diff --git a/reference/info/functions/ini-set.xml b/reference/info/functions/ini-set.xml
index 4ed02e9271..0171f3c8ed 100644
--- a/reference/info/functions/ini-set.xml
+++ b/reference/info/functions/ini-set.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.8 $ -->
+<!-- $Revision: 1.9 $ -->
 <!-- splitted from ./en/functions/info.xml, last change in rev 1.23 -->
   <refentry id="function.ini-set">
    <refnamediv>
@@ -682,6 +682,11 @@
            <entry>"1"</entry>
            <entry>PHP_INI_ALL</entry>
           </row>
+          <row>
+           <entry>session.use_only_cookies</entry>
+           <entry>"0"</entry>
+           <entry>PHP_INI_ALL</entry>
+          </row>
           <row>
            <entry>session.referer_check</entry>
            <entry>""</entry>
diff --git a/reference/session/reference.xml b/reference/session/reference.xml
index 8938ec068d..47d18404c8 100644
--- a/reference/session/reference.xml
+++ b/reference/session/reference.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.5 $ -->
+<!-- $Revision: 1.6 $ -->
  <reference id="ref.session">
   <title>Session handling functions</title>
   <titleabbrev>Sessions</titleabbrev>
@@ -393,6 +393,16 @@ To continue, <A HREF="nextpage.php?<?php echo SID?>">click here</A>
        side. Defaults to <literal>1</literal> (enabled).
       </simpara>
      </listitem>
+     <listitem>
+      <simpara>
+       <literal>session.use_only_cookies</literal> specifies whether the
+       module will <emphasis role="strong">only</emphasis> use cookies to
+       store the session id on the client side. Defaults to
+       <literal>0</literal> (disabled, for backward compatibility). Enabling
+       this setting prevents attacks involved passing session ids in URLs.
+       This setting was added in <literal>PHP</literal> 4.3.0.
+      </simpara>
+     </listitem>
      <listitem>
       <simpara>
        <literal>session.cookie_path</literal> specifies path to set