hi, i am having a problem with php 4.3 and using the automatic appending of session id on url strings (for the case where cookies are turned off). do you have to use hidden form elements that store the session id when using POST forms? and then retrieve the POSTed value on every page?
i have a main page with links to the various sections of my site.
when you initially go to the main page after logging in, there are links such as:
[url]http://www.my_url.com/vendor/edit_register.php?PHPSESSID=ff7d9f29f89a3531aa8030sed330c94e[/url]
each section on the site involves forms with POST methods. after going through a few forms, you get sent back to the main page. BUT then the main page no longer has links like the one above - the session id is not there anymore. i have to log in again ...
i was toying with the idea of putting this at the top of each page:
//grab session i'd from POSTed forms, if any
if(!session_id()){
session_id($_POST['post_session_id']);
}
and any POST form would have:
// put session id as hidden value in POST forms
$session_id_value = session_id();
echo "<INPUT TYPE=\"hidden\" NAME=\"post_session_id\" VALUE=\"$session_id_value\">";
-c
