If you dont want to have session ids in you URLs, open includes/session.php and remove the following part:
if ($this->mode == "get" && strpos($url, $this->session_id) === false) {
$url .= strpos($url, '?') !== false ? $amp : "?";
$url .= SESSION_NAME."=".$this->session_id;
}
Note that after removing this, all users MUST have cookies enable to be able to login.