form-session-id — insert hidden form field containing the session ID


Attribute Pos. Req. Default Description


It is necessary to include the Interchange session ID on HTML forms when users are not accepting cookies, or they might lose the session information. The [form-session-id] tag inserts the appropriate hidden form field containing session ID on a page, but only when necessary.

In most cases, the tag will insert the hidden form field (that is, when users are not accepting cookies or public display of session IDs — no_session_id — is not disabled). It will not, however, insert the field if the user is accepting browser cookies and no_session_id is enabled.


This tag does not appear to be affected by, or affect, the rest of Interchange.


Example: Simple form with an optional session ID form field

Here's a very simple login form. As you can see, all you have to do to include the session ID on the form is to include [form-session-id] somewhere in it.

<form action="[process secure=1]" method="POST">
  <input type="hidden" name="mv_todo"  value="return">
  <input type="hidden" name="mv_click" value="Login">
  <input type="hidden" name="mv_failpage" value="login">
  <input type="hidden" name="mv_successpage" value="[either][scratchd mv_successpage][or]member/service[/either]">
  <input type="hidden" name="mv_nextpage" value="index">

  Username: <input name="mv_username" value="[scratch cookie_username]"><br/>
  Password: <input type="password" name="mv_password" VALUE=""><br/>
  <input class="button3" type=submit value="Log In">



form-session-id is available in Interchange versions:

4.6.0-5.9.0 (git-head)


Interchange 5.9.0:

Source: code/SystemTag/form_session_id.coretag
Lines: 16

# Copyright 2005-2007 Interchange Development Group and others
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.  See the LICENSE file for details.
# $Id: form_session_id.coretag,v 1.3 2007-03-30 23:40:49 pajamian Exp $

UserTag form-session-id Version $Revision: 1.3 $
UserTag form-session-id Routine <<EOR
sub {
return if $Vend::Cookie and $::Scratch->{mv_no_session_id};
return qq{<input type="hidden" name="mv_session_id" value="$Vend::SessionID"$Vend::Xtrailer>};


Interchange Development Group


DocBook! Interchange!