473,570 Members | 2,937 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

PHPSESSID

Dear Gurus

Is it correct that you do not have to pass the PHPSESSID in the header in
order to keep a session going. What are the advantages/disadvantages of
having the PHPSESSID in the header

e..g. http://www.myurl.com/index.php?PHPSESSID=......

Thank you

- Nicolaas
Jul 17 '05 #1
7 7002
windandwaves wrote:

Hi,
Dear Gurus

Is it correct that you do not have to pass the PHPSESSID in the header in
order to keep a session going.
header? no..
It is stored in a cookie most of the time. (Which is send along with the
headers)
What are the advantages/disadvantages of
having the PHPSESSID in the header

e..g. http://www.myurl.com/index.php?PHPSESSID=......
That is NOT a header.
That is an URL with some extra information. (Called GET or Querystring)

And it is a perfectly legal way pass the sessionid around from page to page.

Alternatively people use a cookie instead.

Regards,
Erwin Moller

Thank you

- Nicolaas


Jul 17 '05 #2
>> What are the advantages/disadvantages of
having the PHPSESSID in the header
e..g. http://www.myurl.com/index.php?PHPSESSID=......

And it is a perfectly legal way pass the sessionid around from page to
page.


Be careful though - if you use a redirect on every user that comes to you
page without PHPSESSID (the way PHPlib does it) you will have problems with
some search engine crawlers.

Otherwise it is better to just put a session id in cookie. Most of the users
have cookies enabled (and there is no reason anymore why they shouldn't),
as for the other few - if they knew how to disable cookies they also know
how to enable them.

The reason for not using cookies comes from times when you could not set
your browser to only allow session cookies. Those days are now long gone.

Regards,

Anze
Jul 17 '05 #3
Anze wrote:
What are the advantages/disadvantages of
having the PHPSESSID in the header
e..g. http://www.myurl.com/index.php?PHPSESSID=......

And it is a perfectly legal way pass the sessionid around from page
to page.


Be careful though - if you use a redirect on every user that comes to
you page without PHPSESSID (the way PHPlib does it) you will have
problems with some search engine crawlers.

Otherwise it is better to just put a session id in cookie. Most of
the users have cookies enabled (and there is no reason anymore why
they shouldn't), as for the other few - if they knew how to disable
cookies they also know how to enable them.

The reason for not using cookies comes from times when you could not
set your browser to only allow session cookies. Those days are now
long gone.

Regards,

Anze


Hmmm, it seems that I got the wrong information.

So I should ditch the PHPSESSID in the URL and add a cookie. I actually
thought you could do it without a cookie.

I would prefer to go without a cookie if possible (I have never used them),
but I will definitely use them if the search engines can not access my pages
properly (the session starts automatically when people visit the site).

Thank you for your responses.
- Nicolaas



Jul 17 '05 #4
windandwaves wrote:
Ideally, I would like to put all the session variable in my Mysql database.
Is that possible?
Jul 17 '05 #5
windandwaves wrote:
On
http://nz.php.net/manual/en/ref.sess...sion.idpassing

I read:

"Search engines in general don't support cookies, and they don't do well
with SIDs in the query string. If you use sessions, especially URL-based
sessions, and want your site to be search engine friendly, the following
works well:

<?php
$br = get_browser();
if (!($br->crawler))
{
// any session-related code goes here
}
else
{
// whatever your page needs to work without sessions
}
?>

To use the function get_browser() you may need to install browscap.ini. See
the documentation for get_browser() for more info"

browscap.ini is not installed for me, is there another way to recognise the
googles of this world?
Jul 17 '05 #6
Erwin Moller wrote:
[..........]
Alternatively people use a cookie instead.
What code do I need to add to change from URL to cookie based sessions? Is
it lots or just a few lines. My site works perfectly now, but it uses URL
rather than cookies. Before I change over, however, I will have a good luck
on all the implications, especially those relating to search engines.

Thank you for your reply.
Regards,
Erwin Moller

Thank you

- Nicolaas

Jul 17 '05 #7
windandwaves wrote:
Erwin Moller wrote:
[..........]
Alternatively people use a cookie instead.
What code do I need to add to change from URL to cookie based sessions?
Is
it lots or just a few lines. My site works perfectly now, but it uses URL
rather than cookies. Before I change over, however, I will have a good
luck on all the implications, especially those relating to search engines.


