Thanks very much for that, FYI this is what found in the PHP doc re: a transparent SID:
session.use_trans_sid boolean session.use_trans_sid whether transparent sid support is enabled or not. Defaults to 0 (disabled).
Note:For PHP 4.1.2 or less, it is enabled by compiling with --enable-trans-sid. From PHP 4.2.0, trans-sid feature is always compiled.
URL based session management has additional security risks compared to cookie based session management. Users may send an URL that contains an active session ID to their friends by email or users may save an URL that contains a session ID to their bookmarks and access your site with the same session ID always, for example.