Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Did I really kill SID?


emanresu

Recommended Posts

In all the debate about SID killers, we've only made one change which seems to have worked.

 

In includesfunctionshtml_output.php, Line 54 we changed sid to Null

 

// Add the session ID when moving from HTTP and HTTPS servers or when SID is defined  

if ( (ENABLE_SSL == true ) && ($connection == 'SSL') && ($add_session_id == true) ) {  

$sid = tep_session_name() . '=' . tep_session_id();  

} elseif ( ($add_session_id == true) && (tep_not_null(SID)) ) {  

$sid = SID;  

}  

 

if (isset($sid)) {  

$link .= $separator . $sid;  

}

 

to:

Code:

 

// Add the session ID when moving from HTTP and HTTPS servers or when SID is defined  

if ( (ENABLE_SSL == true ) && ($connection == 'SSL') && ($add_session_id == true) ) {  

$sid = tep_session_name() . '=' . tep_session_id();  

} elseif ( ($add_session_id == true) && (tep_not_null(SID)) ) {  

$sid = NULL;  

}  

 

if (isset($sid)) {  

$link .= $separator . $sid;  

}

 

We got this from an earlier post

 

 

It works for us but what have we done wrong??

Citizen of US Minor Outlying Islands

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...