Your "host" isn't causing the issue, PHP is appending this data. Specifically, PHP is configured to append the PHPSESSID
variable to the URL to allow PHP to track the session. It's possible to change the relevant setting using ini_set
prior to calling session_start
, or more permanently by updating the php.ini file (though since you're hosted this last option is probably out). This is a list of the available runtime settings for sessions in PHP.
While you can control whether or not the value is appended to the end of your URLs, it's required to track the sessions. Alternatively you can configure PHP to use cookies to track sessions, but requiring cookies to track sessions may break your application for users who reject cookies.
In short, you can control the session ID to make it a little prettier (by renaming PHPSESSID to something more amenable or making the value less cryptic) but unless you want to use cookies to maintain the session, you're stuck with this "garbage" on your URL. If you only use cookies some users may not be able to maintain the session.
To enable cookie based session handling you can execute either:
// stop PHP from automatically embedding PHPSESSID on local URLs
ini_set('session.use_trans_sid', false);
or
// only use cookies (no url based sessions)
ini_set('session.use_only_cookies', true);