Sessions and cookies

thefisherman

Hello everyone!

Short question:

If one does not accept cookies, will sessions still work?

I am experiencing some problems with certain people that keep ending up with empty shopping-carts because their browser was blocking cookies at this site:

www.graphicalsolutions.nl

The shopping-carts become empty once they checkout, or view their shopping-cart content.

I've seen a lot of sites (including my own🙂 which state that you have to accept cookies in order for the site to work properly.

It seems that a lot of people have their browsers block cookies to some extent (not even knowing about it).

Ok, any help appreciated!

thefisherman

bodzan

...in my experience you have to have cookies enabled for sessions to work...

I had a similar issue in my recent job and I was trying to make it work and then just realised that I'm blocking cookies so all I did is enable them again and it started working...

I don't know how else could it be done so all I did is inform users that they have to have cookies enabled for the site to work properly...

I would also wanted to know if there is another way of doing it because not all users can enable cookies (read KNOW) in their browsers...

thefisherman

Hi Bodzan,

I figured something like that and enabling cookies does infact do the trick.

Someone told me that older people often have no idea they should do this, even when told they don't know how.

Well i guess some people do and some people don't. I gotta draw the line somewhere.

Thanks anyway for response!

thefisherman

bodzan

...the way I figure the cookies are enabled by default when browser is installed and takes at least to have some degree of knowlendge to disable them...

Hence, I figure those guys (or girls) would know how to turn them up again... 😉

rehfeld

sessions do not require cookies. but cookies are the default and prefered way to pass the session id around.

php can be set to automatically pass the session id for you through the url, in the event the user doesnt accept cookies. there are some security problems with doing that though, so you should be aware of them.

to turn the feature on, do this before calling session_start()

ini_set('session.use_trans_sid', 1);
session_start();

do that, turn off cookies in your browser, and then goto your website so you can see the effects.

i suggest you do some serious reading about the secuirty problems of this before using it on a production site.

you should read this too....