Jump to content

[SOLVED] cookieless sessions

rempires

By rempires
in PHP Coding Help

 Share

Recommended Posts

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

You would need to turn off session cookies as well - session.use_cookies = off

 

Turning on session.use_trans_sid only enables the transparent sid, it does not force it to be used.

 

You also must only use relative URL's as an absolute URL, even to your own site, will prevent the SID from being appended to the URL.

 

If it still does not work check what the actual values are using a phpinfo(); statement. It is possible that the php.ini that you are changing is not the one that php is using. I also assume that you stopped and started you web server to get any changes made to php.ini to take effect.

rempires Member

rempires

Posted
  • Author
Posted
what you mean mate tell us more cookie less

i'm trying to maintain session state even when the user has cookies turned off. infact if you disable cookies in this very forum you can still log on and do everything.

 

You would need to turn off session cookies as well - session.use_cookies = off

 

Turning on session.use_trans_sid only enables the transparent sid, it does not force it to be used.

 

You also must only use relative URL's as an absolute URL, even to your own site, will prevent the SID from being appended to the URL.

 

i only sue relative URL's so no problem there but as for  session.use_cookies = of, wouldn't that turn off coookes no matter what? i would prefer session state to use cookies and only resort to cookiless session if the user won't allow cookies

 

Only using session may not set the cookie, I think so.But it is not good idea to edit the php.ini file because u are not always allowed to do so when you are working in the server.

actually i am hosted on a shared server, but the administrator told me that if i put a file called php.inin in each and every directory i want the settings applied, that file will override the master php.ini defaults.  I guess he had a lot of people asking for different things or something.

 

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

I only suggested that you turn off the session.use_cookies parameter because you stated you wanted to use cookieless sessions. You did not state you wanted to use cookies and the optional trans sid until your last post.  ::) We only see the information you post and the answers can not be any better than the questions that are asked.

 

Since you actually want to use cookies and the trans sid when cookies are not accepted by the visitor, turn session.use_only_cookies off.

 

If session.use_trans_sid = on and session.use_only_cookies = off does not cause the SID to be passed on the end of the URL, make sure what the values actually are using a phpinfo(); statement in a .php file.

rempires Member

rempires

Posted
  • Author
Posted

session

Session Support enabled

Registered save handlers files user sqlite

Registered serializer handlers php php_binary

 

Directive Local Value Master Value

session.auto_start Off Off

session.bug_compat_42 On On

session.bug_compat_warn On On

session.cache_expire 180 180

session.cache_limiter nocache nocache

session.cookie_domain no value no value

session.cookie_httponly Off Off

session.cookie_lifetime 0 0

session.cookie_path / /

session.cookie_secure Off Off

session.entropy_file no value no value

session.entropy_length 0 0

session.gc_divisor 100 100

session.gc_maxlifetime 1440 1440

session.gc_probability 1 1

session.hash_bits_per_character 4 4

session.hash_function 0 0

session.name PHPSESSID PHPSESSID

session.referer_check no value no value

session.save_handler files files

session.save_path no value no value

session.serialize_handler php php

session.use_cookies On On

session.use_only_cookies Off Off

session.use_trans_sid 1 1

 

 

that's the session information from the phpinfo readout

 

i set trans_sid to 1 and use_only_cookies to 0

 

but it still won't maintain sessions without cookies can anyone else see anything wrong with this?

 

thanks

john

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

Assuming that sessions are configured and working, the posted settings work for me when I configure my browser to not accept cookies. Did you exit your browser after your turned off cookies and the re-browse to the first page where the session is started? Otherwise, php won't know to place the SID on the end of the url.

 

Check your web server log for errors and post your code.

rempires Member

rempires

Posted
  • Author
Posted

Thanks everyone, those fixes did it. Know i just gotta figure out how to append the URL of a header("location /blah.php"); as i noticed php doesn't auto-append these :( . i'll probably just make a function that checks if a cookie was set, if so then don't append it.

 

special thanks for revraz and PFMaBiSmAd for your quick and helpful responses, i owe you guys

 

john

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.