Delan Azabani Delan Azabani - 1 year ago 82
PHP Question

PHP session without cookies

Is there a way that I can initiate a persistent session in PHP without the placement of a session cookie? Are there other ways of maintaining a session across pages, such as an IP address-based solution?

My reason for asking is, is that although most users have cookies on, I want to see if there's a way for a login system to work for those with it disabled (even though I think disabling cookies is just unnecessary paranoia, personally).

Answer Source

I don't think it's too much to ask your users to enable cookies. I find it silly when people turn them off entirely.

Otherwise, you can set your session.use_only_cookies to "0" to force the appendage of a session ID to URLs within your php. This approach, however, has several draw backs. Mainly that of keeping the state within the URL, as opposed to the Cookie header. If a user were to copy and paste the URL of the page they were on, and someone else were to click on it, they would both be using the same session.

     ini_set("session.use_cookies", 0);
     ini_set("session.use_only_cookies", 0);
     ini_set("session.use_trans_sid", 1);
     ini_set("session.cache_limiter", "");