ok, the ASP programmer i work with is developing a site for a client that does some fancy searches and what-have-yous behind a user/pass. The client has cookies and sessions blocked on their browser, so they can't log in or test out their site. Is there way to get around this so they can use their site with their security settings or should we tell them to accept cookies and deal with it?

Ideally, accept cookies and deal with it.

Failing that, you could always pass the values via hidden form inputs and querystrings. It poses a security risk, but for testing purposes it would work.

This thread is in the ASP forum, but the problem is the same if you use PHP, so I draw your attention to this WPW thread:

Disable session IDs in URL

There is a related deeper thread,

php sessions for storing data

Sessions blocked? Did you mean cookies blocked?

• I have my own session class to handle sessions.
• That class may be combined with storing session variables in classes.
• I use the session class on Authentication in combination with an Authentication class.
• You find additional information in the two threads.

Are you using asp or asp.net? Also - how long do you need the session data to last? If you are using .net, you can use viewstate to maintiain state between trips to the server - no need for cookies...