""Richard Lynch"" <ceo@xxxxxxxxx> wrote in message news:32324.67.108.68.36.1144262524.squirrel@xxxxxxxxxxxxxxxx > On Wed, April 5, 2006 1:33 pm, Joe Wollard wrote: >> If you can't avoid them, keep it simple - just store the ID in one >> place, >> like a session cookie. Doing so will make sure that if the session ID >> gets >> changed in one frame it will still be correct in all of the other >> frames. > > No, it won't. > > That's the whole problem. > > Watch this slow-motion instant replay. > > HTTP Interaction #1 > Browser requests URL ----> Server sends out FRAMESET/FRAME/FRAME ---\ > > Browser gets FRAMESET <--------------------------------------------/ > > > HTTP Interaction #2A (starts) > Browser requests FRAME #1 URL ------> > > HTTP Interaction #2B (starts, in parallel, by browser) > Browser requests FRAME #2 URL ------> > > Server responds to #2A, with session_start() sending out Cookie > headers, and setting up session #2A > > Server responds to #2B, with session_start() sending out *NEW* Cookie > headers, and setting up session #2B, because the browser has *NOT* yet > received, much less sent back, the Cookies from #2A > > The browser now has *TWO* parallel sessions. > > You *MUST* *MUST* *MUST* get the session started in the FRAMESET, or > this *WILL* happen, intermittently, between the frames. > > -- > Like Music? > http://l-i-e.com/artists.htm Thanks for your advice guys, I have started the session for the main application in the main application frameset file, however every time I click the link to load the new application in the lower frame window the new application generates a new session_id. Obviously the new applcation can't maintain a session with this configuration, any ideas? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
