Session Info Added to URL

Re: Session Info Added to URL

I noticed that Message-ID:
<8bafcced.03101 22018.878f0e@po sting.google.co m> from Celebrate contained
the following:
[color=blue]
>Should I be concerned and if so, is there a way of preventing it from
>appending the session info? I don't have the option of removing the
>session_start( ) from the page because I must test for a session
>variable.[/color]
The way I understand this is that there are two ways of passing the
session info. One is by setting a cookie and the other is by storing
the session variables on the server and then accessing them via a
session id.

Your security settings are probably preventing cookies being set, hence
the addition of the ID (someone please correct me if I've got this
wrong)
--
Geoff Berrow
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/

Re: Session Info Added to URL

Celebrate wrote:[color=blue]
> I'm noticing that when my homepage first starts up, all the menu links
> to other pages have the session info appended to the URL. For example:
>
> href="products/product_list.ph p?PHPSESSID=457 59f8aadee64cff2 db65748977ac67"
>
> This is done automatically as the original URL that I coded does not
> have the session information added to it.
>
> My first question is, is this normal behavior? The reason I'm
> concerned is I have been tracking the Google Bot's activity on our
> site and it hits the homepage and does not crawl the other pages. I'm
> concerned the added session info is throwing it off.
>[/color]

Yes, it's normal. The first time the session is started, PHP doesn't
know if you support cookies or not. So it sends you a session cookie and
it also rewrites the URL. The second time, PHP receives the cookie, and
thus stops rewriting URLs.
The solution for google is to start the session only when it's
necessary. I think it's also possible to change php.ini in order to only
use cookies for sessions. But if you do that, all the visitors who
deactivate cookies won't be able to use your web site.

JB.
[color=blue]
> Should I be concerned and if so, is there a way of preventing it from
> appending the session info? I don't have the option of removing the
> session_start() from the page because I must test for a session
> variable.
>
> Any help on this would be greatly appreciated...
>
> Paul[/color]

Re: Session Info Added to URL

pleury@celebrat e-software.com (Celebrate) wrote in message news:<8bafcced. 0310122018.878f 0e@posting.goog le.com>...[color=blue]
> I'm noticing that when my homepage first starts up, all the menu links
> to other pages have the session info appended to the URL. For example:
>
> href="products/product_list.ph p?PHPSESSID=457 59f8aadee64cff2 db65748977ac67"
>
> This is done automatically as the original URL that I coded does not
> have the session information added to it.
>
> My first question is, is this normal behavior? The reason I'm
> concerned is I have been tracking the Google Bot's activity on our
> site and it hits the homepage and does not crawl the other pages. I'm
> concerned the added session info is throwing it off.[/color]

It's because in you PHP.ini file, you have session.use_tra ns_sid
= 1. See http://cvs.php.net/co.php/php-src/php.ini-dist
[color=blue]
>
> Should I be concerned[/color]

Not much except for security reasons. Look at your ini file's
session section for more stuff.

---
"US got a nuclear bomb that can destroy the world 13 times. Russia
got a nuclear bomb that can destroy the world 7 times. But...my
friend! Tell me! CAN YOU KILL A MAN TWICE??!!!!!" -- P.A.Sangma, Peace
loving Indian politician against India's step to go for a nuclear
test.
Email: rrjanbiah-at-Y!com

Re: Session Info Added to URL

ng4rrjanbiah@re diffmail.com (R. Rajesh Jeba Anbiah) wrote in message news:<abc4d8b8. 0310130427.1b65 41de@posting.go ogle.com>...[color=blue]
> pleury@celebrat e-software.com (Celebrate) wrote in message news:<8bafcced. 0310122018.878f 0e@posting.goog le.com>...[color=green]
> > I'm noticing that when my homepage first starts up, all the menu links
> > to other pages have the session info appended to the URL. For example:
> >
> > href="products/product_list.ph p?PHPSESSID=457 59f8aadee64cff2 db65748977ac67"
> >
> > This is done automatically as the original URL that I coded does not
> > have the session information added to it.
> >
> > My first question is, is this normal behavior? The reason I'm
> > concerned is I have been tracking the Google Bot's activity on our
> > site and it hits the homepage and does not crawl the other pages. I'm
> > concerned the added session info is throwing it off.[/color]
>
> It's because in you PHP.ini file, you have session.use_tra ns_sid
> = 1. See http://cvs.php.net/co.php/php-src/php.ini-dist
>[color=green]
> >
> > Should I be concerned[/color]
>
> Not much except for security reasons. Look at your ini file's
> session section for more stuff.
>
> ---
> "US got a nuclear bomb that can destroy the world 13 times. Russia
> got a nuclear bomb that can destroy the world 7 times. But...my
> friend! Tell me! CAN YOU KILL A MAN TWICE??!!!!!" -- P.A.Sangma, Peace
> loving Indian politician against India's step to go for a nuclear
> test.
> Email: rrjanbiah-at-Y!com[/color]

Thanks for the help guys.

Paul