mfischer Wed Jun 12 05:50:49 2002 EDT Modified files: /phpdoc/en/reference/info/functions ini-set.xml /phpdoc/en/reference/session reference.xml Log: - Document new session.use_only_cookies ini setting. Index: phpdoc/en/reference/info/functions/ini-set.xml diff -u phpdoc/en/reference/info/functions/ini-set.xml:1.8 phpdoc/en/reference/info/functions/ini-set.xml:1.9 --- phpdoc/en/reference/info/functions/ini-set.xml:1.8 Mon Jun 10 17:59:22 2002 +++ phpdoc/en/reference/info/functions/ini-set.xml Wed Jun 12 05:50:45 2002 @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="iso-8859-1"?> -<!-- $Revision: 1.8 $ --> +<!-- $Revision: 1.9 $ --> <!-- splitted from ./en/functions/info.xml, last change in rev 1.23 --> <refentry id="function.ini-set"> <refnamediv> @@ -680,6 +680,11 @@ <row> <entry>session.use_cookies</entry> <entry>"1"</entry> + <entry>PHP_INI_ALL</entry> + </row> + <row> + <entry>session.use_only_cookies</entry> + <entry>"0"</entry> <entry>PHP_INI_ALL</entry> </row> <row> Index: phpdoc/en/reference/session/reference.xml diff -u phpdoc/en/reference/session/reference.xml:1.5 phpdoc/en/reference/session/reference.xml:1.6 --- phpdoc/en/reference/session/reference.xml:1.5 Sat May 25 12:35:24 2002 +++ phpdoc/en/reference/session/reference.xml Wed Jun 12 05:50:49 2002 @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="iso-8859-1"?> -<!-- $Revision: 1.5 $ --> +<!-- $Revision: 1.6 $ --> <reference id="ref.session"> <title>Session handling functions</title> <titleabbrev>Sessions</titleabbrev> @@ -391,6 +391,16 @@ <literal>session.use_cookies</literal> specifies whether the module will use cookies to store the session id on the client side. Defaults to <literal>1</literal> (enabled). + </simpara> + </listitem> + <listitem> + <simpara> + <literal>session.use_only_cookies</literal> specifies whether the + module will <emphasis role="strong">only</emphasis> use cookies to + store the session id on the client side. Defaults to + <literal>0</literal> (disabled, for backward compatibility). Enabling + this setting prevents attacks involved passing session ids in URLs. + This setting was added in <literal>PHP</literal> 4.3.0. </simpara> </listitem> <listitem>