My apologies then. Somehow your response never arrived. It is still best 
to always "reply all" for things like this. You get the benefit of 
hearing several people's perspectives, and you also potentially help 
others who have the same question now or who may have it in the future 
(and check the list archives).

Anyway, back to your problem ...

Jeff Bluemel wrote:

>what I mean by this is it was my understanding when reading the sessions
>doc's that there was a way to for the system to use a stored system ID
>stored in an SID, but the information wouldn't be sent to the browser, but
>be stored in a cookie.

Cookies are stored on the client, so they are also sent to the browser.

Basically, the unique identifier (e.g., PHPSESSID) must be provided by 
the Web client in order for it to be associated with previous requests. 
The two most common methods of this are for it to send this information 
in a cookie (there is a Cookie header in the HTTP request) or as part of 
the query string in a URL (such as that it is requesting.

>>With use_trans_sid set, PHP is going to append the session ID to the URL
>>of links, etc., on:
>I tried setting the user_trans_sid = 0, but it still will not use a cookie.
>it doesn't appear to change anything when I play with these settings.

Right. I was explaining (poorly looking back) what the use_trans_sid 
does. Basically, the idea is that the developer doesn't have to worry 
about how the unique identifier is passed back. This is the "easiest" 
way to use session management, because it is transparent for the most 
part. PHP will try both cookie and URL methods to maintain the unique 
identifier, and it will use only a cookie once it can determine that the 
client supports them.

You are having a problem, it sounds like, with the Web client *not* 
sending back the cookie in subsequent requests. Thus, use_trans_sid will 
append the unique identifier to the URL every time, as it believes the 
client to not be supporting cookies (which might just be your problem). 
When you combine this with use_only_cookies (sp?), you are basically 
telling PHP to ignore the unique identifier if it is sent on the URL. 
Thus, it is not receiving the cookie, and it is being instructed to not 
use the URL variable. It has no way to identify the client and maintain 

Your problem boils down to one thing: the cookie is not getting passed 
back. Focus on this initially. Make sure your Web browser is accepting 
the cookie (you can configure most browsers to warn you before accepting 
a cookie, so that you can be certain it is being set), and try to make 
sure your PHP script is receiving the cookie like it thinks it should 
be. For example, if the cookie is named PHPSESSID, try this:

echo "cookie is [" . $_COOKIE["PHPSESSID"] . "]<br>";

If ths cookie is blank (e.g., "cookie is []"), you have identified your 
problem. Hopefully this will help you solve it.

Happy hacking.


PHP General Mailing List (
To unsubscribe, visit:

Reply via email to