By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
437,830 Members | 2,271 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 437,830 IT Pros & Developers. It's quick & easy.

Session variables in IE

P: n/a
Why on earth would the security settings affect session variables?
We're not setting a cookie here. I'm just trying to carry one session
variable over from one page to the next. If the security settings in IE
are set to "high", it doesn't work. What gives?
Jul 17 '05 #1
Share this Question
Share on Google+
4 Replies


P: n/a
I noticed that Message-ID: <cb********@odak26.prod.google.com> from R.
Rajesh Jeba Anbiah contained the following:
Why on earth would the security settings affect session variables?
We're not setting a cookie here.


Wrong idea. Indeed, session uses cookie.


But it doesn't have to.

You can pass it via the url, e.g.
<A HREF="nextpage.php?<?php echo strip_tags(SID)?>">

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Jul 17 '05 #2

P: n/a
Matt wrote:
Why on earth would the security settings affect session variables?
We're not setting a cookie here. I'm just trying to carry one session
variable over from one page to the next. If the security settings in IE
are set to "high", it doesn't work. What gives?


Hi Matt,

In the stateless client-server-world:
To create a session the server needs to know which client it is talking to.
This is done by sending an unique long string of characters (sessionid) to
the client.
Next time the client sends a request to the server, it sends this sessionid
with it.

Most of the time this sessionid is stored in a coockie....
You can also use URL-rewritting to code the sessionid in the URL.

As for M$ IE-exploder: I *think* setting to high security means blocking
coockies for IE. Not sure, dropped that securityhole ages ago.

Hope that helps.

Regards,
Erwin Moller

Jul 17 '05 #3

P: n/a
Matt wrote:
Why on earth would the security settings affect session variables?
We're not setting a cookie here. I'm just trying to carry one session
variable over from one page to the next. If the security settings in IE
are set to "high", it doesn't work. What gives?


A session requires a cookie to store the session id. This not a PHP specific
thing. However, PHP does have a configuration option that forces the
session id to be appended to the URL rather than use a cookie (as a work
around to things not allowing cookies).
--
remove .nospam from e-mail address to reply
Jul 17 '05 #4

P: n/a
James McIninch wrote:
Matt wrote:
Why on earth would the security settings affect session variables?
We're not setting a cookie here. I'm just trying to carry one session
variable over from one page to the next. If the security settings in IE
are set to "high", it doesn't work. What gives?


A session requires a cookie to store the session id. This not a PHP
specific thing. However, PHP does have a configuration option that forces
the session id to be appended to the URL rather than use a cookie (as a
work around to things not allowing cookies).

Damn it. I was going to give that answer. Can you believe it, I knew an
answer!
Jul 17 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.