In case, client has selected disabled cookie option then everytime you have to append session id variable to the URL.
While appending the session id variable to the URL, one must know the security concerns. This is the nice article about session and security. http://shiflett.org/articles/the-truth-about-sessions Thanks Hardik --- "Ford, Mike [LSS]" <[EMAIL PROTECTED]> wrote: > On 04 March 2004 10:25, matthew oatham wrote: > > > Hi, > > > > I have a quick question about PHP session. In my > website I > > have included the command session_start(); at the > top of > > every page. Firstly is this correct? > > Yes (sort of). The real deal is that > session_start() has to occur before you start > sending any actual content -- if you have, say, a > lot of initialization logic, this could actually be > quite a long way into your script. > > > Secondly when I visit > > the website the first link I click on has the php > session ID > > appended to the url however this php session ID is > not > > appended to subsequent links ! Is this correct > behaviour? > > Yes. It's simply the nature of cookies that it > takes at least one round trip to the server to work > out if you have them enabled -- and on that trip, > the only way to propagate the session id is to pass > it in the URL. > > > What is going on? Can anyone explain? > > On your initial visit to the site, you will not have > a session-id cookie set, so PHP doesn't know if you > have cookies enabled or not. When you first click a > link, therefore, the session id is appended to the > URL, *and* a session-id cookie header is sent. On > the next (and subsequent) clicks, the cookie will be > received from your browser, PHP knows you have > cookies enabled, and therefore relies on the cookie > and does not add the session id to the URL. > > Cheers! > > Mike > > --------------------------------------------------------------------- > Mike Ford, Electronic Information Services Adviser, > Learning Support Services, Learning & Information > Services, > JG125, James Graham Building, Leeds Metropolitan > University, > Beckett Park, LEEDS, LS6 3QS, United Kingdom > Email: [EMAIL PROTECTED] > Tel: +44 113 283 2600 extn 4730 Fax: +44 113 > 283 3211 > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > __________________________________ Do you Yahoo!? Yahoo! Search - Find what you’re looking for faster http://search.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
