IMPRESS dotted_line CONTACT dotted_line search dotted_line Kontakt dotted_line sitemap dotted_line print
50 PHP-Resource users online

Switch to another languags Deutsch aktuelle Sprache Englisch
php-resource

PHP Manual


Passing the Session ID

There are two methods to propagate a session id:

  • Cookies
  • URL parameter

The session module supports both methods. Cookies are optimal, but because they are not always available, we also provide an alternative way. The second method embeds the session id directly into URLs.

PHP is capable of transforming links transparently. Unless you are using PHP 4.2.0 or later, you need to enable it manually when building PHP. Under Unix, pass --enable-trans-sid to configure. If this build option and the run-time option session.use_trans_sid are enabled, relative URIs will be changed to contain the session id automatically.

Note:

The arg_separator.output php.ini directive allows to customize the argument seperator. For full XHTML conformance, specify & there.

Alternatively, you can use the constant SID which is defined if the session started. If the client did not send an appropriate session cookie, it has the form session_name=session_id. Otherwise, it expands to an empty string. Thus, you can embed it unconditionally into URLs.

The following example demonstrates how to register a variable, and how to link correctly to another page using SID.

Example #1 Counting the number of hits of a single user

<?php

session_start
();

if (empty(
$_SESSION['count'])) {
   
$_SESSION['count'] = 1;
} else {
   
$_SESSION['count']++;
}
?>

<p>
Hello visitor, you have seen this page <?php echo $_SESSION['count']; ?> times.
</p>

<p>
To continue, <a href="nextpage.php?<?php echo htmlspecialchars(SID); ?>">click
here</a>.
</p>

The htmlspecialchars() may be used when printing the SID in order to prevent XSS related attacks.

Printing the SID, like shown above, is not necessary if --enable-trans-sid was used to compile PHP.

Note:

Non-relative URLs are assumed to point to external sites and hence don't append the SID, as it would be a security risk to leak the SID to a different server.




Comments to the PHP manual
Write new comment
 



 

New Tutorial entries

Migration einer PHP 5 App auf PHP 7

Dieses PHP 7 Tutorial zeigt dir, wie du dein PHP5 Script auf PHP7 umstellst.

Berni | Category: PHP
PHP 7 Virtual Machine

Dieser Artikel zielt darauf ab, einen Überblick über die Zend Virtual Machine, wie es in PHP 7 gefunden wird.

Berni | Category: PHP
plotting masters - a professional guide - Teil II

Grafische Interpolation und Bestapproximation von numerischen Wertepaaren: Wir wollen Punkte auf einer Zeichenebene über verschiedene Verfahren miteinander verbinden.

EVAMasters | Category: PHP