[WSG] auto generated PHP sessions identifier causes valodation errors
Dear Sirs, please any help with http://validator.w3.org/check?uri=http%3A//www.idealcouple.com/test/ I am not able to confignure auto generated PHP output dta href=./profile/?pid=1025PHPSESSID=6a2db2de31fb7e15728cc68dd01899c4 and not able to avoid ampersands in URL Should I and how i can setup my PHP? But i can avoid links - change them with forms and buttons. Is this the BEST solution for this trouble? Many Thanks Andrey http://development.it.net.ua/ mailto: [EMAIL PROTECTED] * The discussion list for http://webstandardsgroup.org/ See http://webstandardsgroup.org/mail/guidelines.cfm for some hints on posting to the list getting help *
Re: [WSG] auto generated PHP sessions identifier causes valodation errors
Andrey V.Stefanenko wrote: I am not able to confignure auto generated PHP output dta href=./profile/?pid=1025PHPSESSID=6a2db2de31fb7e15728cc68dd01899c4 and not able to avoid ampersands in URL Should I and how i can setup my PHP? I'd like to know if there's a solution to this as well. It's the one thing that stops some of my sites from validating: http://validator.w3.org/check?uri=http://www.thesession.org/index.php But i can avoid links - change them with forms and buttons. Is this the BEST solution for this trouble? That might just create a different problem. PHP will insert a hidden input field: input type=hidden name=PHPSESSID value=6a2db2de31fb7e15728cc68dd01899c4 / But it won't wrap that tag in a block level element so there'll still be validation issues. Any PHP gurus out there know if there's a way of customising how PHP passes the session id? -- Jeremy Keith a d a c t i o http://adactio.com * The discussion list for http://webstandardsgroup.org/ See http://webstandardsgroup.org/mail/guidelines.cfm for some hints on posting to the list getting help *
Re: [WSG] auto generated PHP sessions identifier causes valodation errors
Andrey V. Stefanenko wrote: I am not able to confignure auto generated PHP output dta href=./profile/?pid=1025PHPSESSID=6a2db2de31fb7e15728cc68dd01899c4 and not able to avoid ampersands in URL Should I and how i can setup my PHP? In your .htaccess file: php_value arg_separator.output amp; or in Php: ini_set('arg_separator.output','amp;'); But i can avoid links - change them with forms and buttons. Is this the BEST solution for this trouble? I don't think so. Php will mess up your forms even worse. You could also avoid using session id's in links, using only cookies. php_value session.use_trans_sid 0 php_value session.use_only_cookies 1 /AndersN * The discussion list for http://webstandardsgroup.org/ See http://webstandardsgroup.org/mail/guidelines.cfm for some hints on posting to the list getting help *
Re: [WSG] auto generated PHP sessions identifier causes valodation errors
Andrey V. Stefanenko wrote: I am not able to confignure auto generated PHP output dta href=./profile/?pid=1025PHPSESSID=6a2db2de31fb7e15728cc68dd01899c4 and not able to avoid ampersands in URL Should I and how i can setup my PHP? You need to set arg_separator.output to amp; instead of That can be modified in couple of places: Globally in php.ini arg_separator.output = amp; or locally in .htaccess php_value arg_separator.output amp; or locally in PHP script: ini_set('arg_separator.output', 'amp;'); -- Toni Viemerö | http://selfdestruct.net The ones who dont do anything are always the ones who try to pull you down. * The discussion list for http://webstandardsgroup.org/ See http://webstandardsgroup.org/mail/guidelines.cfm for some hints on posting to the list getting help *
Re: [WSG] auto generated PHP sessions identifier causes valodation errors
Anders Nawroth wrote: You could also avoid using session id's in links, using only cookies. php_value session.use_trans_sid 0 php_value session.use_only_cookies 1 This also takes care of the security issue (not a 100% fix, but it helps) of having the ID in the address window and in the links. Another option is to allow the URI changes for browsers with cookies off, but to sniff out and exclude that option for bots and validators. Bottom line: we live in an imperfect world. * The discussion list for http://webstandardsgroup.org/ See http://webstandardsgroup.org/mail/guidelines.cfm for some hints on posting to the list getting help *