From b8ed2e5ac357d75f9f0c5f14b885e35a60837d90 Mon Sep 17 00:00:00 2001
From: Markus Fischer <mfischer@php.net>
Date: Wed, 12 Jun 2002 09:50:49 +0000
Subject: [PATCH] - Document new session.use_only_cookies ini setting.

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@85450 c90b9560-bf6c-de11-be94-00142212c4b1
---
 reference/info/functions/ini-set.xml |  7 ++++++-
 reference/session/reference.xml      | 12 +++++++++++-
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/reference/info/functions/ini-set.xml b/reference/info/functions/ini-set.xml
index 4ed02e9271..0171f3c8ed 100644
--- a/reference/info/functions/ini-set.xml
+++ b/reference/info/functions/ini-set.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.8 $ -->
+<!-- $Revision: 1.9 $ -->
 <!-- splitted from ./en/functions/info.xml, last change in rev 1.23 -->
   <refentry id="function.ini-set">
    <refnamediv>
@@ -682,6 +682,11 @@
            <entry>"1"</entry>
            <entry>PHP_INI_ALL</entry>
           </row>
+          <row>
+           <entry>session.use_only_cookies</entry>
+           <entry>"0"</entry>
+           <entry>PHP_INI_ALL</entry>
+          </row>
           <row>
            <entry>session.referer_check</entry>
            <entry>""</entry>
diff --git a/reference/session/reference.xml b/reference/session/reference.xml
index 8938ec068d..47d18404c8 100644
--- a/reference/session/reference.xml
+++ b/reference/session/reference.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.5 $ -->
+<!-- $Revision: 1.6 $ -->
  <reference id="ref.session">
   <title>Session handling functions</title>
   <titleabbrev>Sessions</titleabbrev>
@@ -393,6 +393,16 @@ To continue, <A HREF="nextpage.php?<?php echo SID?>">click here</A>
        side. Defaults to <literal>1</literal> (enabled).
       </simpara>
      </listitem>
+     <listitem>
+      <simpara>
+       <literal>session.use_only_cookies</literal> specifies whether the
+       module will <emphasis role="strong">only</emphasis> use cookies to
+       store the session id on the client side. Defaults to
+       <literal>0</literal> (disabled, for backward compatibility). Enabling
+       this setting prevents attacks involved passing session ids in URLs.
+       This setting was added in <literal>PHP</literal> 4.3.0.
+      </simpara>
+     </listitem>
      <listitem>
       <simpara>
        <literal>session.cookie_path</literal> specifies path to set