Apr 2009
15

Forcing PHP session ids to URL strings

There are (thankfully rare) times when you need to force your system to pass PHP session values as URL query strings instead of as cookie values. In my case it was with American cell phone operators who have set their gateways to claim that they accept cookies and then ditch them silently.

In theory you can force PHP to transmit its cookie IDs as query strings in the php.ini or the htaccess files, however that’s often not available to those on shared boxes.

Yes, we’re talking about an issue that effects a small number of people here. Sadly, due to a server configuration issue, I’m one of them.

So, what’s the solution?

The following code tells PHP to use query strings instead of cookies…

ini_set('session.use_trans_sid',1);
ini_set('session.use_only_cookies',0);

Except, it doesn’t work. This, however, does work…

$_COOKIE = array();
ini_set('session.use_trans_sid',1);
ini_set('session.use_only_cookies',0);

Don’t ask me… I don’t understand it either.

Tags: , ,

  • You were about to say...?

    (required)

    (will not be published) (required)

    (optional)

    Please leave these two fields as-is:

    Protected by Invisible Defender. Showed 403 to 119,305 bad guys.