Hi, <br /><br />As the title really, i want to force cookies instead of session id's in the url.<br />I am using<br /><br />ini_set('session.use_trans_sid', 0);<br /><br />but when i check afterwards, it tells me its still set to 1.<br /><br />Any reasons why ?<!--content-->
According to one of comments in the PHP documentation, it just doesn't work. You might try setting this option in your .htaccess file instead:<br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->php_flag session.use_trans_sid off<!--c2--></div><!--ec2--><!--content-->
Thank your TCH-David for your time.<br /><br />However unfortunatly using this line in the .htaccess isnt an option.<br /><br />The issue i am having dificulting understanding is this:<br /><br />I have buit a login system, and i as a test i have disabled cookies in my browser. However a session is still being created, and my user can login. The session id is <b>not</b> in the url.<br />They then can't browse other pages which use the <i>same</i> code to check for <br /><br />$_SESSION['login_id'];<br /><br />SO why can the session get created in the first place without browser cookies.<br />(I have checked and no cookies are being created.)<br /><br />Thanks<!--content-->
Ignore the above post, i think i have found a tiny loophole in my code.<!--content-->
According to one of comments in the PHP documentation, it just doesn't work. You might try setting this option in your .htaccess file instead:<br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->php_flag session.use_trans_sid off<!--c2--></div><!--ec2--><!--content-->
Thank your TCH-David for your time.<br /><br />However unfortunatly using this line in the .htaccess isnt an option.<br /><br />The issue i am having dificulting understanding is this:<br /><br />I have buit a login system, and i as a test i have disabled cookies in my browser. However a session is still being created, and my user can login. The session id is <b>not</b> in the url.<br />They then can't browse other pages which use the <i>same</i> code to check for <br /><br />$_SESSION['login_id'];<br /><br />SO why can the session get created in the first place without browser cookies.<br />(I have checked and no cookies are being created.)<br /><br />Thanks<!--content-->
Ignore the above post, i think i have found a tiny loophole in my code.<!--content-->