Login state lost, when cookies disabled?

Correctly, if I’m wrong, but I was pretty sure, that I read somewhere in the documentation, that Yii application is able to detect, whether user’s browser has cookies blocked and use sessions in place of this.

Therefore, I was little bit shocked to find out, that whole my application goes hell, with cookies disabled, and ends in endless redirection to login page (in my current project any page, except contact one, requires user to be logged-in).

Can anyone provide any more details on this subject? Is it really true, that cookies are obligatory for Yii application to save state of user being logged-in.

It’s not that I don’t like cookies. In fact I think that they’re very, very useful and can’t imagine larger website working without them. But my customer has a slightly bit different thinking on both cookies and privacy/security.

I haven’t played with this in Yii, however Yii simply extends PHP Session handling, meaning that you are required to pass around a SID yourself or enable session.use_trans_sid in your configs (php.ini).


It’s disabled by default.

You can also try to enable it in Yii’s session component: http://www.yiiframework.com/doc/api/1.1/CHttpSession#useTransparentSessionID-detail

Thanks both of you!

I’ll give it a try. Seems I misunderstood the thing and in case cookies are disabled I have to take care of the problem myself.

Thanks again!

Take a look at second post: http://www.yiiframew…__1#entry121355

Maybe that will help you somehow…

I’m on very old 1.1.4 (not my decision), so that might be a solution. I’ll give it a try later, as currently forcing user to use cookies is required by some other component (aside loggin-in).