Solved

PHP - pass session_id when cookies are disabled?

Posted on 2014-02-13
3
610 Views
Last Modified: 2014-02-20
Hi,
how do I keep session_id when cookies are disabled?

At the moment the code below generates a new value for $cookie on page refresh when cookies are disabled?

Thanks in advance for your feedback.

<?php  session_start();

	function GetCartId()
		{
		// This function will generate an encrypted string and
		// will set it as a cookie using set_cookie. This will
		// also be used as the cookieId field in the cart table
		
		if(isset($_COOKIE["cartId"]))
		{
			return $_COOKIE["cartId"];
		}
		else
		{
			// There is no cookie set. We will set the cookie
			// and return the value of the users session ID
		
			setcookie("cartId", session_id(), time() + ((3600 * 24) * 30));
			return session_id();
		}
	}

		$cookie = GetCartId();
		
		echo $cookie; 
		
?>

Open in new window

0
Comment
Question by:sabecs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 43

Expert Comment

by:Chris Stanyon
ID: 39857939
You can do it but it's not ideal. Basically, you will have to pass the session id as a querystring parameter in the URL. PHP will do this automatically if you enable session.use_trans_sid (I think PHP needs to be compiled to allow this so you might have to speak to your host)

<?php
ini_set("session.use_trans_sid",1); # Forgot this one!
session_start();
?>

Open in new window

You might be better off just letting the user know that your site requires cookies - I haven't heard of anyone turning off cookies for a long time!

A downside of appending the session id to your links is search engines indexing the links and users bookmarking them!
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39858118
If they have disabled cookies, it is likely they have disabled javascript too.  Sometimes when they do that, you have to say, sorry we can't work with you.
0
 
LVL 110

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 39858573
Fortunately this is documented in the online man pages.  Required reading here:
http://php.net/manual/en/book.session.php
http://php.net/manual/en/session.idpassing.php

That said, I agree with the other comments that clients who do not accept cookies are rare, an edge case, and can be ignored.  In my life I have met only one person who ever said he would never accept HTTP cookies.  A client cannot use Facebook, Amazon, eBay or Google if it does not accept and return cookies.  Fuggedaboutem.
0

Featured Post

Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
This article discusses how to implement server side field validation and display customized error messages to the client.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question