mfischer                Wed Jun 12 05:50:49 2002 EDT

  Modified files:              
    /phpdoc/en/reference/info/functions ini-set.xml 
    /phpdoc/en/reference/session        reference.xml 
  Log:
  - Document new session.use_only_cookies ini setting.
  
  
Index: phpdoc/en/reference/info/functions/ini-set.xml
diff -u phpdoc/en/reference/info/functions/ini-set.xml:1.8 
phpdoc/en/reference/info/functions/ini-set.xml:1.9
--- phpdoc/en/reference/info/functions/ini-set.xml:1.8  Mon Jun 10 17:59:22 2002
+++ phpdoc/en/reference/info/functions/ini-set.xml      Wed Jun 12 05:50:45 2002
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.8 $ -->
+<!-- $Revision: 1.9 $ -->
 <!-- splitted from ./en/functions/info.xml, last change in rev 1.23 -->
   <refentry id="function.ini-set">
    <refnamediv>
@@ -680,6 +680,11 @@
           <row>
            <entry>session.use_cookies</entry>
            <entry>"1"</entry>
+           <entry>PHP_INI_ALL</entry>
+          </row>
+          <row>
+           <entry>session.use_only_cookies</entry>
+           <entry>"0"</entry>
            <entry>PHP_INI_ALL</entry>
           </row>
           <row>
Index: phpdoc/en/reference/session/reference.xml
diff -u phpdoc/en/reference/session/reference.xml:1.5 
phpdoc/en/reference/session/reference.xml:1.6
--- phpdoc/en/reference/session/reference.xml:1.5       Sat May 25 12:35:24 2002
+++ phpdoc/en/reference/session/reference.xml   Wed Jun 12 05:50:49 2002
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.5 $ -->
+<!-- $Revision: 1.6 $ -->
  <reference id="ref.session">
   <title>Session handling functions</title>
   <titleabbrev>Sessions</titleabbrev>
@@ -391,6 +391,16 @@
        <literal>session.use_cookies</literal> specifies whether the
        module will use cookies to store the session id on the client
        side. Defaults to <literal>1</literal> (enabled).
+      </simpara>
+     </listitem>
+     <listitem>
+      <simpara>
+       <literal>session.use_only_cookies</literal> specifies whether the
+       module will <emphasis role="strong">only</emphasis> use cookies to
+       store the session id on the client side. Defaults to
+       <literal>0</literal> (disabled, for backward compatibility). Enabling
+       this setting prevents attacks involved passing session ids in URLs.
+       This setting was added in <literal>PHP</literal> 4.3.0.
       </simpara>
      </listitem>
      <listitem>


Reply via email to