login cookie

nodiaque

Hi, for my login, here is what I use:

            $_SESSION['user'] = $_POST['user'];
            $_SESSION['id'] = $ligne['ID'];

And after, I check if these are setted. Now, it's working fine, but I there is a problem. The client have to put his security to none or put my website into "trusted site" in ie settings. How to resolve this? Thanks.

bad76

Hi,
try to look at session_use_cokie var in php.ini
The protection of ie6 can block also session cookie...

fandelem

Actually the most common technique to allow your site to work with or without cookies is to use session url wrapping.. this essentially means that on each .php you have, include this:

if (isset($HTTP_GET_VARS['sid']) && $HTTP_GET_VARS['sid'] != "" )
{
  $sid = $HTTP_GET_VARS['sid'];
  session_id($sid);
}
else if ( isset($HTTP_POST_VARS['sid']) && $HTTP_POST_VARS['sid'] != "" )
{
  $sid = $HTTP_POST_VARS['sid'];
  session_id($sid);
}

and have links (just like phpbuilder.com has!) that utilize this: http: //w ww.phpbuilder.com/board/editpost.php?
s= f6049b484500e3430755b229f7613de3
&action=editpost&postid=10422287 (note the s= which is the SID)

and voila.. even a client without cookies will still have session management.