[support] Session problems
Earnie Boyd
earnie at users.sourceforge.net
Tue Jun 24 13:04:41 UTC 2008
Quoting Daniel Carrera <daniel.carrera at zmsl.com>:
> Earnie Boyd wrote:
>> I see at http://drupal.org/node/188710 that you should also
>> ini_set('session.use_only_cookies', 0); in the settings.php file.
>
>
> Thanks. I have to say that I don't really understand that option. I made
> the change, but I don't understand what I just did.
>
From http://php.net/session.configuration we see:
session.use_only_cookies boolean
session.use_only_cookies specifies whether the module will only use
cookies to store the session id on the client side. Enabling this
setting prevents attacks involved passing session ids in URLs. This
setting was added in PHP 4.3.0. Defaults to 1 (enabled) since PHP 6.0.
Earnie -- http://for-my-kids.com/
-- http://give-me-an-offer.com/
More information about the support
mailing list