Re: RE: Sessions without cookies

Christian Marschalek wrote:
>
> > You should note that even with the --enable-trans-sid, PHP
> > will still try and use a single cookie.  If the user does not
> > accept the cookie, then it is automagically passed in the
> > URL.  However, if the user accepts the cookie, then it will
> > use that to keep track of the session rather than the URL re-writing.
>
> Thanks... But I still need to find a way how I can completely get rid of
> the cookies.

Interestingly we have just developed a site that used no cookies whatsoever,
handling all session management through URL rewriting.

We got to a point, however, about two weeks ago where we found that we did, after
all, need to (try and) maintain session state between visits.  Although people could
bookmark the session, we decided to switch back to cookies as #1, with a fall-back
to URL rewriting.

You could do URL rewrite only sessions in PHP if you did your own URL rewriting
through creative use of the ob_... set of Output Control functions.  This would
allow you to use sessions completely without cookies - if that's really what you
want.

Regards,
                    Andrew.
--
_____________________________________________________________________
           Andrew McMillan, e-mail: Andrew@catalyst.net.nz
Catalyst IT Ltd, PO Box 10-225, Level 22, 105 The Terrace, Wellington
Me: +64(21)635-694, Fax: +64(4)499-5596, Office: +64(4)499-2267xtn709