Turning off PHPSESSID

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

PHP is making a right mess at the moment and insists on putting a
PHPSESSID in forms, urls and other spots on a script I am running.  Is
there any way to stop it doing this?  Part of the issue is it is
inserting an ampersand in the url instead of &  --- ampersands are
not valid HTML Trans and I am trying to make sure my pages are valid.

Forgive me if I have asked this already today - I've been sitting here
for hours wondering if I indeed posted this question or not.  Very
tired and frustrated atm.


Re: Turning off PHPSESSID

Make sure that you have 'session.use_trans_sid' turned off.

Check your php.ini file, and if it is not there, add:

session.use_trans_sid = Off

Alternativly, add this to your scripts:

ini_set('session.use_trans_sid', 0);

Best regards,


Quoted text here. Click to load it

Re: Turning off PHPSESSID

*** James escribió/wrote (21 Mar 2005 14:05:55 -0800):
Quoted text here. Click to load it

Change this in PHP.INI:

; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
;   to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
;   in publically accessible computer.
; - User may access your site with the same session ID
;   always using URL stored in browser's history or bookmarks.
session.use_trans_sid = 0

Quoted text here. Click to load it

; The separator used in PHP generated URLs to separate arguments.
; Default is "&".
;arg_separator.output = "&"

-+ Álvaro G. Vicario - Burgos, Spain
+- http://www.demogracia.com (la web de humor barnizada para la intemperie)
++ No envíes tu dudas a mi correo, publícalas en el grupo
-+ Do not send me your questions, post them to the group

[FAQ] Turning trans sid on or off (Was Re: Turning off PHPSESSID)

Q: When using session all the links are appended with PHPSESSID. How to
avoid that?
Q: How should I turn on or off the trans sid support?

A: when the "session.use_trans_sid" setting in php.ini is enabled, PHP
will append the session id in all relative links of the webpage. trans
sid feature helps to propagate the session id even if the browser
cookie is disabled.
  To turn on or off:
  1. Edit the php.ini file
  2. Edit .htaccess file and set the PHP value (if you don't have
access to php.ini). This will work only in mod_php
  3. Use ini_set() function <http://www.php.net/ini_set in the script
and enable/disable this feature.

  (3) will work only in PHP 5; previous versions don't allow to change
via ini_set(). To enable/disable this feature via script, you have to
use other hacks.
  To enable:
     Add the following lines in the beginning of your script:
      output_add_rewrite_var(session_name(), session_id());
  To disable:
     Add the following lines in the beginning of your script:

    or add the following lines:
      ini_set('url_rewriter.tags', '');


@todo More info on htaccess trick. Or should find a separate question
on the ini settings.

Site Timeline