Session IDs in URL

saxon75

I'm having a problem with session IDs being intermittently inserted into the URLs on my site. I have tried to correct this with some ini_set calls, but it doesn't seem to help.

The first line in every one of my PHP files includes a header file. The first thing I do in my header file is set the include path. The very next thing I do is the following:

ini_set("session.use_cookies", true);
ini_set("session.use_only_cookies", true);
ini_set("session.use_trans_sid", false);

For some reason, though, I still sometimes have PHPSESSID inserted into my URLs. I think this only happens on the first page you view when visiting my site; navigating to a new page or refreshing seems to make it go away.

I am on shared hosting, so I don't have access to my php.ini file. Any other solutions?

travelbuff

Think the proper syntax would be:
ini_set("session.use_trans_sid", "0");

try adding this line in your .htaccess file:
php_flag session.use_trans_sid off

Could be that your host has "allow override" set to "none" in you httpd.conf or has some goofy php_admin_value settings for the 'sake of security'.

If neither of the above solutions work, contact your host.

saxon75

The .htaccess line seemed to do the trick. Thanks!

nomad9

try this at the top of your page

ini_set("arg_separator.output","&");