I agree with Richard on this one. Frames should really be avoided if for no other reason than they cause headaches like the one you have right now. ;-) If you can't avoid them, keep it simple - just store the ID in one place, like a session cookie. Doing so will make sure that if the session ID gets changed in one frame it will still be correct in all of the other frames. - Joe On 4/5/06, Richard Lynch <ceo@xxxxxxxxx> wrote: > > On Wed, April 5, 2006 1:02 pm, Shaun wrote: > > I have a site that uses frames. The frameset loads another site (both > > on the > > same server) in the lower frame window. Every time the page changes in > > the > > lower frame the session id changes, how can I stop this happening? > > You might be able to reduce the occurence by doing start_session() in > the top frame as well. > > However, the browser is free to fetch the two frames in parallel, and > that means you could sometimes end up with different sessions in each. > > This is a really good reason to just abandon frames, as if there > weren't enough others already... > > That said, in the FRAMESET page, you can do start_session() and pass > it down into the FRAME URLs: > > <?php > session_start(); > $session_id = session_id(); > ?> > <FRAMESET ...> > <FRAME SRC="...&PHPSESSID=<?php echo $session_id?>" ...> > <FRAME SRC="...&PHPSESSID=<?php echo $session_id?>" ...> > </FRAMESET> > > You will need to get the right variable name, or you may even need to > do like this in the FRAME pages: > > <?php > $session_id = $_GET['PHPSESSID']; > session_id($session_id); //SET the session ID to what's passed in > session_start(); > ?> > > The caveat, though, is that you are now exposing your session ID in > the URLs, which is not so good for security reasons. > > If it's over SSL, it's fine. > > If it's not, and if security matters, then you either need to move to > SSL or abandon frames. > > You should abandon frames anyway... > > -- > Like Music? > http://l-i-e.com/artists.htm > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
