|
Posted by j.wendelmuth on 11/30/07 19:04
On 30 Nov., 18:27, "Rik Wasmus" <luiheidsgoe...@hotmail.com> wrote:
> On Fri, 30 Nov 2007 16:57:18 +0100, <j.wendelm...@carcopy.com> wrote:
[snip]
> > $sess_id = md5(microtime());
>
> Why do you want to do that???? microtime() is highly, highly unsuited for
> a busy server. At least use something like uniqid(). You basically are
> asking for problems creating session-ids like this. Is there any
> particular reason you want to set the session-id? Why not let PHP handle
> it (and it's uniqueness at that time). If you just want to know a
> session-id after it's being set just call session_id() with no arguments.
OK, you're right. I'll change this.
> > session_name('SESSID');
> > session_id($sess_id);
> > session_start();
>
> > $_SESSION['blah'] = 'blah';
> > $_SESSION['fasel'] = 'fasel';
> > $_SESSION['blubb'] = 'blubb';
>
> > session_write_close();
>
> > and returns the session id and a URL to A.
>
> OK, and where is the sharded storage of session data? Are both servers set
> up to look at the same storage?
The A server is not looking at this storage. Server A just works as an
entry point to B. A does not need to know anything about storage of
B's sessions.
> > A takes the URL and the session id and performs a redirect via
>
> > header('Location: ' . $url . '?SESSID=' . $sess_id). The URL
> > points to a script located on B's side.
>
> Using a GET is somewhat hazardous. What domains do your servers have? You
> might be better of setting a cookie for a wildcard domain (setcookie() ->
> <http://nl2.php.net/manual/en/function.setcookie.php>, i.e. set the domain
> to '.example.com' rather then 'server1.example.com' or
> 'server2.example.com'.
Ok, does it mean A (server) can sent a cookie to B (server). I'll try
it.
> > When the script on B is called, it checks if a session id is given
> > within the URL ($_GET) and tries to start the session.
>
> > $sess_id = $_GET['SESSID'];
> > session_name('SESSID');
> > session_id($sess_id);
> > session_start();
>
> > As i mentioned above it works fine on the PHP v5.2.0 machine but not
> > on v5.2.4. After session_start() the existing session will be
> > overwritten with an empty one, having the same session id. I've
> > additionally confirmed this behaviour in the sessions directory.
>
> Where is this sessions directory, and how have you configured the servers
> to look into one and the same directory (which can be on only 1 server,
> either A or B, or an unmentioned C) for the storage?
As stated above, only server B has to handle the session data.
[snip]
Thanks for your hints. I'll state the result ASAP.
Best regards,
der Jens
[Back to original message]
|