[SOLVED] PHPSESSID IN URLS

[jakebur01]

How can I remove the PHPSESSID's from my urls?

 

It's ok if they are there inside the admin area, but I need to check for a session on my home page and I don't need the search engines indexing the sessionid's.

 

Is there any way to use sessions on a page without using session_start(); ?

 

<?php 

session_start();//this is at the top of the page

?>

// here is the section where I need to check if they are logged in.

<?php 	  
			if (isset($_SESSION['valid_user']))
  {	  
  ?>
                <table width="188" border="0" cellspacing="3" cellpadding="3">
                  <tr>
                    <td bgcolor="#DFDABD"><div align="center"><a href="admin.php" class="style15">My Account</a> <span class="style15">|</span> <a href="logout.php" class="style15">Log Out</a></div></td>
                  </tr>
                </table>  
                <?php

}
else
{
//echo "navigation";
?>

  <div style="padding-right:13px; ">
    <form name="form1" method="post" action="admin.php">
      <div align="right">
        <table width="183" border="0" cellspacing="3" cellpadding="3">
          <tr>
            <td bgcolor="#DFDABD"><div align="center"><span class="style15">User:</span><span class="style7">
              <input type="text" name="textfield2">
              </span> <br />
                          <span class="style15">Pass:</span>
                          <input type="password" name="textfield3">
                          <br />
                          <input type="submit" name="Submit" value="Log In">
                          <br />
                        <a href="signup.php" class="style2">Not a member? Sign up </a> <a href="#"><img src="images/pint_1.jpg" alt=" " width="6" height="5" vspace="1" border="0" style="margin-right:7px "></a></div></td>
          </tr>
        </table>
        </div>
    </form>
    </div>

<?php
}

?>

[DarkWater]

Check your php.ini for the sessions directive and see if it's on.

[jakebur01]

I don't have access to that. You are amazing, I am going to wear out my welcome with you helping me so much.

[trq]

The following...

 

php_value session.use_trans_sid 0
php_value session.use_only_cookies 1

 

within your .htaccess file will solve the issue. it will of course also prevent users without cookies enabled from loging into your site.

[DarkWater]

Actually, if you'd wait, I was busy looking up what the directives were.  Thorpe beat me too it though. =/

[jakebur01]

Is there any way I could use the session just for that section of code then kill it?

[DarkWater]

...Why?

[jakebur01]

I was thinking that I might could start the session, create a variable out of the session I need, reset the session, and then end it before the rest of the page loads.

[DarkWater]

Once again, what is the point of killing the session halfway through the code?