This is an interesting idea -- simply having the old session cookie stay
around longer. On the server side, you'd probably want to keep track of the
time the session was created and if it's an old session then change the
session id (I don't know if that's easy or hard). I think for security it is
cookies enabled: PHP sessions would act as before except
would not end up rewriting URLs on the first page view.
The change to the PHP code should be small: when seeing if cookies are
enabled simply look for any cookie sent by the client rather than just the
PHPSESSID cookie.
Matt
"Matt Richa
Hi,
I don't know if this has been discussed before, but I have a
suggestion about how PHP checks whether cookie support is enabled.
Here is my understanding of the current setup: On the first PHP page
encountered, all links will be turned into GET style URLS with the
session id attached because i
