subject:"\[PHP\] Re\: PHPSESSID and URL rewriting"

[PHP] Re: PHPSESSID and URL rewriting

2004-02-20 Thread memoimyself

On 19 Feb 2004 at 17:15, seba wrote: > Unfortunately I do can not oblige users which will use those pages to > accept cookies . The pages are for an e-commerce web site. If I use > the directive session.use_trans_sid = 0 is not possible to MANTAIN THE > SAME phpsessid value among differents pages

Re: [PHP] Re: PHPSESSID and URL rewriting

2004-02-19 Thread seba

Message - From: <[EMAIL PROTECTED]> To: "PHP General list" <[EMAIL PROTECTED]> Sent: Thursday, February 19, 2004 2:45 PM Subject: [PHP] Re: PHPSESSID and URL rewriting > Hello Seba, > > Check your php.ini file: you'll probably find that "session.use_tr

[PHP] Re: PHPSESSID and URL rewriting

2004-02-19 Thread memoimyself

Hello Seba, Check your php.ini file: you'll probably find that "session.use_trans_sid" is set to 1, which is actually a security hazard. If you set "session.use_trans_sid" to 0, session IDs will no longer be automatically sent as GET variables. Cheers, Erik On 19 Feb 2004 at 13:15, Seba wr