Jump to content

sessions with cookies disabled...

mkosmosports

By mkosmosports
in PHP Coding Help

 Share

Recommended Posts

mkosmosports Regular Member

mkosmosports

Posted
Posted

Hey,

 

Now I know there are a lot of pages dedicated to this but I cant seem to find any concrete answers.

 

I use sessions on my site. The information in some of these session arrays is vital for the site to work. I just recently found out if cookies are disabled that big ugly PHPSESSID url parameter gets inserted into all links, which is not only ugly but poses security risks because the session id can be viewed by everyone. A lot of people are advising to disable this altogether in php.ini, which I dont understand though, because how else can you use sessions if the users cookies are disabled??

 

So, I need to make sessions are accesible even if the user has cookies disabled, but I want to make sure that doesnt pose any security risks, and if possible I would like to clean up that url a little?

 

Does anyone have any suggestions? Is this doable?

 

Anything is appreciated.

Thanks

Link to comment
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted

Mod rewrite wont help here.

 

If you don't want the PHPSESSID to be displayed in the url and cookies is not available then I guess it would be best for you to write your own custom session handler by saving session data to a database and tracking the user via their IP address rather than a cookie. Have a read of the manual on setting your own session handler rather than using PHP's default handler.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.