https://www.webmaster-forums.net/crss/node/1019050 en https://www.webmaster-forums.net/server-side-scripting/another-question-about-session#comment-1112822 <p>from the manual: <a href="http://www.php.net/manual/en/ref.session.php" class="bb-url">http://www.php.net/manual/en/ref.session.php</a></p> <blockquote class="bb-quote-body"><p>Quote: session.use_trans_sid whether transparent sid support is enabled or not. Defaults to 0 (disabled).</p></blockquote> <blockquote class="bb-quote-body"><p>Quote:<br /> There are two methods to propagate a session id: </p> <p>o Cookies<br /> o URL parameter </p> <p>The session module supports both methods. Cookies are optimal, but since they are not reliable (clients are not bound to accept them), we cannot rely on them. The second method embeds the session id directly into URLs. </p> <p>PHP is capable of doing this transparently when compiled with --enable-trans-sid. If you enable this option, relative URIs will be changed to contain the session id automatically. Alternatively, you can use the constant SID which is defined, if the client did not send the appropriate cookie. SID is either of the form session_name=session_id or is an empty string. </p> </blockquote> <blockquote class="bb-quote-body"><p>Quote: Note: Non-relative URLs are assumed to point to external sites and hence don't append the SID, as it would be a security risk to leak the SID to a different server. </p></blockquote> <p>If set to TRUE, PHP will automatically pass $SID transparently (via cookie) if possible, and [if successfull] $SID will be an empty string.</p> Thu, 22 Aug 2002 06:11:50 +0000 Mark Hensler comment 1112822 at https://www.webmaster-forums.net