I would suggest that you look at php as the total solution not
mod_rewrite that way you have
access to include the PHPSESS information into the URL directly eg:


You can achieve this by reading the following artcile... we use it for
websites that will be searchable
by bots with great success.


Oh and on the bot side of things... simply have an expiry (epoch stamp)
in the url that you read
and if that has expired simply reload the page with a new session... oh
and you will experience the
same problem with bookmarking visitors as well as bots with the expired
sessions.. or you could just
simply say if it doesn't exist recreate... it depends if you are going
to use built in session handlers
or user (eg database) or even custom self written (my suggestion for
your situation - write your own env).

If you need further assistance don't hesitate to ask.

Timothy Hitchens (HITCHO)

HITCHO has Spoken!

-----Original Message-----
From: Tech Support [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, 10 October 2002 4:33 AM
Subject: [PHP] Spiders, Sessions, trans SID, and mod_rewrite


I'm preparing to start an ecommerce project that will require the use of
sessions throughout the entire site for referrer and affiliate tracking
purposes. I also plan to use mod_rewrite to make links to dynamic
content search spider friendly. example: instead of
/somescript.php?var1=value1&var2=value2 I'll have

The obstacle I'm facing is the automatic appending of the session id to
every link upon first entering the site and to every link on every page
of the site if session cookies are disabled. This will make search
spiders either not index the linked pages, or worse index them with an
old session id!

I am hoping to find two solutions to dealing with this inherent problem
with sessions, spiders, trans sid, and url rewriting.

1) I am thinking of obtaining and using a list of known spiders to
determine if the visitor is a spider. If they are a spider I simply
won't call session_start() thus eliminating the auto appending of the
session id to every link. URL rewriting will take care of the ugly query
strings and I'm in business to get spidered. How ever, this could mean a
lot of overhead if the site gets busy and a lot of work keeping an
updated spider list. Does anyone have a solution for this? I want some
real world experience here please.

2) If I rewrite query strings how will I deal with trans sid? For
instance, I have a rewritten url that looks like this:
/somescript/var1/value1/var2/value2 and the session id is going to get
appended leaving me with this:
/somescript/var1/value1/var2/value2&PHPSESSID=some_session_id. Is there
a way to make php add the session id in the slash delimited format? I am
aware of arg_separator.output directive but that does not fix the = in
the query string.

I appreciate any help, tips, and/or pointers. The problem is clear -
it's the solution that's a little fuzzy!

Thanks for reading,


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to