This must sound pretty far-fetched, but as far as I can tell, my site is
attempting to set a session cookie from any and all PHP pages, even when
the page has no calls to session_* functions and where there were also no
previous visits to pages with such calls. Where is the setting that is
initializing these unneccessary sessions and sending the cookies? I looked
for something in php.ini or phpinfo() to explain it, but came up empty.
Below are excerpts from a phpinfo() dump.
I wondered about that "session.use_trans_sid", but there's no reference to
it in my php.ini file (yes, I checked that phpinfo says I'm looking at the
correct one) and I also cannot find anything about it in the PHP.net online
docs. What does that setting do, and where is it configured?
TIA
begin excerpts from phpinfo()
Directive Local Value Master Value
assert.active 1 1
assert.bail 0 0
assert.callback no value no value
assert.quiet_eval 0 0
assert.warning 1 1
safe_mode_allowed_env_vars PHP_ PHP_
safe_mode_protected_env_vars LD_LIBRARY_PATH LD_LIBRARY_PATH
session.use_trans_sid 1 1
session
Session Support enabled
Directive Local Value Master Value
session.auto_start On On
session.cache_expire 60 60
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_maxlifetime 1800 1800
session.gc_probability 1 1
session.name SID SID
session.referer_check no value no value
session.save_handler files files
session.save_path /tmp /tmp
session.serialize_handler php php
session.use_cookies On On
HTTP Response Headers
Set-Cookie SID=0c6a1e4a46c8d9d840ac865d4a9d8e6f; path=/
Expires Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control no-store, no-cache, must-revalidate, post-check=0,
pre-check=0
Pragma no-cache
--
CC
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
