I'm trying to get a better feel for exactly how sessions work.
At the beginning of a web page, I do either a session_start() or a
session_register(...). When the user goes to the next page, I know the page
needs to get the SSID. I know I can send it as a cookie, hidden field, etc,
but what other ways are available to send it? For example, I know that
session_registering variables at the top of the second page works.
If the user visits any pure html pages (extension html), how can I get the
session back when they come back to my php pages. Without php on the page,
how can I propagate the SSID?
thanks in advance
---Michael
13  2268 
Michael Satterwhite wrote: I'm trying to get a better feel for exactly how sessions work.
At the beginning of a web page, I do either a session_start() or a
session_register(...). When the user goes to the next page, I know
the page needs to get the SSID. I know I can send it as a cookie, hidden
field, etc, but what other ways are available to send it? For example, I know
that session_registering variables at the top of the second page works.
If the user visits any pure html pages (extension html), how can I
get the session back when they come back to my php pages. Without php on the
page, how can I propagate the SSID?
IMHO, there is no way to carry the session id in pure html pages.
Probably you may need to force the html pages to be parsed by PHP (by
settings in Apache). May also want to try trans sid setting.
session_register() is obsolete. Please refer manual
<http://www.php.net/session>
--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/
*** Michael Satterwhite escribió/wrote (Sun, 13 Feb 2005 15:32:11 GMT): If the user visits any pure html pages (extension html), how can I get the
session back when they come back to my php pages.
Just let PHP take care of it with the default solution: cookies.
--
-+ Álvaro G. Vicario - Burgos, Spain
+- http://www.demogracia.com (la web de humor barnizada para la intemperie)
++ Manda tus dudas al grupo, no a mi buzón
-+ Send your questions to the group, not to my mailbox
--
Michael Satterwhite wrote: At the beginning of a web page, I do either a session_start() or a
session_register(...).
You don't want to use session_register(). Use the $_SESSION array.
Regards,
Matthias
> At the beginning of a web page, I do either a session_start() or a session_register(...).
You do a session_start(). session_register() is obsolete. :)
When the user goes to the next page, I know the
page needs to get the SSID. I know I can send it as a cookie, hidden
field, etc, but what other ways are available to send it? For example, I
know that session_registering variables at the top of the second page
works.
The session handling in PHP does this for you automatically. Just call
session_start() at the very top of each page and PHP will pick up the
session id and restore the $_SESSION array for you. For many (most?)
purposes you don't *need* to know what the session ID is or how it is sent.
(It normally goes via a cookie and you can find the value with
session_id().)
If the user visits any pure html pages (extension html), how can I get the
session back when they come back to my php pages. Without php on the page,
how can I propagate the SSID?
Any page that needs the session ID just calls session_start() at the top.
That makes $_SESSION available. If you have any pages (PHP or HTML) that
don't need the session just ignore it by not calling session_start(). The
session ID is propagated automatically by the browser, which sends it with
each page request. If the server doesn't use (or even look at) that cookie,
that won't stop the browser sending it with the next page request.
--
The email address used to post is a spam pit. Contact me at http://www.derekfountain.org : <a
href="http://www.derekfountain.org/">Derek Fountain</a>
Michael Satterwhite <sa*****************@weblore.com> writes: I'm trying to get a better feel for exactly how sessions work.
At the beginning of a web page, I do either a session_start() or a
session_register(...). When the user goes to the next page, I know the page
needs to get the SSID. I know I can send it as a cookie, hidden field, etc,
but what other ways are available to send it? For example, I know that
session_registering variables at the top of the second page works.
If the user visits any pure html pages (extension html), how can I get the
session back when they come back to my php pages. Without php on the page,
how can I propagate the SSID?
The cookie SID storage method is going to result in the client sending
the SID cookie with each request to a qualified directory regardless
of the target page being a static file or script.
thanks in advance
---Michael
--
-------------------------------------------------------------------------------
Jerry Sievers 305 854-3001 (home) WWW ECommerce Consultant
305 321-1144 (mobile http://www.JerrySievers.com/
Jerry Sievers wrote: Michael Satterwhite <sa*****************@weblore.com> writes:
I'm trying to get a better feel for exactly how sessions work.
