Unless you have your php.ini file configured differently, simply adding
session_start(); at the top of each page will make the session available
without having to pass the SID through the URL string. Not that there is
anything wrong or insecure by passing the session id through the URL string.
-Kevin
----- Original Message -----
From: "Scott Fletcher" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 02, 2002 1:05 PM
Subject: [PHP] $_SESSION
> Hi Again! I missed part of the past responses to the past posting over
the
> last few days because I had it cleaned from MS-Outlook folder. So, feel
> free to provide some feedback on the transformation from the script with
> register global turned on to off. Need some feedback on hiding the $SID
> from the URL as I saw somewhere on hte posting. I can't find it right
now.
> I'll keep looking. Thanks! FletchSOD
>
> --clip-- (Old Script --> Register_Global turned on)
>
> --Page 1--
> $user['data'] = "Yes!";
> $salt = strtoupper(md5(uniqid(rand())));
> session_id($salt);
> session_start();
> session_register("user");
> header("Location:
> https://test.whatever.com/test1.php?".SID."&init_login=TRUE";);
>
> --Page 2--
> session_register("user_detail");
> --clip--
> // ###############
> --clip-- (New Script --> Register_Global turned off)
>
> --Page 1
> $user['data'] = "Yes!";
> $salt = strtoupper(md5(uniqid(rand())));
> session_id($salt);
> session_start();
> $_SESSION['user'];
> header("Location:
> https://test.whatever.com/test1.php?".SID."&init_login=TRUE";);
>
> --Page 2
> $_SESSION['user'];
> --clip--
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
