On 27 Aug 2001 15:25:09 +0300, Zeev Suraski wrote:
> At 13:40 27-08-01, Thies C. Arntzen wrote:
> >On 27 Aug 2001 01:33:46 +0300, Zeev Suraski wrote:
> > > The other issue is a suggestion I want to pitch - right now, if sessions
> > > are started after the headers are already sent, we'll get a nice
> > > headers-already-sent error. If we have trans_sid enabled (which we will
> > > most probably, from now on) - we can check whether the headers are already
> > > sent, and if they are, move to use trans_sid instead. Any comments?
> > >
> >i tend not to do that. trans-sid is a very different thing from cookies
> >(session id's are populated to foreign-sites via HTTP_REFERRER). i don't
> >think
> >we should default to it. developers should decide themself if they want
> >trans-sid
> >or not.
>
> You lost your caps too? :)
some time ago already;-) didn't you notice?
>
> I'm not sure what you meant in the HTTP_REFERRER issue - can you explain
> it? At any rate, developers still can decide whether or not they want
if you are on a site that uses trans-sid for sessions the HTTP_REFERER
on the next visited site will contain your session-id.
> trans_sid, by using the existing php.ini setting.
makes sense - i just don't want a new & changed default behaviour of
PHP. if i run a cookie based session and for some weird reason i have a
stray character in one of my pages i do not want PHP to switch to
trans-sid - i want to get notified ("Headers already sent") and fix my
bug.
tc
>
> Zeev
>
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
