Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Session Info Added to URL

0 views
Skip to first unread message

Celebrate

unread,
Oct 13, 2003, 12:18:50 AM10/13/03
to
I'm noticing that when my homepage first starts up, all the menu links
to other pages have the session info appended to the URL. For example:

href="products/product_list.php?PHPSESSID=45759f8aadee64cff2db65748977ac67"

This is done automatically as the original URL that I coded does not
have the session information added to it.

My first question is, is this normal behavior? The reason I'm
concerned is I have been tracking the Google Bot's activity on our
site and it hits the homepage and does not crawl the other pages. I'm
concerned the added session info is throwing it off.

Should I be concerned and if so, is there a way of preventing it from
appending the session info? I don't have the option of removing the
session_start() from the page because I must test for a session
variable.

Any help on this would be greatly appreciated...

Paul

Geoff Berrow

unread,
Oct 13, 2003, 2:50:48 AM10/13/03
to
I noticed that Message-ID:
<8bafcced.0310...@posting.google.com> from Celebrate contained
the following:

>Should I be concerned and if so, is there a way of preventing it from
>appending the session info? I don't have the option of removing the
>session_start() from the page because I must test for a session
>variable.

The way I understand this is that there are two ways of passing the
session info. One is by setting a cookie and the other is by storing
the session variables on the server and then accessing them via a
session id.

Your security settings are probably preventing cookies being set, hence
the addition of the ID (someone please correct me if I've got this
wrong)
--
Geoff Berrow
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/

Jean-Baptiste Nizet

unread,
Oct 13, 2003, 5:59:55 AM10/13/03
to
Celebrate wrote:
> I'm noticing that when my homepage first starts up, all the menu links
> to other pages have the session info appended to the URL. For example:
>
> href="products/product_list.php?PHPSESSID=45759f8aadee64cff2db65748977ac67"
>
> This is done automatically as the original URL that I coded does not
> have the session information added to it.
>
> My first question is, is this normal behavior? The reason I'm
> concerned is I have been tracking the Google Bot's activity on our
> site and it hits the homepage and does not crawl the other pages. I'm
> concerned the added session info is throwing it off.
>

Yes, it's normal. The first time the session is started, PHP doesn't
know if you support cookies or not. So it sends you a session cookie and
it also rewrites the URL. The second time, PHP receives the cookie, and
thus stops rewriting URLs.
The solution for google is to start the session only when it's
necessary. I think it's also possible to change php.ini in order to only
use cookies for sessions. But if you do that, all the visitors who
deactivate cookies won't be able to use your web site.

JB.

R. Rajesh Jeba Anbiah

unread,
Oct 13, 2003, 8:27:26 AM10/13/03
to
ple...@celebrate-software.com (Celebrate) wrote in message news:<8bafcced.0310...@posting.google.com>...

> I'm noticing that when my homepage first starts up, all the menu links
> to other pages have the session info appended to the URL. For example:
>
> href="products/product_list.php?PHPSESSID=45759f8aadee64cff2db65748977ac67"
>
> This is done automatically as the original URL that I coded does not
> have the session information added to it.
>
> My first question is, is this normal behavior? The reason I'm
> concerned is I have been tracking the Google Bot's activity on our
> site and it hits the homepage and does not crawl the other pages. I'm
> concerned the added session info is throwing it off.

It's because in you PHP.ini file, you have session.use_trans_sid
= 1. See http://cvs.php.net/co.php/php-src/php.ini-dist

>
> Should I be concerned

Not much except for security reasons. Look at your ini file's
session section for more stuff.

---
"US got a nuclear bomb that can destroy the world 13 times. Russia
got a nuclear bomb that can destroy the world 7 times. But...my
friend! Tell me! CAN YOU KILL A MAN TWICE??!!!!!" -- P.A.Sangma, Peace
loving Indian politician against India's step to go for a nuclear
test.
Email: rrjanbiah-at-Y!com

Celebrate

unread,
Oct 13, 2003, 10:50:51 PM10/13/03
to
I'm noticing that when my homepage first starts up, all the menu links
to other pages have the session info appended to the URL. For example:

href="products/product_list.php?PHPSESSID=45759f8aadee64cff2db65748977ac67"

This is done automatically as the original URL that I coded does not
have the session information added to it.

My first question is, is this normal behavior? The reason I'm
concerned is I have been tracking the Google Bot's activity on our
site and it hits the homepage and does not crawl the other pages. I'm
concerned the added session info is throwing it off.

Should I be concerned and if so, is there a way of preventing it from

Celebrate

unread,
Oct 15, 2003, 11:05:13 PM10/15/03
to
ng4rrj...@rediffmail.com (R. Rajesh Jeba Anbiah) wrote in message news:<abc4d8b8.03101...@posting.google.com>...

Thanks for the help guys.

Paul

0 new messages