Thread: PHPSESSID on QueryString
View Single Post

  #2 (permalink)  
Old 09-28-2006
Mumia W. (reading news)
 
Posts: n/a
Default Re: PHPSESSID on QueryString
On 09/28/2006 07:48 AM, Simon Harris wrote:
> Hi All,
>
> I am using session vars for admin security on some of my pages, to check if
> admin is logged on or not. This works AOK, But, when a non-authenticated
> user clicks a link on a page that has session_start() in it, the link is as
> I expect it to be, but has the following appended to it:
>
> ?PHPSESSID=793be....etc!
>
> Whoops....Brain storm at this point. Seems PHP is automatically appending
> this to enable sessions to work, as I had cookies disabled...clever! :)
>
> Please do let me know if I'm not quite right here!
>
> Cheers!
> Simon.
>

You are correct. Set the preference "session.use_only_cookies" to "1" to
disable that feature.

--
paduille.4058.mumia.w@earthlink.net
Reply With Quote