htaccess mod_rewrite, PHP, and cookies turned off in the browser
PHP puts the session id into the URL when cookies are turned off. Does this session id have to be accounted for (by proactively coding for it) in the case where .htaccess rewrite is being used?
Also, I presume that when cookies are off the session id cannot be propagated automatically when there are a mix of .php files and .html being served. That i开发者_开发技巧s, if a user navigates to an .html page from a .php page and then back to .php page, the session id is lost as the .html file cannot account for it. Is this correct?
In most cases the session ID does not figure in .htaccess processing because it is in the QUERY_STRING
part of the URL (that is, after a ?
). But you might have to account for it if you test QUERY_STRING
in a RewriteCond
or replace it in a RewriteRule
.
And you presume correctly, the session ID will not propagate through a pure HTML file. However, you could use .htaccess
to run .html
files through PHP:
AddType application/x-httpd-php .html
and something like this to activate the URL rewriting feature for those files:
<FilesMatch "\.html$">
php_value auto_prepend_file "/home/*******/public_html/session_start.php"
</FilesMatch>
where session_start.php contains just:
<?php session_start();
(See this SO question for details).
Or you could just put up an error page telling users that you don't support running with cookies off.
精彩评论