homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

Valid Pages with PHP session enabled?

 5:21 pm on Jul 7, 2002 (gmt 0)

I have a page that uses a session. The session ID (PHPSESSID) is automatically added to the links where I'm passing a variable on the URL (example.php?var=value&PHPSESSID=75d1bac8ae12cde317e1cc55d6d58e6f). The validator is choking on the link. The doctype and namespace look like this:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

Do I need to encode the URL using url_encode() or ??



 5:34 pm on Jul 7, 2002 (gmt 0)

I don't think you'll be able to encode the url, but here is something I wrote to set a session only if the UA is nat a search engine:

/* Use this to start a session only if the UA is *not* at search engine
to avoid duplicate content issues with url propagation of SID's */
$searchengines=array("Google", "Fast", "Slurp", "Ink", "Atomz", "Scooter", "Validator");
foreach($searchengines as $key => $val) {
if(strstr("$HTTP_USER_AGENT", $val)) {
} if($is_search_engine==0) { // Not a search engine

/* You can put anything in here that needs to be
hidden from searchengines */

} else { // Is a search engine

/* Put anything you want only for searchengines in here */

} ?>

You can use it to include the 'Validator' as well.



 6:31 pm on Jul 7, 2002 (gmt 0)

Ah hah! I thought you might be on-line Nick.

Good idea but what's the USER AGENT id for the W3C Validator (http://validator.w3.org)? "Validator" didn't do it because I'm still getting the error.


 6:50 pm on Jul 7, 2002 (gmt 0)

W3C_Validator/1.183 libwww-perl


 7:01 pm on Jul 7, 2002 (gmt 0)

Whoops - my mistake. I didn't wrap my session_register() declarations. Thanks both!



 7:12 pm on Jul 7, 2002 (gmt 0)

I am glad he was cause I looked at the question did a search but wasnt quite understanding the question still. My feable attempts at scripting doesnt include such things yet. I vote for Nick & jatar_K as Mods!


 7:27 pm on Jul 7, 2002 (gmt 0)

If you have sessions enabled session_start(), the web server assigns a session ID (SID) to each visitor - which includes SEs, validators, as well as browsers. In order to maintain the current session when a user clicks on a link, the SID is automatically appended to the URL. The format is "&PHPSESSID=somelongalphanumericcode". The problem is that the validator doesn't like the &.

So what Nick gave me is a chunk of code that identifies the validator before the session is enabled and prevents the session from starting. Which prevents the SID from being appended. Which, as far as the validator is concerned, is perfect. It only needs to look at my structure and content - not the variables I pass on the URL. Make sense?


 9:03 pm on Jul 7, 2002 (gmt 0)

Thank you for explaining Lorax I have never used anything other than premade scripts that had anything cookies or sessions so I have never really learned about them.


 9:41 pm on Jul 7, 2002 (gmt 0)

Sessions are very cool. They actually set a cookie on the client-side if possible but will append the session id to the urls (including adding hidden fiels on forms) if the client will not except cookies.

One very common use of cookies is to store just an unique id for the user that relates to a databse record containing all of the users preferecnces/data.



 11:59 pm on Jul 7, 2002 (gmt 0)

I have never used anything other than premade scripts

Oh but you should try. Once you build something of your own creation - no matter how simple - you will begin to get the bug. With PHP there's very little you can't accomplish. BTW - for pre-assembled scripts you should add www.hotscripts.com to your bookmarks if you don't already have it there.


 12:23 am on Jul 8, 2002 (gmt 0)

ohh I know that Lorax... I write scripts but never gotten into sessions and the such. I actually wrote one the other day cause someone needed it on here.


 7:03 am on Jul 10, 2002 (gmt 0)

If you use &amp;PHPSESSID=.... instead of &PHPSESSID=.... in the link, the validator should stop complaining.

If the link is generated by the PHP's session module, you can fix it by putting this in your php.ini:

arg_separator.output = "&amp;"

If you don't have access to or don't want to use php.ini you can modify this setting in the very beginning of your script instead:

ini_set('arg_separator.output', '&amp;');

Hope this helps.

- Stig


 7:52 am on Jul 10, 2002 (gmt 0)

Good call stigsb!
I've been wondering if it was possible to change the way php does it.

I'm surprised they havn't altered in latest versions, they've been using <br /> in nl2br() for quite a while....



 3:16 am on Jul 12, 2002 (gmt 0)

Brilliant stigsb!
I'll post a note to the host tonight! Thanks all.


Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved