Posted by Jasen Betts on 02/17/06 09:34
On 2006-02-16, Tom Peel <notreallytandp@freenet.de> wrote:
> We have two PHP applications on a website. We have one user who accesses
> both applications from two browsers (Mozilla in this instance) on one PC
> at the same time, and it appears that the session variables from one
> session are turning up in the other application, leading to unexpected
> and unpredictable behaviour.
> Reading the manual, it would appear that this is a result of the
> session being stored as a cookie on the client PC.
> It would appear that we can control this behaviour by turning
> session.use_cookies TRUE or FALSE in php.ini. However we would prefer
> not to do this because of possible side effects and maintenance issues.
> The manual suggests that session data can be sent in a URL, but does
> not explain further. Can someone explain how this is done?
try the sample code in the manual.
> Another idea we had is to ensure that session variables are
> application-unique. Again there is a long-term maintenance issue.
>
> Any recommendations?
could you get each app to use a different location to store the seessions?
then it wouldn't matter.
or can you put the two apps on different domain names and then restrict?
app1.yoursite.com app2.yoursite.com
Bye.
Jasen
[Back to original message]
|