如果浏览器不支持cookie,PHP如何维护会话?

Today I've been questioned in the interview that

If a browser does not support cookies, how can PHP maintain a session?

and the options are....

1. using an MD5 hash of the user's email address as the session identifier


2. using the browser's network address as the session identifier


3. including the session identifier as a parameter every GET and POST request


4. using the "secure cookie" header to force the browser to set a cookie

Can anyone tell me which is accurate and please gives a brief explanation?