Hi,

You can also let PHP take care of the session.
Look into php.ini in the session-section, and read up on php.net
PHP has the ability to:
1) try cookie
2) If that is not supported by the browser: use URL-rewriting.
Note: The URL-rewriting is a bit of a misnomer: it does a lot more, also
rewrite imagemaps-urls, frames, etc.
All is complete effortless, PHP can handle the rewriting.

About the searchengines:
If you ONLY use your session for not relevant stuff, I expect that
searchengines can just walk through your site.
for example:
If you have a session you print A, otherwise you print B
So the webcrawler will see B, assuming it didn't log in.

As far as I know webcrawlers do not use cookies, but just follow hyperlinks.

hope that helps a bit.

Regards,
Erwin Moller


Thank you for your reply.
Regards,
Erwin Moller

Thank you

- Nicolaas


Jul 17 '05 #8

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

8
6877
by: JohnS | last post by:
Hi, When I initially start my browser (any of 'm) and point it to my PHP script the $PHPSESSID is always blank. On all subsequent hits or after a refresh the value for $PHPSESSID is fine... why do I have to complete a php file before the $PHPSESSID is set? I tried to do session_start() before anything still blank, what did I miss? (Aix...
4
8236
by: Arnaud | last post by:
Hi ! I would like to propagate data between php pages, in two cases : the pages are read by : 1- Internet Explorer It's ok, data are writen in one page, and read from another. I don't use PHPSESSID 2- from a mobile browser ( mobile i-Mode phone Nec22) After several tests, I understod it's impossible, because the session system tries to...
3
7312
by: edward hage | last post by:
Hello , I want to pass some $_SESSION data to another page. I can pass PHPSESSID along using echo '<br /><a href="page2.php?' . SID .. '">page 2</a>'; However, I want to fill in a table with values and include PHPSESSID with it. This does not work. I tried somethink like this: <INPUT TYPE="Hidden" NAME="PHPSESSID" VALUE="<?=SID ?>">
0
1692
by: Alex Shi | last post by:
Hi, I don't know how php process its session. I just noticed that for the first time a web site is loaded php will insert a PHPSESSID through out the page: it attach this id to links, insert hidden field into form, and even attach the id onto form button if the button is an image. Here are samples what it did: <a...
2
7738
by: frizzle | last post by:
Hi there I have a site in which all pages ARE php-pages, but they're called/manipulated with htaccess. All files appear as a html-file to surfers. Sometimes i get the PHPSESSID declared in the url. I want to avoid this from caching in the browsers history. is there a way to detect if PHPSESSID is set, and if
0
1746
by: John Smith | last post by:
Googlebot has been picking up numerous PHPSESSID name/value pairs in URIs at my website, and this causes duplicate hits and wasted bandwidth. I've since prevented PHPSESSID generation in my PHP script if Googlebot makes the request; like so: if(preg_match("/googlebot/i", $_SERVER) != 1) //session code here ....but this doesn't stop the...
29
4836
by: CAH | last post by:
Hi Can you avoid that googlebot indexes PHPSESSID pages? Googlebot is indexing pages with PHPSESSID, which makes it think my page has a infinite number of pages. How can one avoid this? Here is an exsample of url that google register, that might make is more clear what is happening ...
1
2574
by: Leszek | last post by:
Hi. How should I configure Apache2.2 with php5 so that PHPSESSID would be sent as a cookie ? Now I'm not getting any messages even if I set IE to ask about incoming cookies... So what is the default way of sending PHPSESSID if not as a cookie? What is the best way to send PHPSESSID? thanks,
1
2595
by: zorro | last post by:
Greetings, I want users to select the duration time of their sessions. I'm able to do it by setting the PHPSESSID cookie duration. Is this reliable, or is it not recommended for some reason? This is the test : open browser, close browser, reopen browser if( ! $_COOKIE) // opened browser first time - no session
0
7636
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
0
7948
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
0
8150
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
0
8000
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
0
6329
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
1
5523
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
0
3682
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
0
3671
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
1238
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.