Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

PHP - pass session_id when cookies are disabled?

Posted on 2014-02-13
3
Medium Priority
?
630 Views
Last Modified: 2014-02-20
Hi,
how do I keep session_id when cookies are disabled?

At the moment the code below generates a new value for $cookie on page refresh when cookies are disabled?

Thanks in advance for your feedback.

<?php  session_start();

	function GetCartId()
		{
		// This function will generate an encrypted string and
		// will set it as a cookie using set_cookie. This will
		// also be used as the cookieId field in the cart table
		
		if(isset($_COOKIE["cartId"]))
		{
			return $_COOKIE["cartId"];
		}
		else
		{
			// There is no cookie set. We will set the cookie
			// and return the value of the users session ID
		
			setcookie("cartId", session_id(), time() + ((3600 * 24) * 30));
			return session_id();
		}
	}

		$cookie = GetCartId();
		
		echo $cookie; 
		
?>

Open in new window

0
Comment
Question by:sabecs
3 Comments
 
LVL 44

Expert Comment

by:Chris Stanyon
ID: 39857939
You can do it but it's not ideal. Basically, you will have to pass the session id as a querystring parameter in the URL. PHP will do this automatically if you enable session.use_trans_sid (I think PHP needs to be compiled to allow this so you might have to speak to your host)

<?php
ini_set("session.use_trans_sid",1); # Forgot this one!
session_start();
?>

Open in new window

You might be better off just letting the user know that your site requires cookies - I haven't heard of anyone turning off cookies for a long time!

A downside of appending the session id to your links is search engines indexing the links and users bookmarking them!
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39858118
If they have disabled cookies, it is likely they have disabled javascript too.  Sometimes when they do that, you have to say, sorry we can't work with you.
0
 
LVL 111

Accepted Solution

by:
Ray Paseur earned 2000 total points
ID: 39858573
Fortunately this is documented in the online man pages.  Required reading here:
http://php.net/manual/en/book.session.php
http://php.net/manual/en/session.idpassing.php

That said, I agree with the other comments that clients who do not accept cookies are rare, an edge case, and can be ignored.  In my life I have met only one person who ever said he would never accept HTTP cookies.  A client cannot use Facebook, Amazon, eBay or Google if it does not accept and return cookies.  Fuggedaboutem.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question