i'm coding something for my blog mod for YSE 1.5.4
the blog location is here: http://www.monkey-pirate.com/blogs/spiff/
if you check under Archives on the right bar, all the links contain PHPSESSID
if you're logged in inside the forum, or has the cookies info, PHPSESSID doesn't show in the links, but guests will still have PHPSESSID in the url
my question is: how do i disable/hide PHPSESSID for my mod, not the entire forum
i tried using session_destroy somewhere in the code, but its still showing
Turn off session.use_trans_sid in php.ini.
-[Unknown]
Okay, how about for people without that kind of access to the host, any way to do it?
Umm... ini_set might work... and possibly ob_start('ob_gzhandler') - I think that stops it.
-[Unknown]
but the forum is already using ob_gzhandler when output compression is enabled...
do i need to redeclare it somewhere else?
i wonder why the forum doesnt show phpsessid to guests, but my function does:
http://omanga.monkey-pirate.com/index.php?action=blog_ssi_archive;threadid=1343
is it because i'm not using the template_header?
Might be......... headers?
-[Unknown]
I added ob_end_clean(), and it seems to solve it :)
Quote from: mephisto_kur on October 14, 2003, 08:14:29 PM
Okay, how about for people without that kind of access to the host, any way to do it?
You should be able to do that in a .htaccess file as long as "allowOverride" is enabled in httpd.conf (it normally is) and php isn't in safe mode. Actually, nearly all of the values in php.ini can be over-ridden via .htaccess on a per-directory basis.
Quote from: Spaceman-Spiff on October 15, 2003, 01:00:42 PM
I added ob_end_clean(), and it seems to solve it :)
where did you add this? we're trying to debug a url mod for YaBB SE that keeps showing PHPSESSID.
PHPSESSID is your friend ;).
-[Unknown]
or let me ask another way...what keeps php from adding the session id to the url when guests first view the forum?
is a session really needed for a guest? I can understand how it is for a member, but I don't know much about this, if any, that's why I'm asking :P
Quote from: [Unknown] on December 08, 2003, 12:13:16 PM
PHPSESSID is your friend ;).
-[Unknown]
why don't session id's show in the url for YaBB SE, except for like logout and that? what keeps them from showing?
Quote from: Anguz on December 08, 2003, 05:48:38 PM
is a session really needed for a guest? I can understand how it is for a member, but I don't know much about this, if any, that's why I'm asking :P
It is used to find out if the "Guest" is supposed to be member or not. For instance if a user has cookies off it would normally assume he is a guest, but if the session id is in the url you can determine if he is a member or not even without cookies.
So, this doesn't fix it?
@ini_set('session.use_trans_sid', 0);
-[Unknown]
Quote from: [Unknown] on December 08, 2003, 10:32:14 PM
So, this doesn't fix it?
@ini_set('session.use_trans_sid', 0);
-[Unknown]
haven't tried it yet... where should I put it? :)
I did think of doing this (http://www.yabbse.org/community/index.php?thread=26337/105#msg181023) but your code is most probably much better
:P
No, that way isn't as good :P.
-[Unknown]
Quote from: [Unknown] on December 08, 2003, 10:32:14 PM
So, this doesn't fix it?
@ini_set('session.use_trans_sid', 0);
-[Unknown]
Thanks...ok, where would I put that? Is that something that would have to be changed in the php settings? i'm not sure if I have access to change that. what I was wondering, is, how does the regular forum softward avoid having the session id in it, and why can't there just be a simple code fix for it within the YabbSE code (unless of course that fix is part of the YaBB code, in which case I need to know where it goes). :)
Put it at the top of the php script... before any output is made.
-[Unknown]
Quote from: [Unknown] on December 09, 2003, 02:37:48 AM
Put it at the top of the php script... before any output is made.
-[Unknown]
like this in index.php?
$time_start = getmicrotime();
@ini_set('session.use_trans_sid', 0);
That should work.
-[Unknown]
Quote from: [Unknown] on December 09, 2003, 03:24:09 AM
That should work.
-[Unknown]
cool, thank you :D
I was wondering if it'd also work putting it a bit later, right before the session thing, since there's no output up that point yet, or am I wrong? and it does make sense to group them... I may be wrong though :P
@ini_set('session.use_trans_sid', 0);
if (function_exists('session_start'))
{
session_start();
$sc = session_id();
}
else
$sc = '';
Quote from: Anguz on December 09, 2003, 03:29:01 AM
I was wondering if it'd also work putting it a bit later, right before the session thing, since there's no output up that point yet, or am I wrong? and it does make sense to group them... I may be wrong though :P
@ini_set('session.use_trans_sid', 0);
if (function_exists('session_start'))
{
session_start();
$sc = session_id();
}
else
$sc = '';
Of course....
-[Unknown]
cool!
I'll add it to the mod then :)
thanks again! ;D
thanks for the fix. just one question, though. does this work with safe server? i normally can't change the php settings.
It may not work in safe mode.
-[Unknown]
It's a funny thing. I have tried tha above solution and also putting the following in my php.ini file:
session.use_trans_sid = 0
and in my .htaccess file;
php_flag session.use_trans_sid off
And neither seems to be able to stop the PHPSESSID urls being displayed when users visit the site for the first time.
Any other suggestions would be very welcome.
Quote from: destalk on February 12, 2006, 07:21:19 PM
It's a funny thing. I have tried tha above solution and also putting the following in my php.ini file:
session.use_trans_sid = 0
and in my .htaccess file;
php_flag session.use_trans_sid off
And neither seems to be able to stop the PHPSESSID urls being displayed when users visit the site for the first time.
Any other suggestions would be very welcome.
BUMP .. i have the same result. SMF 1.1.1 with bloc's helios theme