I’m doing some work on a site which has like 4,500 pages indexed with a PHPSESSID in the URL, causing some major duplicate content problems. I got the server admin to disable the PHPSESSID’s by adding the following to the vhost config:
php_value session.use_trans_sid 0 php_value session.use_only_cookies 1
I also wanted Google to get a clean URL when it decided to spider one of the old URL’s again, and didn’t have access to mod_rewrite, so I redirected them with some PHP. The solution is quite simple:
if (isset($_GET['PHPSESSID'])) {
$requesturi = preg_replace('/?PHPSESSID=[^&]+/',"",$_SERVER['REQUEST_URI']);
$requesturi = preg_replace('/&PHPSESSID=[^&]+/',"",$requesturi);
header("HTTP/1.1 301 Moved Permanently");
header("Location: http://".$_SERVER['HTTP_HOST'].$requesturi);
exit;
}
Thanks for sharing this Joost. Note that if you haven’t access to the ini files, this parameters can set by using the ini_set function.
very true Arjan, thx! (and sorry, I edited your comment to change the link to php.net instead of nl.php.net :) )
Ah damn, sorry for that one. PHP.net automatically redirects to the Dutch version, so I didn’t notice it.
no probs, I just know they don’t like it when you link to a local mirror :)
Short and sweet. I really have problems with Session-IDs in WordPress. I will try your hint! But I really wonder, that there is no wordpress plugin for the redirection of session-id-spamed urls… should not be too difficult…
Thanks for it. Very useful. But there is any solution with PhP to leave previos url when page redirect to new page?
Thanks for sharing. Very nice trick :)
hi joost
i am having the same problem here. since i dont know anything about coding i wanted to ask you if i have to place the second code you provided in this post in the php.ini file as well…thanks!
I got this problem:
Warning: preg_replace() [function.preg-replace]: Compilation failed: nothing to repeat at offset 0 in …
and solved it like that:
$requesturi = preg_replace(‘/&PHPSESSID=[^&]+/’,”",$_SERVER['REQUEST_URI']);
$requesturi = preg_replace(‘/PHPSESSID=[^&]+/’,”",$requesturi);
But by using the redirection you will loose all data stored in sessions, don’t you?
Very nice feature! I solved the prob really quick!
And how to stop WordPress and other scripts from creating cookies with PHPSESSID? I don’t see their use and they are only wasted bandwidth.
PHPSESSID can’t be used for that.
but try on you header :
Hi, thanks für this easy to use solution.
I modified the regexp code:
$requesturi = preg_replace(‘/[.|?|&]PHPSESSID=[^&]+/’,”",$_SERVER['REQUEST_URI']);
Hi!
Where did you change/put that code exactly? Where is the “vhost config”?
thanx a lot!