Posted by Dan Phiffer on 02/17/05 06:56

b1nary Developement Team wrote:

> I'm having some troubles however, and they come in the form of
> sessions. When I use session_start(), it throws the PHPSESSID into the
> URL of all of my links and form actions and what not. This is a problem
> because in my forms it throws in a hidden input, which doesn't validate
> right, plus they don't use & insteand of just &. Is there any way
> to stop a session from being passed through the URL?


From php.net/session:
---
PHP is capable of transforming links transparently. Unless you are
using PHP 4.2 or later, you need to enable it manually when building
PHP. Under Unix, pass --enable-trans-sid to configure. If this build
option and the run-time option session.use_trans_sid are enabled,
relative URIs will be changed to contain the session id automatically.

Note: The arg_separator.output php.ini directive allows to customize
the argument seperator. For full XHTML conformance, specify & there.
---

HTH,
-Dan

[Back to original message]