Pablo Oliva wrote:

>I have read that in order to account for browsers/users who do not have
>cookies enabled, that you should append the session id to the url (query

Yes, there are basically three ways that the Web client can pass a 
unique identifier to the server:

1. Cookie
2. URL variable
3. Post variable

Using a Post variable requires that the user always be submitting a form 
with a method of post, so this isn't very flexible, and most people 
don't use it. So, to support users who do not have cookies enabled, the 
URL variable is your best alternative.

>Now, if I do do that,

I'm not sure if you just made a typo here, but you *must* specify a 
resource in a URL. In your above example, you could specify document 
root (/) as the resource like this:

Or, you could specify a specific script to use:

Either way, it is best to use a proper URL. Even when Web clients handle 
improper URLs (most handle for example, which 
fails to specify any resource), it is dangerous to depend on that.The 
old saying, "be strict in what you send and lenient in what you 
receive," has unfortunately been combined with, "use whatever works," so 
that many people are now lenient in what they send. :-)

>do I have to do anything so
>that I force php to recognize the session id in the query string?

The short answer is yes. However, it must be named whatever PHP is 
expecting it to be named (for example, a variable named foo won't be 
assumed to be the unique identifier), and you must not have php.ini 
configurations that will force PHP to ignore it (such as 
session.use_only_cookies, or whatever that one is called).

I hope that answers your question. :-)


PHP General Mailing List (
To unsubscribe, visit:

Reply via email to