sessions and iframes

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • buzz2050
    New Member
    • Jan 2009
    • 7
    #1

    sessions and iframes

    Hi,

    I have a very basic idea of PHP session management. From what I know, in order to maintain variables across multiple scripts in an app. we can store them in a session.

    I have a main page - index.php in which I have an iframe referencing another php script - bar.php. All I am trying to do is access the session variables from the index page in the iframe, which, so far I haven't been able to accomplish.

    My code is as follows:

    index.php
    Code:
    <?php

session_start();
$_SESSION['myVar']="hello" ;

$sessId=session_id();
echo "<br> sessId: " . $sessId . "<br>" ;

print('<iframe name="test" id="test" src="foo/bar.php?sessId='.$sessId.'" marginwidth=0 marginheight=0 onload="this.height=this.contentDocument.height" width="100%" frameborder="0" scrolling="yes"></iframe>');

?>

    bar.php
    Code:
    <?php

$sessId = $_REQUEST['sessId'] ;

if(session_id() == "") 
{ 	
	session_id($sessId);
	session_start(); 
	echo "<br> sessId: " . $sessId . "<br>" ;//shows the same session-id as index.php
	echo "<pre>" ;
	print_r($_SESSION); //shows an empty array
} 
else
{
	//something
}

?>
    Earlier I noticed that simply saying session_start() in the iframe-script was actually creating a new session with a different session id, hence I appended the session id from index.php into the iframe URL so that I can try to access the same ongoing session from bar.php, but print_r($_SESSI ON) doesnot show me anything.


    Where might I be going wrong? Any suggestions?
    Tags: iframe sessions, sessions and iframes
    • DeadSilent
      New Member
      • Feb 2009
      • 8
      #2
      I just tested the code your posted and it is working fine for me. I just do not get a session when I visit bar.php because there is no open session on that page not allowing access of session information... I would suggest changing your bar.php to this:

      Code:
      <?php
   
session_start(); 
echo "<br> sessId: " . session_id() . "<br>" ;//shows the same session-id as index.php
echo "<pre>" ;
print_r($_SESSION); //shows an empty array
 
?>
      That should give you the results you need.

        Comment

        • buzz2050
          New Member
          • Jan 2009
          • 7
          #3
          Hi again,

          Just to be clear, what I am basically trying to do is customize an existing application to add some functionality, hence the goof ups, I apologize.

          More information:

          I have xampp on my localhost; scampering around the app I realized that the session files were stored in a dir data/sessions/ which had an htaccess file in it, could that have something to do with me not being able to access the session variables from within the iframe?

          Another thing which I noticed was that the iframe did print the session vars set in other test scripts that I wrote... just not the ones from the parent page in which it was embedded.

          I am not very adept at PHP or Apache for that matter, but it looks to me like some security measures are implemented by the original app creators so as to avoid the session vars being accessed by any other code outside that application (such as my iframe), can this be tackled?

          Any help appreciated!

            Comment

            Previous template Next
            Working...