I have a question more than a problem.
I've got a login system that is (where user cookies are switched off) passing the PHPSESSID around to track user movements.
This behavior appears inconsistent under different circumstances. Here's a few examples.
if the URL is hard-coded as in this example it will append the PHPSESSID okay.
But not if it's this:
Also, not if it's this:
If I make a form like so:
<Form name="foo" Action="home.php">
it will work, but it puts the PHPSESSID in a hidden field within the form.
<Form name="foo" Action="<?echo"$url";?>/home.php">
does the same.
If I do
<Form name="foo" Action="<?echo"$url/$page";?>">
it displays no PHPSESSID at all.
Lastly, the site has a Content Management System within it which displays URL's and if I push the following out of the CMS:
it works, but not:
Can anyone lead me to the rules with regards to this?
Thanks guys and gals,