Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

Simple way to enforce cookies for sessions?


Recommended Posts

What's going on here? (2.2MS1)


I've commented out the line in html_output.php that adds sids to the URLs:


//$link .= $separator . $sid;


and the sessions still work, or appear to. I've closed all browsers, check for cookies, and can find none hanging around.


So my question is: is that all that is needed to enforce the use of cookies on the site? Is there something else I need to watch out for? Also, is there an easy way to detect a browser that does not accept cookies, so I can give the user a warning, or do I just need to send one on the first page access and see if I get one back?


As an asside, if the osCommerce product sends a cookie anyway, then way does it also send a SID in the URL - i.e. if it works without the URL SID, then why is it adding one on? Or am I misunderstanding something here?


At the end if the day, I don't want session IDs to appear in URLs. Period. My standard and SSL server support use the same server names and virtual directories.


-- Jason

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...