At the beginning of a web page, I do either a session_start() or a
session_register(...). When the user goes to the next page, I know the
page needs to get the SSID. I know I can send it as a cookie, hidden
field, etc, but what other ways are available to send it? For example, I
know that session_registering variables at the top of the second page
works.
If the user visits any pure html pages (extension html), how can I get
the session back when they come back to my php pages. Without php on the
page, how can I propagate the SSID?
The cookie SID storage method is going to result in the client sending
the SID cookie with each request to a qualified directory regardless
of the target page being a static file or script.
Exactly what are you referring to here? I'm feeling very ignorant at this
point.
thanks much
---Michael
Michael Satterwhite <sa*****************@weblore.com> writes: Jerry Sievers wrote:
Michael Satterwhite <sa*****************@weblore.com> writes:
The cookie SID storage method is going to result in the client sending
the SID cookie with each request to a qualified directory regardless
of the target page being a static file or script.
Exactly what are you referring to here? I'm feeling very ignorant at this
point.
I don't know where to begin. You have read all the PHP docs that
pertain to sessions, right?
Among possible others, the session ID can be sent to the server by a
query parameter in the URL or a cookie.
You should dig through the bunches of session related PHP config
settings to get a better idea what's possible.
I prefer to force cookies and disable transparent SID;
php_flag session.auto_start on
php_flag session.use_only_cookies on
php_flag session.use_trans_sid off
I don't know is this helps or not.
Good luck. Sessions are hairy but very useful.
thanks much
---Michael
--
-------------------------------------------------------------------------------
Jerry Sievers 305 854-3001 (home) WWW ECommerce Consultant
305 321-1144 (mobile http://www.JerrySievers.com/
--
-------------------------------------------------------------------------------
Jerry Sievers 305 854-3001 (home) WWW ECommerce Consultant
305 321-1144 (mobile http://www.JerrySievers.com/
Jerry Sievers wrote: Michael Satterwhite <sa*****************@weblore.com> writes:
Jerry Sievers wrote:
> Michael Satterwhite <sa*****************@weblore.com> writes:
>
>
> The cookie SID storage method is going to result in the client sending
> the SID cookie with each request to a qualified directory regardless
> of the target page being a static file or script.
Exactly what are you referring to here? I'm feeling very ignorant at this
point.
I don't know where to begin. You have read all the PHP docs that
pertain to sessions, right?
Absolutely ... and have been using sessions. My question here is specific
to: "What are you referring to by the "cookie SID storage method"?
I know that I can send the SID in many ways, but it is my understanding that
*I* have to send it (post, cookie, whatever). The post I'm replying to is
(I believe) implying that once I send it the server is going to continue to
send it - even to downstream pages where I haven't sent it. I would love
for that to be true (and, in my ignorance, I allow for the fact that it may
be!) but I haven't seen - or have missed - anything in the documentation
that says that. If there *IS* a storage method that propagates the SID to
downstream pages, I really want to understand it so that I can use it.
Michael Satterwhite <sa*****************@weblore.com> writes: Jerry Sievers wrote:
Absolutely ... and have been using sessions. My question here is specific
to: "What are you referring to by the "cookie SID storage method"?
I know that I can send the SID in many ways, but it is my understanding that
*I* have to send it (post, cookie, whatever). The post I'm replying to is
(I believe) implying that once I send it the server is going to continue to
send it - even to downstream pages where I haven't sent it. I would love
for that to be true (and, in my ignorance, I allow for the fact that it may
be!) but I haven't seen - or have missed - anything in the documentation
that says that. If there *IS* a storage method that propagates the SID to
downstream pages, I really want to understand it so that I can use it.
I have NOT done any actual R&D to verify this but it's likely that the
server send the set cookie header only the first time on session start
if it doesn't get a SID.
From that point, the client sends the cookie to identify the session.
And it should send this cookie to any URL that the cookie is intended
for which I believe on sessions (the default) is the entire site.
