I have been cranking out a few sites recently.

Submitting sitemaps etc.

But I am finding that I am getting session vars indexed and visible sometimes. I have a simple tracking script that I use to see how people got to the site, which I then write to a DB on the way out.

//set tracking
session_start();
if(!isset($_SESSION["referrer"])){

//get the referrer
if ($_SERVER["HTTP_REFERER"]){
$referrer = $_SERVER["HTTP_REFERER"];
}else{
$referrer = "unknown";
}
//save it in a session
$_SESSION["referrer"] = $referrer; // store session data
}

While this, I know is a basic Q, how can I track but not have the session vars appearing.

Any pointers appreciated

The easiest way is to tell google to ignore them via webmaster tools.
Alternatively do a user-agent check and don't assign the variable to robots.  Or, maybe force cookie storage, don't give the get var option.

You can try setting this php.ini option to 1

session.use_only_cookies

I *think* that's the correct .ini option. If you're only interested in setting cookies and not generating session ID's in URL's then this will stop the root cause of them appearing.

I have loads of urls indexed now, ho hum, what a bummer

Found this though, which is an easy fix:

http://davidwalsh.name/initiating-php-sessions-without-sacrificing-page-rank

I now just have to work out the regex for 301'ing something with  (i hate regex)

?PHPSESSID=d7342555795366f03577e953d87370e0

on the end and 301 to the non ? version.

As ever, more than one way to do the deed.

I was just about to post this solution

QuoteRewriteCond %{QUERY_STRING} PHPSESSID=
RewriteRule (.*) http://www.url.co.uk/$1? [R=301,L]

But thank you sir :-)

>>yours works better

I dont think i have heard that from you very often :-)