|
Posted by Jeff Weinberger on 04/08/05 00:31
I'm having a similar problem with managing sessions without Cookies. I
am also somewhat new to PHP, so I may be missing something here (if so,
please point it out!).
I am well warned about the dangers of passing session IDs in URLs, but
for my purposes, there is no sensitive data in the session, and I want
to be able to do it only in the case where the visitor does not accept
cookies.
I also have a related question below.
I have these two files, just to test:
page1.php:
<?php
session_start();
session_register("abc");
$abc = "Test Session String";
print '<a href="page2.php?'.SID.'>page 2</a>';
?>
page2.php:
<?php
session_start();
session_id(strip_tags($_GET['PHPSESSID'])); //I've tried it without
this statement also...
print $abc;
?>
The result is always that $abc is undefined on page 2. The session file
gets created on my server, and had the proper data.
I have tried a number of combinations of these statements based on what
I've read in the on-line documentation (on php.net), but I'm lost as to
how do get the session data to cross pages.
Any help or direction (especially with examples!) is much appreciated.
Next (and hopefully related) question:
One thing I'd like to do here is to pass the session via the URL ONLY
in the case where the visitor has set their browser not to accept
cookies (or for whatever reason, the PHPSESSID cookie does not get
set).
I can test in every page at the point where I insert the ?SID into the
URL. But will that work on the first page the visitor visits?
In other words, in my initial page (index.php) which has a
session_start(); at the top, will $_cookie['phpsessid'] be set
immediately? I assume based on the documentation, that is it only set
when the cookie exists at the time the page is loaded?
Is there another way to test to see if the PHPSESSID cookie was set at
(or soon after) session_start() and on the same page and in the same
script?
I'd prefer to avoid creating an index.php page that only sets a cookie
(or starts a session) and immediately redirects to another page just to
get around this problem
Thank you very much for your help!!
--Jeff
>
> On Wed, April 6, 2005 1:59 am, p80@free.fr said:
>> I'm having problem with my session, when I login my session is
>> registered
>> ok but
>> when I click on another page it's canceled again.
>> I use that kind of link:
>> index.php?menu=voyage&sid=$sess_id
>>
>> then on top of the page I use:
>>
>>
>> if(session_id()){
>>
>> session_id(strip_tags($_GET['sid']));
>> session_start();
>
> This only starts a session if you have session_id (above) which only
> happens if you already started a session...
>
> Perhaps you meant: if (!session_id()) above.
>
> More likely, you don't need any of these 4 or 5 lines of code except:
>
> session_start();
>
> PHP manages the session ID for you just fine, for almost all uses.
>
>> $sess_id = session_id();
>> $nom_user = $_SESSION['session_nom'];
>> $prenom_user = $_SESSION['session_prenom'];
>> $bienvenue="Bienvenue $prenom_user $nom_user";
>> }
>>
>> http://81.57.4.105/~pat/alliance/ (user and pass = admin) can
>> someone
>> tell me
>> how when I click on the top boxes link the session is not kept? here
>> is
>> the
>> code: http://hashphp.org/pastebin?pid=2354
>>
>> thanx in advance
>>
>> Pat
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
[Back to original message]
|