HTH
--
-------------------------------------------------------------------------------
Jerry Sievers 305 854-3001 (home) WWW ECommerce Consultant
305 321-1144 (mobile http://www.JerrySievers.com/
Michael Satterwhite <sa*****************@weblore.com> wrote in
news:Ow*******************@fe2.texas.rr.com: > The cookie SID storage method is going to result in the client
> sending the SID cookie with each request to a qualified directory
> regardless of the target page being a static file or script.
Exactly what are you referring to here? I'm feeling very ignorant at
this point.
I don't know where to begin. You have read all the PHP docs that
pertain to sessions, right?
Absolutely ... and have been using sessions. My question here is
specific to: "What are you referring to by the "cookie SID storage
method"?
I know that I can send the SID in many ways, but it is my
understanding that *I* have to send it (post, cookie, whatever).
Do yourself a favour and get the Firefox browser: http://www.mozilla.org/products/firefox/
and then install the LiveHTTPHeaders extension: http://livehttpheaders.mozdev.org/
With those installed, you can easily see the HTTP header
"conversation" between your browser and the server.
This will allow you to see what happens when you are
using sessions, including what happens when you are
using sessions, cookies are enabled, and you don't
explicitly "send" the session ID.
PHP will automatically propogate the session id in the
URL query string, if it can't be maintained in a cookie.
Try it yourself and see ;-)
Where I've found you may have to have your own code
explicity include the session id is when using the
header() function to redirect to a different page.
--
Dave Patton
Canadian Coordinator, Degree Confluence Project http://www.confluence.org/
My website: http://members.shaw.ca/davepatton/
I noticed that Message-ID:
<Xn*********************************@24.71.223.159 > from Dave Patton
contained the following: PHP will automatically propogate the session id in the
URL query string, if it can't be maintained in a cookie.
If it's set to do so.
--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Geoff Berrow wrote: I noticed that Message-ID:
<Xn*********************************@24.71.223.159 > from Dave Patton
contained the following:
PHP will automatically propogate the session id in the
URL query string, if it can't be maintained in a cookie.
If it's set to do so.
Something I'd missed. What's the configuration parameter?
I noticed that Message-ID: <_7*******************@fe2.texas.rr.com> from
Michael Satterwhite contained the following: PHP will automatically propogate the session id in the
URL query string, if it can't be maintained in a cookie.
If it's set to do so.
Something I'd missed. What's the configuration parameter?
session.use_trans_sid
But it has to be set in php.ini Can't use ini_set before PHP 5 :-( http://uk.php.net/ref.session
--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/ This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: StinkFinger |
last post by:
Hello all,
I am working on some simple pages that pass non-critical information (i.e.
no passwords, usernames, etc.)
to and from different pages. Currently, I am using FORMs w/the POST method.
I...
|
by: Cecil Westerhof |
last post by:
Is it possible to end a session a from another session b, if I know the
SessionID from a?
|
by: adam |
last post by:
Having spent nearly 2 years in win forms land the inevitable request came
for me to "do some web pages".
So being new to this bit of .net and having had a look around I can't see
where the best...
|
by: Jason Collins |
last post by:
There are a number of stored procedures involved in sql server based session
maintenance:
- TempUpdateStateItemShort
- TempResetTimeout
- TempUpdateStateItemLong
etc. These stored procs are...
|
by: Bishop |
last post by:
Here is my situation. I'm building a web based store that will use the same
code base for every store using host headers to determine which data to
display. To prevent purchasing a SSL Cert for...
|
by: =?Utf-8?B?TmF0ZQ==?= |
last post by:
All,
My department has recently been tasked with converting an ASP 3.0 web
application to an ASP.NET 2.0 web application. Currently, in order to read
values from the ASP 3.0 Session from an...
|
by: Joseph Geretz |
last post by:
I've been looking at two approaches for the maintenance of Session state for
a Web Service application.
One approach uses the old familiar Session object which I've used in the
past for Web...
|
by: Control Freq |
last post by:
Hi,
Not sure if this is the right NG for this, but, is there a convention
for the variable names of a Session variable?
I am using .NET 2.0 in C#. I am new to all this .NET stuff, So, any...
|
by: Bjorn Sagbakken |
last post by:
In a web-application with login creds (user, pwd), these are checked against
a user table on a SQL server. On a positive validation I have saved the
userID, name, custno and role-settings in a...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
