Look at "enable.trans_sid" (something like that) in php.ini ...

HTH,

so there isn't much to play around with there.

i can't believe this is not a wide-range problem, that everybody have to tackle.
cookies that arn't submitted from a certified site are rejected by most browsers, by security defaults. so PHP SESSION's IDs must be transfered by other means such as POST or GET forms and querystrings.
this is very annoying.:mad:

like this :

$you_ID=session_id();
session_register("you_ID");

end you can use $you_ID everywhere !

Originally posted by rshilkrot
so there isn't much to play around with there.

i can't believe this is not a wide-range problem, that everybody have to tackle.
cookies that arn't submitted from a certified site are rejected by most browsers, by security defaults. so PHP SESSION's IDs must be transfered by other means such as POST or GET forms and querystrings.
this is very annoying.:mad:

And that is how it is done. With transparent support, if PHP can't use a cookie, it should automagically add the session ID to the query string for each page.

what happens if i can't use quertystrings to carry session ID?
or form with POST methodm for that matter.

most of my site is pure HTML and i want to keep it that way. the first page that's loaded is PHP, and it should make a session that will endure a whole trip through the HTML pages, back to the main page.
in the mainpage i check for a session, before i assign a new one.

No cookies, no querystrings? To modify something said in the US, "Up the Jordan without a paddle."

That's like saying "how can I greet 5000 conference attendees by name without the use of name tags?" The server keeps track of each browser by a] assignment of a cookie or b] propagation via the URL. There are other methods, I suppose, but they are usually dependent on running PHP code on the server, which you say you don't want to do. How 'bout auto_prepend'ing a header file that carried the sessid?

I suppose you could try some common Javascript include that passed the var along, or write the supposed IP (what is it $_SERVER['REMOTE-ADDR']?) of the user into a db or flat file, and then if that IP hit the PHP page again, you'd look up the session ID and set it with session_name(), but we're getting way out on a limb here...

why not simply change your .html pages over
to .php pages, you can keep them as html
page however you could place...
<?
session_start();
?>

before each page call thus carrying over the transparent session ID.

The other option is to edit your httpd.conf and allow .html files to be excuted as PHP files, thus giving the appearance of static html files while still executing and carrying over session_id's.

Dont forget you will need to have url_rewriting enabled in apache for this to work.

Cheers,

John

this is probably an obscenity in this forum, but nevertheless:
ASP does carry a session over html pages, w/o the use of cookies.

How is it accomplished?