- From: Samuel Rinnetmaki <samuel@iki.fi>
- Date: Sun, 26 Feb 2006 13:37:26 +0200 (EET)
- To: www-validator@w3.org
- Cc: DifVgg Vorstand <vorstand@difvgg-priebe.de>
> > <form action="?log=login_r" method="post"><input type="hidden"
> > name="PHPSESSID" value="46eda3e63dbdf10bc67f702249d90bda" />
> Generating the HTML by hand was the advice I recieved (from PHP
> experts) when I had that problem. I'm not aware of anything
> better.
I'm not sure about _better_, but alternatives exists.
PHP documentation [1] says:
url_rewriter.tags string
url_rewriter.tags specifies which HTML tags are rewritten to include
session id if transparent sid support is enabled. Defaults to
a=href,area=href,frame=src,input=src,form=fakeentry,fieldset=
Note: If you want XHTML conformity, remove the form entry and
use the <fieldset> tags around your form fields.
Although the original poster isn't using XHTML, I believe his problem
would be solved by changing url_rewriter.tags not to include form (and
adding at least one fieldset element to each form).
You could also try to set form=action so that the session id would be
added to the action parameters of all form elements in a same way that
it's added to the href parameters of all a elements. However, at least
my PHP versions (4.3.10-16 and 4.4.2) will append the session id to the
action parameter but in addition to that, it will also create the hidden
input directly after the form element. I consider this a PHP bug.
This problem is somewhat related to [2] (but has really nothing to do
with ampersands). Perhaps someone wants to document also this issue and
proposed solutions?
Regards,
Samuel
[1] http://php.net/manual/en/ref.session.php
[2] http://www.w3.org/QA/2005/04/php-session
Received on Sunday, 26 February 2006 12:02:40 UTC