loop Posted December 15, 2006 Share Posted December 15, 2006 Hi,I have a PHP application which involves login. The users are then assigned a session-id, and I store some session variables etc. In some cases, with Internet Explorer, the cookie is being blocked. It seems like some users have set "Secutiry level: High" in IE. In my page, this results in the user is being rejected.Does anyone have suggestions how to work around this problem, which seems to only be a problem in IE?thanks for any help. Quote Link to comment Share on other sites More sharing options...
trq Posted December 15, 2006 Share Posted December 15, 2006 If you set the [url=http://www.php.net/manual/en/ref.session.php#ini.session.use-only-cookies]session.use_only_cookies[/url] directive to false your session id should be passed around the url when cookies are not available.Be aware though that obviously this opens up some security issues. Most users should have cookies enabled, and what I usually do is state in my login form that user will not be able to login without the allowing cookies. Quote Link to comment Share on other sites More sharing options...
loop Posted December 15, 2006 Author Share Posted December 15, 2006 thanks for the quick reply. :-) session.use_only_cookies is already set to false. Yet, some of the users is still being rejected. This is included on the top of every page. The variable $_SESSION['id'] is stored when the user is logged in. Hence, without the $id, the user will be redirected before he can see the content of the page. Not that smart code perhaps, but yet, it should work. [code]<?php session_cache_expire(60);session_start();$id = $_SESSION['id'];if ( $id == '' ) redirect();?>[/code]so the question is still... why are they being rejected... Quote Link to comment Share on other sites More sharing options...
trq Posted December 15, 2006 Share Posted December 15, 2006 Sorry... you may also need to enable session.use_trans_sid. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.