Overriding PHP INI Setting session.use_trans_sid=0

My Hosting Service has the following PHP settings [per phpinfo():]

session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid 0 0

This means that while my Session ID is stored in a cookie it will not be
automatically appended to my "a href" URLs when clicked. I am dealing with
some paranoid users who may have turned off cookie support or who monitor
cookie usage and reject some cookies or domains (I will not even get into
those who have "protected themselves" by turned off JavaScript <g>).

Thus I need to be able to compensate for their refusal to accept the
automatic cookie used by Sessions Support to pass the Session Id back to the
scripts when they start by having PHP append a "?PHPSESSID = ..." to my
URLs.

This requires that session.use_trans_sid=1 (which I am attempting to do via
these commands at the top of my pages):

<?php
ini_set('session.use_only_cookies',0);
ini_set('session.use_trans_sid',1);
session_start();
?>

The ?PHPSESSID = is not showing up when I use a x.php link on my pages. The
location bar when I click the link is just x.php. While I can force the
needed parm by hard coding the ?PHPSESSID = in my links, I would rather go
the automatic route.

I need sessions so that I can have restricted pages/areas which are only
viewable by those who have logged and and have the requite viewing
authority. All others when attempting to view the pages will get a "Please
Login to view this page/area" notification (and a link to the Login Page) if
not logged in or a "You Are Not Authorized to view this Page/Area"
notification if logged in but not authorized.

I can post my testing code (for forcing the URL) if that will help diagnose
my problem.

Thank You.

.

Relevant Pages

  • Re: Sessions
    ... click the link and in aoltest3.php the session variable is visable. ... Registered serializer handlers php php_binary wddx ... session.name PHPSESSID PHPSESSID ... see the PHPSESSID, in a cookie, or in the URL. ...
    (comp.lang.php)
  • Strange difference when cookie disappears from $_REQUEST in HTTP vs. WAP
    ... with how PHP interacts with MySQL, ... Header has been generated to destroy your login session cookie, ... the cookie so it doesn't show up in $_REQUEST. ...
    (comp.lang.php)
  • Re: php session GC error
    ... After this number of seconds, stored data will be seen as 'garbage' ... how do I explicitly tell PHP in the ini what directory to use for session ... Lifetime in seconds of cookie or, if 0, until browser is restarted. ...
    (php.general)
  • Re: Is it safe to store user_id in Session?
    ... What I was wondering is how safe it is to store user_id or username or ... session so I do not need to search the database all the time. ... OVERRIDING BASIC SESSION COOKIE AUTHENTICATION ... So what is described in the article only works for bad php scripts. ...
    (comp.lang.php)
  • Re: Cookie not conserved across jump
    ... instruction in PHP. ... just leads to another HTTP request. ... $_SESSION is stocked up with the bits // the v2 page will need ... Why would session_startgenerate a new cookie at all? ...
    (comp.lang.php)