I have issue with SID and passing to URL. I am bit new to all php MySQL but trying as best. So I have managed to have login form working and then user can direct to their own page by link after logged in. I want that link to pass SID or some random string///I have code for some random string, but its not working–another topic in itself…aside, from all my reading here and there SSID maybe not safe by passing this value to their page: Anyway, my code echo "<a href=“page.php?<?php echo htmlspecialchars(SID); ?>”>click here</a>.
So, this translates to page.php?PHPSESSID=7fd4ac2ba0ae0bd23ea0ebc93e88f63d…How can I append or remove the PHPSESSID part from the URL SO IT WILL JUST LOOK LIKE page.php?you=7fd4ac2ba0ae0bd23ea0ebc93e88f63d or so, without PHPSESSID being shown and its a bit juvenile looking? Ok, any help much appreciated.
I see in my .ini that session.use_trans_sid 0 so it is ‘off’ and thus according to php is auto set to ‘off’ at default for versions and also I am on iis so web.config file need the code to change anything for that to force the cookies. I am confused how to set code out the Code: php_flag session.use_trans_sid off if that is code in the proper syntax and also for the There is also session_name(). link http://us1.php.net/manual/en/session.configuration.php#ini.session.name refers to that being directed back to Defaults to PHPSESSID and so more must be called before session. Please provide more depth to this as I am not scratching the surface all the way here. thanks.
There are many places where you can change the php settings. To make sure what the real settings are add a phpinfo.php file to the directory where your script is. The file should contain only
<?php echo phpinfo (); ?>
You want the following settings:
session.use_cookies On On
session.use_trans_sid 0 0
Note: After you are done with phpinfo.php delete the file because you don’t want to let hackers know your settings.
session.use_trans_sid = 0 I have this set like so already, I do not see how still I can in fact use session with my original post as removing the PHPSESSID part in the url, by the answers above. (PHPSESSID=7fd4ac2ba0ae0bd23ea0ebc93e88f63d). I have responded quite clearly about not using cookie as passing SID once logged in. Please be more detailed and provide a live example if possible, thanks.