check the session variable. It it isn't set, they didn't accept the cookie.
    my mobile portal
    ghiris.ro

  8. #8
    SitePoint Zealot Tikila's Avatar
    Join Date
    Jun 2007
    Location
    Toronto
    Posts
    173
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ok,thank you very much to all of you who cared to share me your opinions
    am good to go now.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •