Member Avatar for ubik

The problem is that SOMETIMES, my SID gets embedded in the URL,
although at the begining of every page I have this code:

ini_set('session.use_only_cookies', "1");
session_set_cookie_params(60*60);
session_start();
session_register("blabla");
if (!$_SESSION["logged_in"])
session_destroy();
etc, etc;

So there are days/times when the SID isn't embedded in the URL (and in
the links of the page), and days/times when it is, regardless of what
value $_SESSION["logged_in"] has.
I tested the value returned by ini_set and it's always different from
false.
What gives ???
Stranger is the fact that phpinfo() says session.use_only_cookies is on !

Another thing: I'm losing my session when redirecting to a relative
url, although session.use_trans_sid is on in php.ini!, shouldn't
session.use_trans_sid take care of that, embedding SID's into urls
when they are relative urls ?

  • 1 Contributor
  • 1 Reply
  • 106 Views
  • 17 Hours Discussion Span
  • Latest Post Latest Post by ubik
Member Avatar for ubik

I tried ini_set('session.use-trans-sid', 0). Right after I made the change, the sid was gone, urls didn't contain it anymore, BUT, the next day, today, when I accessed the site from my office (another computer), the SID is there again!

And this is exactly like when I first added ini_set('session.use_only_cookies', "1") : before the addition the sid was sometimes there, after the addition it wasn't. Few days later it was there again.
Then I added ini_set('session.use-trans-sid', 0) and it was ok, today it's not.
Don't know what to believe anymore...

The strange thing is, phpinfo() says session.use_only_cookies is ON and session.use_trans_sid likewise.
So if session.use_trans_sid is on, why do I lose my session after redirecting to a relative url ? The docs say that "relative URIs will be changed to contain the session id automatically".

Also when I access the forums on my site (IPB), the sid isn't embedded.

So my question is: if session.use_only_cookies is ON, why on earth is the sid present in the url ?
PS: php is version 4.3.8.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.