php session.use_trans_sid

Question

I am not clear on the meaning and usage of php\'s session.use_trans_id .

On the online documentation, it says:

the run-time option session.u

Answer 1

"Does this mean it will ALWAYS add the session id? Or only when cookies are not working?"

• Only when cookies are not working. Plus, if both session.use_trans_sid and session.use_cookies are 1, then session.use_only_cookies decides: 1 will disable URL-rewriting. See this nice article.

"Will it automatically add it to javascript's window.location or ajax calls?"

• No. PHP does not know what Ajax is, it just rewrites literal URLs in its page output buffer (note how any linked scripts will break the session as soon as they have a hardcoded URL to the site).

"Unless you are using PHP 4.2.0 or later, you need to enable it manually"

• That (indeed confusingly) meant recompiling PHP < 4.2. For PHP5, it's just disabled in the config (for reasons you quoted from php.ini).

"Also, isn't this feature NECESSARY to handle users with cookies disabled?"

• Yes, it is. (Unless you provide some custom Javascript + PHP solution for some highly special case with crippled usability & generous trade-offs.)