On 12/8/2012 12:10 PM, Jim Giner wrote:
On 12/8/2012 11:41 AM, Jim Giner wrote:
On 12/8/2012 11:04 AM, Daniel Brown wrote:
You can pass the session ID and reactivate the session that way,
sure. Not pretty, and it does lead to security considerations, but it
would work.
OK - I've done this in script 1:
if (isset($_REQUEST['sess']))
$sess_id = $_REQUEST['sess'];
else
$sess_id = '';
if ($sess_id > '')
{
session_start($sess_id);
$errmsg .= "started sess id is: $sess_id ";
}
else
{
session_start();
$errmsg .= "started new sess ";
}
Then my process creates a Session array and calls script 2
In script 2 I have:
if (isset($_GET['sess']) && $_GET['sess'] <> '')
{
$sess_id = $_GET['sess'];
session_start($sess_id);
$errmsg .= "started sess $sess_id ";
}
else
{
session_start();
$sess_id = session_id();
$errmsg = "started NEW sess with id of $sess_id ";
}
My $errmsg shows me the same sess id in both scripts, and it would
appear that I have managed to pass my session across the sub-domains.
But when script 2 attempts to access the contents of the Session array
created in script 1 it doesn't find it. What am I not doing?
Forgot to mention that when I do header(...) to go to script 2 that I do
append the session id to my url
Same on the return from script 2 back to script 1.
Plugging away at my problem still. Here is something interesting.
Apparently I don't understand how some of these session settings work.
In my script 2 (the called one) I have this code:
if (isset($_REQUEST['sess']))
$sess_id = $_REQUEST['sess'];
else
$sess_id = '';
if ($sess_id > '')
{
session_start($sess_id);
$errmsg .= "started sess with id of $sess_id ";
}
else
{
session_start();
$errmsg .= "started a NEW sess ";
}
$sid = session_id();
$errmsg .= "started sess actual id is: $sid ";
Now - there is a 'sess' argument in my url string that calls this, so I
am using the branch of the logic that shows me that I "started sess with
id of xxxx". But I've added the last two lines to check on that and I
get "started sess actual id is: zzzzzz" - NOT the right id.
Can someone explain the use of session ids and the right commands to
use? From my understanding my thinking is:
in script 1 after establishing the initial session wiht a session_start():
1 - get the session id save it in a hidden field on my screen
2 - when script 1 starts again, retrieve the id and when going to my
script 2 (in the other sub-dom) attach it as an argument
3 - in the called script 2, retrieve the argument from the url and start
the session with:
session_start($sessid)
4 - save the sessid in this screen's fields
5 - when script 2 gets control again, retrieve the id from the hidden
field and if the user has opted to return to script 1, attach the
session id to the url again.
All my debugging messages indicagte that I have the same session id, yet
I don't have the same variables, ie, they're missing.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
