Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How do PHP sessions work when cookies are disabled?

Tags:

php

cookies

session

I've tried to research this mechanism but only find hints and these are not very consistent. How is the session _id sent to the browser and how is the browser instructed to return it when the user requests a new page?

Thanks, Chris

like image 781
cjakeman Avatar asked Mar 05 '09 08:03

cjakeman

People also ask

Will session work if cookies is disabled in PHP?

Sessions in PHP normally do use cookies to function. But, PHP sessions can also work without cookies in case cookies are disabled or rejected by the browser that the PHP server is trying to communicate with.

Does PHP session require cookies?

Yes. PHP sessions rely on a cookie containing a session key. Your session data are stored only on your server, but a unique ID is assigned to each session and that ID gets saved in a cookie.

What happens if cookies are blocked?

Here are some examples of what happens if you block all cookies: You may not be able to automatically sign in to a site because your saved username and password is deleted. Some web pages or features won't function. You may see a message on websites asking you to enable cookies for it to load.

Can we maintain session without cookies?

If its a public session then yes, you can use no cookies session.

1 Answers

PHP will do 2 things:

  • It will rewrite all links to pass an extra GET parameter, usually PHPSESSID but this can be changed by setting session.name in php.ini
  • It will add a hidden input with the same name after all <form> opening tags.

Note that this is a dangerous thing to do, because anyone who you e.g. copy/paste a URL to containing an PHPSESSID parameter will be able to share your login session on the site - the webserver has no easy way of telling that you are different from the person you sent the link to...

like image 129
Gareth Avatar answered Oct 17 '22 22:10

Gareth
Sign in to Comment

Related questions

How to install the old version of PHPUNIT?
PHPUnit class TestCase not found
N-grams: Explanation + 2 applications
Alternatives to Yahoo Pipes [closed]
jquery ui autocomplete with database
phpinfo() difference between master and local value
Can I programmatically determine if a PNG is animated?
What is the best search Algorithm for PHP & MYSQL? [closed]
Backbone.js How to use with PHP
Protocol Buffer for PHP [closed]
How to detect if a class does not exist without triggering an error
Login to Google with PHP and Curl, Cookie turned off?
How to create videos from images with php?
Terminating zombie child processes forked from socket server
Shorten text without splitting words or breaking html tags
Pass array literal to PostgreSQL function
Executing Git hooks on Windows
PHP chmod( ):Operation not permitted, safe_mode deprecation involved?
What is the best way to insert multiple rows in PHP PDO MYSQL?
Laravel Sync error

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!