[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

PHP SESSION doesn't work when Privacy sets to HIGH

Posted on 2006-06-09
4
Medium Priority
?
287 Views
Last Modified: 2008-03-17
I thought session will always work even the browser doesn't accept cookies -- in that case the session ID will be passed via PHPSESSID in the URL query....

but obviously it is not the case... when I set my IE's Privacy to HIGH or BLOCK ALL COOKIES, then the session fails to work


WHY?


0
Comment
Question by:jtjli
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 2

Expert Comment

by:EECDML
ID: 16869824
Check your PHP.INI configuration file in the Sessions section.

See if the following is set...

session.use_cookies = 1



I haven't done much modification in this area of the INI file, but I'm sure you can get PHP running without requiring the use of cookies.
0
 
LVL 2

Expert Comment

by:battletech
ID: 16871902
Instead of using a cookie, transmit the session ID in the URL...
0
 
LVL 16

Expert Comment

by:OliWarner
ID: 16878093
>> but obviously it is not the case... when I set my IE's Privacy to HIGH or BLOCK ALL COOKIES, then the session fails to work... WHY?

Because sessions require cookies to store the SessionID. The other method of doing this is to munge the session ID into the URL so you end up with something like this:
www.example.com/mypage.php?PHP_SID=dlkfj323kljf33j

Its seriously ugly. You'll also need to attach the session ID to all your links...
0
 
LVL 8

Accepted Solution

by:
netmunky earned 1000 total points
ID: 16902115
php.ini:
; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
;   to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
;   in publically accessible computer.
; - User may access your site with the same session ID
;   always using URL stored in browser's history or bookmarks.
session.use_trans_sid = 0
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Q&A with Course Creator, Mark Lassoff, on the importance of HTML5 in the career of a modern-day developer.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question