|
Posted by gcook on 05/10/05 21:11
Sorry - I meant session id's in the url instead of cookies. We'd been
using this without any difficulty up until recently.
the fact of the matter is, some visitors have cookies disabled, and I've
no ability to monitor this to random visitors.
In addition - it actually is serving the session id in the url - just
serving a blank one. So I don't think the problem is that I have to
turn on session id's in the url, it's already working for some. The
problem is that it's giving me blank id's in the url for some users -
but not all users (works fine for me when I turn off cookies).
Edit to add - I just checked that variable in my php.ini, and it was set
to 0. Which I find completely bizarre, because as I said, it's working
on some machines with cookies disabled, but not others. I'll do some
testing, maybe this'll fix it.
thanks,
glenn
Oli Filth wrote:
> gcook wrote:
>
>> Hi,
>>
>> I've got a mandrake 10.1 webserver. I'm having sporadic problems from
>> users (no discernable trend, other than I believe they all have
>> cookies disabled) not having their sessions maintained.
>>
>
> Well that's your answer. Sessions *are* cookies. The only way round this
> is to set the session.use_trans_sid directive instead (see the PHP
> manual page on sessions), and the session ID will be passed in the URL
> instead. However, this imposes some severe security and usability risks,
> and isn't recommended.
>
> If users insist on having cookies disabled, they have to expect greatly
> reduced functionality on modern websites, and will either have to put up
> with not staying logged on, or allow cookies from your site.
>
>
Navigation:
[Reply to this message]
|