Establishing PHP session ID in an included file

Re: Establishing PHP session ID in an included file


"Peter Redding" <skredding_NOSP AM_@.netscape.n et> wrote in
message
news:WPcPc.2135 9$a8.6881@fe2.n ews.blueyonder. co.uk...[color=blue]
> Forgive me if this doesn't make too much sense but I've[/color]
been working on this[color=blue]
> project all day and my brain is a bit fried.
>
> To make some of my code more readable I made a file[/color]
(called urls.inc) which[color=blue]
> I include in my PHP scripts. This file contains functions[/color]
to return a URL[color=blue]
> with the session id tagged on the end. I've now found out[/color]
that the session[color=blue]
> id returned by the functions in urls.inc is not[/color]
necessarily the current, and[color=blue]
> more importantly correct, session id. I need to know if[/color]
there is a way to[color=blue]
> establish the current session id within the included file.
>
> For info, I've built the scripts so that the session id is[/color]
passed from page[color=blue]
> to page to avoid using cookies (part of the challenge,[/color]
it's a college[color=blue]
> project) so I need the urls.inc file to know which session[/color]
id to pass back[color=blue]
> otherwise it all goes a bit squiffy.
>
> Here's urls.inc :
>
> <?php
>
> session_start() ;
>
> function logoutURL()
> {
> return "logout.php?PHP SESSID=" . session_id();
> }
>
> function adminURL()
> {
> return "admintools.php ?PHPSESSID=" . session_id();
> }
>
> function homeURL()
> {
> return "main.php?PHPSE SSID=" . session_id();
> }
>
> ?>
>
> These are called like this :
> echo "<h3 align=\"center\ "><a href=\"" . adminURL() . "\"
> target=\"mainFr ame\">Administr ation Tools</a></h3>";
>
> If it turns out that there's no way to do what I'm after[/color]
then it's not big[color=blue]
> deal because I can change the URL line to :
> echo "<h3 align=\"center\ "><a[/color]
href=\"admintoo ls.php?PHPSESSI D=" .[color=blue]
> session_id() . "\" target=\"mainFr ame\">Administr ation[/color]
Tools</a></h3>";[color=blue]
>
> I just wanted to show some initiative and keep the code as[/color]
tidy and as[color=blue]
> possible.
>
> Thanks for any help,
>
> Pete.
>
>[/color]


Hey Pete,

A couple things: First I think PHP 4.x and higher suggest
using the $_SESSION global array

$_SESSION ['session_id']

Second, if I read
http://us2.php.net/manual/en/ref.session.php correctly, then
you would have a new session id every time you run the app
because you have never set a session variable.


In general you want to do something like this:

web page 1:
session_start() ;
$_SESSION['some_session_v ar'] = "This variable is now set -
was done so with session_id = ".$_SESSION['session_id'];

web page 2:
session_start() ;
$temp = $_SESSION['some_session_v ar'];

print " 'some_session_v ar' was previous set to '$temp'";
print " <br>The session_id is now ".
$_SESSION['session_id'];


-CF

Re: Establishing PHP session ID in an included file


"ChronoFish " <deja@chronofis h.com> wrote in message
news:2rqPc.1842 5$cv5.3480@lake read07...

<Snip my previous post>
[color=blue]
> Hey Pete,
>
> A couple things: First I think PHP 4.x and higher suggest
> using the $_SESSION global array
>
> $_SESSION ['session_id']
>
> Second, if I read
> http://us2.php.net/manual/en/ref.session.php correctly, then
> you would have a new session id every time you run the app
> because you have never set a session variable.
>
>
> In general you want to do something like this:
>
> web page 1:
> session_start() ;
> $_SESSION['some_session_v ar'] = "This variable is now set -
> was done so with session_id = ".$_SESSION['session_id'];
>
> web page 2:
> session_start() ;
> $temp = $_SESSION['some_session_v ar'];
>
> print " 'some_session_v ar' was previous set to '$temp'";
> print " <br>The session_id is now ".
> $_SESSION['session_id'];
>
>
> -CF[/color]

First things first : Now that my brain is slightly less frazzled today I can
tell you that I am using PHP 4.3.7 on Apache 2 under Mandrake Linux 8.2.

I am passing through the session id via the URL into the second page (and so
on) and use session_start() in subsequent pages so that means that it
doesn't start a brand new session with a new session id and allows me access
to all my previously stored session variables (unless I unset them or
destroy the session). At least that is my understanding and that is what
has been happening.

So is session_id() now superseded by $_SESSION['session_id']? Not that it
seems to make much difference as session_id() is still working for me but if
using the other method is recommended then I would change my code.

For info, I tried to pass through the session id into the function call,
store it in a local variable and return it with the URL but it didn't seem
to work (the session id returned was still different to the session id in
some hard coded URLs). As I said previously I was just trying to show some
initiative but I'll probably just hard code the URLs in for now as I don't
want to get hung up on something which is trivial in comparison to some of
the other things I have done (and I am running out of time!!!).

Thanks again,

Pete.

Re: Establishing PHP session ID in an included file

<SNIP>
[color=blue]
> First things first : Now that my brain is slightly less frazzled today I[/color]
can[color=blue]
> tell you that I am using PHP 4.3.7 on Apache 2 under Mandrake Linux 8.2.
>
> I am passing through the session id via the URL into the second page (and[/color]
so[color=blue]
> on) and use session_start() in subsequent pages so that means that it
> doesn't start a brand new session with a new session id and allows me[/color]
access[color=blue]
> to all my previously stored session variables (unless I unset them or
> destroy the session). At least that is my understanding and that is what
> has been happening.
>
> So is session_id() now superseded by $_SESSION['session_id']? Not that it
> seems to make much difference as session_id() is still working for me but[/color]
if[color=blue]
> using the other method is recommended then I would change my code.
>
> For info, I tried to pass through the session id into the function call,
> store it in a local variable and return it with the URL but it didn't seem
> to work (the session id returned was still different to the session id in
> some hard coded URLs). As I said previously I was just trying to show[/color]
some[color=blue]
> initiative but I'll probably just hard code the URLs in for now as I don't
> want to get hung up on something which is trivial in comparison to some of
> the other things I have done (and I am running out of time!!!).
>
> Thanks again,
>
> Pete.
>[/color]

Okay, I've had one of those "Now it works, but should it?" experiences. The
problem arose in the first bit I tested so I assumed that I couldn't do what
I was trying, period. However, the part that I was testing was a set of
search results from a database based on criteria posted from a form on a
separate page. When the form was posted to the searchresults.p hp page I
wasn't passing through the session id but as soon as I added that to the URL
in the action part of the form, it worked.

Now the session id is the same when returned from urls.inc as it is if I
"hard code" it in to the script using "<URL>.php?PHPS ESSID=" . session_id()
so it seems as though the included file will pick up the correct session
details and as it works, I'm not going to fiddle with it anymore.

If only I'd tested another bit first....