[imp] Session Keys in URL

Nigel Cass N.Cass@Hull.ac.uk
Tue, 17 Sep 2002 15:57:40 +0100

Previous message: [imp] imp directory problems
Next message: [imp] Session Keys in URL
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

All.

I might be missing something obvious - (don't think so though, I've
checked things quite thoroughly) but is there a way of ensuring that the
session key is never displayed in the URL ?

I am using a custom Mysql session handler which seems to work quite
well. What I can't understand (and I admit it could easily be that I
still don't fully understand the session handling within php properly)
is why there is sometimes a session id in the URL as I use the system
and at othertimes there isn't. Obviously I don't want there to ever be a
session ID if I can help it to avoid people bookmarking sessions and
then using them at a later date and potentially getting other peoples
sessions.

Please could one of the enlightened explain it to me :)

TYIA

Nigel Cass.

Previous message: [imp] imp directory problems
Next message: [imp] Session Keys in URL
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]