i have read a bunch on this, and i still trying to understand this config value.

allow me to give an example, i'm creating a new script that will add a particular product to a cart; and then the bring the user to the shopping cart page. this link would be used in a marketing email. however, if SESSION_FORCE_COOKIE_USE is set to TRUE, it will not work, as the session only gets set on the 2nd click on a particular site. the code is from here:

includes/init_includes/init_sessions.php

PHP Code:
if (SESSION_FORCE_COOKIE_USE == 'True') {
  setcookie('cookie_test''please_accept_for_session'time()+60*60*24*30$path, (zen_not_null($cookieDomain) ? $domainPrefix $cookieDomain ''), $secureFlag);

  if (isset($_COOKIE['cookie_test'])) {
    zen_session_start();
    $session_started true;
  } 
setcookie returns true or false (not indicative of whether the user accepts the cookie, just that is was properly set). but we choose not to use that return value. so that it is only on the 2nd click that the session gets started assuming that the user has accepted the cookie.

now, if a user decides to not accept cookies, that is one thing. if you do not accept cookies, i think you are limited in your shopping experience that one can do.

now there also seems to be some code if this value is set to FALSE, and you have different domains for your NON SSL site v your SSL site; ie http://mysite.com and https://www.mysite.com, ZC will append the session id to the url as a _GET var.

my question is what is the real implication of setting this var to False? and what is the point of waiting to see if the user has accepted the cookie in order that we start the session?

thanks in advance.