[prev in list] [next in list] [prev in thread] [next in thread] 

List:       phpug-ie
Subject:    [Phpug] session weirdness
From:       editor () adnet ! ie (Fergal J Byrne)
Date:       2007-06-29 15:55:14
Message-ID: 46852B62.5070802 () adnet ! ie
[Download RAW message or body]

Kae Verens wrote:
> Fergal J Byrne wrote:
>> It's a long time since I had to debug something like this,
>> but how can you be uploading a file if you're using GET?
> 
> GET just means the URL has a ? followed by parameters. You can send POST data 
> to a URL such as /upload.php?session_id=abcd, and still retrieve data from $_GET

No, Kae, the HTTP method is POST, and you can only do HTTP
with one method.  I'll assume you're happy that $_GET['session_id']
is set with the correct value, but that'd be a side effect (and a
potential bug).

Are you using Flash's internal HTTP stuff (loadVariables or
whatever) or are you using the Javascript stuff to do it?

Using the Javascript means your using the HTML page's
environment, which probably means anything you send that
way will be using the cookies the page is using (or worse,
accepting cookies but generating a new session each time).

> 
>> Assuming I'm barking up the wrong tree...
>>
>> There are a number of potentially useful comments at:
>>
>> http://ie2.php.net/manual/en/function.session-start.php
>>
>> which might be relevant. In particular, the one about
>> included files, end tags and so on.  If you are using PHP5,
>> check the first comment about garbage-collecting.
> 
> I don't do any "foreach($_SESSION as $blah)" loops in my project.
> 
> I have checked and the original session is perfectly fine up until the moment 
> I try to session_id('abcd') attach to it. Immediately after that, the session 
> is no longer correct.

OK, now this needs to be clear.

When called from Flash on the URL /upload.php?session_id=abcd,
you can prove that the session is working fine (ie you are
able to see variables for session with id 'abcd')?

Why then are you trying to set the session_id, if it's
already working before you get to that line?

If that's not the case, then you have to set the session_id
in order to try and pull out your particular session... In
which case php has already constructed a session for this
request, and you are destroying *that* when you call
session_id('abcd')

> 
> It's a complex problem to describe.

The problem is that you are working with

a) Flash
b) HTTP
c) Javascript
d) Cookies
e) PHP and its attempt to identify the session it should load
from some combination, some precedence of:
  i) cookies from the original page
  ii) cookies from the Javascript
  iii) cookies (or lack of them) from some Ajax code
  iv) a query string variable in a POSTed request

I had a similar problem getting a Java applet to
reconnect to a session in a J2EE app, ended up using
the upload.do;jsession_id=abcd trick (your equivalent
is to use the SID/PHPSESSID version explained in the
docs).

-- 

Regards,

Fergal Byrne - Technical Director


Adnet: Web Builders to the Design Industry

http://www.adnet.ie/  t:+353 1 855 8951 aim/skype:FergByrne

Adnet Limited. 63 Lower Gardiner Street, Dublin 1, Ireland.
Registered in Ireland No. 229337



[prev in list] [next in list] [prev in thread] [next in thread]