[imp] Session Keys in URL

Nigel Cass N.Cass@Hull.ac.uk
Wed, 18 Sep 2002 09:29:24 +0100


If anyone knows the answer to this question I would greatly appreciate a
response.

TIA

Nigel Cass.

> 
> I think that option must only be in the very latest PHP - (not in my
> php-4.2.3)
> 
> Under what circumstances does IMP use session keys in the URL ? - it
> seems that it depends exactly what URL I type as to whether I get a
> cookie or a session id in the URL.
> 
> N.
> 
> > -----Original Message-----
> > From: imp-bounces@lists.horde.org
[mailto:imp-bounces@lists.horde.org]
> On
> > Behalf Of Jan Schneider
> > Sent: 17 September 2002 16:18
> > To: imp@lists.horde.org
> > Subject: Re: [imp] Session Keys in URL
> >
> > Zitat von Nigel Cass <N.Cass@Hull.ac.uk>:
> >
> > > I might be missing something obvious - (don't think so though,
I've
> > > checked things quite thoroughly) but is there a way of ensuring
that
> the
> > > session key is never displayed in the URL ?
> >
> > In recent PHP versions (perhaps only from CVS) there is a php.ini
> setting
> > called 'session.use_only_cookies'.
> > But be aware: sessions will only work if the users accept cookies
you
> > enable
> > this setting.
> >
> > Jan.