Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

PHPSESSID

0 views
Skip to first unread message

windandwaves

unread,
Apr 5, 2005, 7:46:41 AM4/5/05
to
Dear Gurus

Is it correct that you do not have to pass the PHPSESSID in the header in
order to keep a session going. What are the advantages/disadvantages of
having the PHPSESSID in the header

e..g. http://www.myurl.com/index.php?PHPSESSID=......

Thank you

- Nicolaas


Erwin Moller

unread,
Apr 5, 2005, 8:47:26 AM4/5/05
to
windandwaves wrote:

Hi,

> Dear Gurus
>
> Is it correct that you do not have to pass the PHPSESSID in the header in
> order to keep a session going.

header? no..
It is stored in a cookie most of the time. (Which is send along with the
headers)

> What are the advantages/disadvantages of
> having the PHPSESSID in the header
>
> e..g. http://www.myurl.com/index.php?PHPSESSID=......

That is NOT a header.
That is an URL with some extra information. (Called GET or Querystring)

And it is a perfectly legal way pass the sessionid around from page to page.

Alternatively people use a cookie instead.

Regards,
Erwin Moller

>
> Thank you
>
> - Nicolaas

windandwaves

unread,
Apr 5, 2005, 5:46:27 PM4/5/05
to
Anze wrote:
>>> What are the advantages/disadvantages of
>>> having the PHPSESSID in the header
>>> e..g. http://www.myurl.com/index.php?PHPSESSID=......
>> And it is a perfectly legal way pass the sessionid around from page
>> to page.
>
> Be careful though - if you use a redirect on every user that comes to
> you page without PHPSESSID (the way PHPlib does it) you will have
> problems with some search engine crawlers.
>
> Otherwise it is better to just put a session id in cookie. Most of
> the users have cookies enabled (and there is no reason anymore why
> they shouldn't), as for the other few - if they knew how to disable
> cookies they also know how to enable them.
>
> The reason for not using cookies comes from times when you could not
> set your browser to only allow session cookies. Those days are now
> long gone.
>
> Regards,
>
> Anze

Hmmm, it seems that I got the wrong information.

So I should ditch the PHPSESSID in the URL and add a cookie. I actually
thought you could do it without a cookie.

I would prefer to go without a cookie if possible (I have never used them),
but I will definitely use them if the search engines can not access my pages
properly (the session starts automatically when people visit the site).

Thank you for your responses.


- Nicolaas

windandwaves

unread,
Apr 5, 2005, 7:02:52 PM4/5/05
to
windandwaves wrote:
Ideally, I would like to put all the session variable in my Mysql database.
Is that possible?


windandwaves

unread,
Apr 5, 2005, 7:28:52 PM4/5/05
to
windandwaves wrote:
On
http://nz.php.net/manual/en/ref.session.php#session.idpassing

I read:

"Search engines in general don't support cookies, and they don't do well
with SIDs in the query string. If you use sessions, especially URL-based
sessions, and want your site to be search engine friendly, the following
works well:

<?php
$br = get_browser();
if (!($br->crawler))
{
// any session-related code goes here
}
else
{
// whatever your page needs to work without sessions
}
?>

To use the function get_browser() you may need to install browscap.ini. See
the documentation for get_browser() for more info"

browscap.ini is not installed for me, is there another way to recognise the
googles of this world?


windandwaves

unread,
Apr 5, 2005, 10:12:08 PM4/5/05
to
Erwin Moller wrote:
[..........]

> Alternatively people use a cookie instead.

What code do I need to add to change from URL to cookie based sessions? Is
it lots or just a few lines. My site works perfectly now, but it uses URL
rather than cookies. Before I change over, however, I will have a good luck
on all the implications, especially those relating to search engines.

Thank you for your reply.

Erwin Moller

unread,
Apr 6, 2005, 4:36:03 AM4/6/05
to
windandwaves wrote:

> Erwin Moller wrote:
> [..........]
>> Alternatively people use a cookie instead.
>
> What code do I need to add to change from URL to cookie based sessions?
> Is
> it lots or just a few lines. My site works perfectly now, but it uses URL
> rather than cookies. Before I change over, however, I will have a good
> luck on all the implications, especially those relating to search engines.

Hi,

You can also let PHP take care of the session.
Look into php.ini in the session-section, and read up on php.net
PHP has the ability to:
1) try cookie
2) If that is not supported by the browser: use URL-rewriting.
Note: The URL-rewriting is a bit of a misnomer: it does a lot more, also
rewrite imagemaps-urls, frames, etc.
All is complete effortless, PHP can handle the rewriting.

About the searchengines:
If you ONLY use your session for not relevant stuff, I expect that
searchengines can just walk through your site.
for example:
If you have a session you print A, otherwise you print B
So the webcrawler will see B, assuming it didn't log in.

As far as I know webcrawlers do not use cookies, but just follow hyperlinks.

hope that helps a bit.

0 new messages