Links during session authorization

Question

Hello. There is a site, it is worth authorizing on sessions, everything works, but sometimes this code is added to the links /index.php?PHPSESSID=9ebca8bd62c830d3e79272b4f585ff8f . I think many have come across this. How to eliminate it?

How did you achieve this?)) There has never been anything like it.

angry 5,855 15 56 171 · Answer 1 · 2011-11-08T14:43:59

 ini_set("session.use_only_cookies", 1);

Or set this session option in php.ini .
This is necessary to use cookies only in sessions, then the session ID will not be inserted into links and forms, but if cookies are disabled in the browser, session_start() will cause an error.
You can do this, of course, but it will be the wrong decision. If PHP does not find the session identifier either in the cookies or in the url , then with session_start() tries to write the session identifier both in the links on the page and in the cookie so that the visitor does not lose the session if the cookies are turned off.
If you enable this option, you will have to require the visitor to enable cookies.

I make an exit and in general I close the browser, I go to the site on a new one, and the session appears through the het is transmitted.
When the browser closes, the cookie with the session identifier is deleted, so when logging back into the site, php does not find the session identifier and tries to hang the new identifier immediately in the cookie and url .
[session_set_cookie_params] (php.net/manual/en/function.session-set-cookie-params.php).
With this function, you can increase the lifetime of a cookie with a session ID.
How do you use it?) Help, and extend the meaning of its lifetime if the browser deletes the session and cookie - * - but I understand everything, by default the cookie is hidden for 0 sec, that is, when you first close the browser

Links during session authorization

1 answer 1

More articles: