I'm trying to get my script to use url session id instead of cookies. The following page is not picking up the variable in the url as the session id. I must be missing something.
First page http://www.website.com/start.php
ini_set("session.use_cookies",0);
ini_set("session.use_trans_sid",1);
session_start();
$session_id = session_id();
header("location: target.php?session_id=". $session_id );
Following page - http://www.website.com/target.php?session_id=rj3ids98dhpa0mcf3jc89mq1t0
ini_set("session.use_cookies",0);
ini_set("session.use_trans_sid",1);
print_r($_SESSION);
print(session_id())
Result is a different session id and the session is blank.
Array ( [debug] => no ) pt1t38347bs6jc9ruv2ecpv7o2
be careful when using the url to pass session ids, that could lead to session hijacking via the referer!