transparent session ID

rudiger

I'm currently building an online ordering system with url and cookie based session handling. The url method is used by default (because its most reliable) unless a user explicitly choses to use cookies.

I've had a look through the session handling section in the php manual and noticed a configuration option called
use-trans-id which automatically appends the session id onto the end of the (non-relative) url.

This is all working fine but its not what I initially thought use-trans-id was for. I would like to remove the big ugly session id string from the URL altogether but is this possible without using cookies at all? I would have thought no but I've noticed that after a POST form submission the session id doesn't show in the url but afterwards the session isn't lost.

Any ideas?

iceiceboom

Hello,

I made up my own sessions script that instead of using URL-based stuff, it'll all be dealt with by using the user's IP address.

I recommend you do the same if you are looking for a good solution to transparency to the user.

rudiger

OK, I see how that could work too but I'm a little reluctant.

Has anyone else used use-trans-id before or know if its possible to remove the url session id propagation??