Solved

PHP SESSION doesn't work when Privacy sets to HIGH

Posted on 2006-06-09
4
281 Views
Last Modified: 2008-03-17
I thought session will always work even the browser doesn't accept cookies -- in that case the session ID will be passed via PHPSESSID in the URL query....

but obviously it is not the case... when I set my IE's Privacy to HIGH or BLOCK ALL COOKIES, then the session fails to work


WHY?


0
Comment
Question by:jtjli
4 Comments
 
LVL 2

Expert Comment

by:EECDML
ID: 16869824
Check your PHP.INI configuration file in the Sessions section.

See if the following is set...

session.use_cookies = 1



I haven't done much modification in this area of the INI file, but I'm sure you can get PHP running without requiring the use of cookies.
0
 
LVL 2

Expert Comment

by:battletech
ID: 16871902
Instead of using a cookie, transmit the session ID in the URL...
0
 
LVL 16

Expert Comment

by:OliWarner
ID: 16878093
>> but obviously it is not the case... when I set my IE's Privacy to HIGH or BLOCK ALL COOKIES, then the session fails to work... WHY?

Because sessions require cookies to store the SessionID. The other method of doing this is to munge the session ID into the URL so you end up with something like this:
www.example.com/mypage.php?PHP_SID=dlkfj323kljf33j

Its seriously ugly. You'll also need to attach the session ID to all your links...
0
 
LVL 8

Accepted Solution

by:
netmunky earned 500 total points
ID: 16902115
php.ini:
; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
;   to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
;   in publically accessible computer.
; - User may access your site with the same session ID
;   always using URL stored in browser's history or bookmarks.
session.use_trans_sid = 0
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Why do we like using grid based layouts in website design? Let's look at the live examples of websites and compare them to grid based WordPress themes.
Read about why website design really matters in today's demanding market.
The viewer will learn how to count occurrences of each item in an array.
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now