470,833 Members | 1,468 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,833 developers. It's quick & easy.

Establishing PHP session ID in an included file

Forgive me if this doesn't make too much sense but I've been working on this
project all day and my brain is a bit fried.

To make some of my code more readable I made a file (called urls.inc) which
I include in my PHP scripts. This file contains functions to return a URL
with the session id tagged on the end. I've now found out that the session
id returned by the functions in urls.inc is not necessarily the current, and
more importantly correct, session id. I need to know if there is a way to
establish the current session id within the included file.

For info, I've built the scripts so that the session id is passed from page
to page to avoid using cookies (part of the challenge, it's a college
project) so I need the urls.inc file to know which session id to pass back
otherwise it all goes a bit squiffy.

Here's urls.inc :

<?php

session_start();

function logoutURL()
{
return "logout.php?PHPSESSID=" . session_id();
}

function adminURL()
{
return "admintools.php?PHPSESSID=" . session_id();
}

function homeURL()
{
return "main.php?PHPSESSID=" . session_id();
}

?>

These are called like this :
echo "<h3 align=\"center\"><a href=\"" . adminURL() . "\"
target=\"mainFrame\">Administration Tools</a></h3>";

If it turns out that there's no way to do what I'm after then it's not big
deal because I can change the URL line to :
echo "<h3 align=\"center\"><a href=\"admintools.php?PHPSESSID=" .
session_id() . "\" target=\"mainFrame\">Administration Tools</a></h3>";

I just wanted to show some initiative and keep the code as tidy and as
possible.

Thanks for any help,

Pete.
Jul 17 '05 #1
3 2372

"Peter Redding" <skredding_NOSPAM_@.netscape.net> wrote in
message
news:WP*****************@fe2.news.blueyonder.co.uk ...
Forgive me if this doesn't make too much sense but I've been working on this project all day and my brain is a bit fried.

To make some of my code more readable I made a file (called urls.inc) which I include in my PHP scripts. This file contains functions to return a URL with the session id tagged on the end. I've now found out that the session id returned by the functions in urls.inc is not necessarily the current, and more importantly correct, session id. I need to know if there is a way to establish the current session id within the included file.

For info, I've built the scripts so that the session id is passed from page to page to avoid using cookies (part of the challenge, it's a college project) so I need the urls.inc file to know which session id to pass back otherwise it all goes a bit squiffy.

Here's urls.inc :

<?php

session_start();

function logoutURL()
{
return "logout.php?PHPSESSID=" . session_id();
}

function adminURL()
{
return "admintools.php?PHPSESSID=" . session_id();
}

function homeURL()
{
return "main.php?PHPSESSID=" . session_id();
}

?>

These are called like this :
echo "<h3 align=\"center\"><a href=\"" . adminURL() . "\"
target=\"mainFrame\">Administration Tools</a></h3>";

If it turns out that there's no way to do what I'm after then it's not big deal because I can change the URL line to :
echo "<h3 align=\"center\"><a href=\"admintools.php?PHPSESSID=" . session_id() . "\" target=\"mainFrame\">Administration Tools</a></h3>";
I just wanted to show some initiative and keep the code as tidy and as possible.

Thanks for any help,

Pete.

Hey Pete,

A couple things: First I think PHP 4.x and higher suggest
using the $_SESSION global array

$_SESSION ['session_id']

Second, if I read
http://us2.php.net/manual/en/ref.session.php correctly, then
you would have a new session id every time you run the app
because you have never set a session variable.
In general you want to do something like this:

web page 1:
session_start();
$_SESSION['some_session_var'] = "This variable is now set -
was done so with session_id = ".$_SESSION['session_id'];

web page 2:
session_start();
$temp = $_SESSION['some_session_var'];

print " 'some_session_var' was previous set to '$temp'";
print " <br>The session_id is now ".
$_SESSION['session_id'];
-CF

Jul 17 '05 #2

"ChronoFish" <de**@chronofish.com> wrote in message
news:2rqPc.18425$cv5.3480@lakeread07...

<Snip my previous post>
Hey Pete,

A couple things: First I think PHP 4.x and higher suggest
using the $_SESSION global array

$_SESSION ['session_id']

Second, if I read
http://us2.php.net/manual/en/ref.session.php correctly, then
you would have a new session id every time you run the app
because you have never set a session variable.
In general you want to do something like this:

web page 1:
session_start();
$_SESSION['some_session_var'] = "This variable is now set -
was done so with session_id = ".$_SESSION['session_id'];

web page 2:
session_start();
$temp = $_SESSION['some_session_var'];

print " 'some_session_var' was previous set to '$temp'";
print " <br>The session_id is now ".
$_SESSION['session_id'];
-CF


First things first : Now that my brain is slightly less frazzled today I can
tell you that I am using PHP 4.3.7 on Apache 2 under Mandrake Linux 8.2.

I am passing through the session id via the URL into the second page (and so
on) and use session_start() in subsequent pages so that means that it
doesn't start a brand new session with a new session id and allows me access
to all my previously stored session variables (unless I unset them or
destroy the session). At least that is my understanding and that is what
has been happening.

So is session_id() now superseded by $_SESSION['session_id']? Not that it
seems to make much difference as session_id() is still working for me but if
using the other method is recommended then I would change my code.

For info, I tried to pass through the session id into the function call,
store it in a local variable and return it with the URL but it didn't seem
to work (the session id returned was still different to the session id in
some hard coded URLs). As I said previously I was just trying to show some
initiative but I'll probably just hard code the URLs in for now as I don't
want to get hung up on something which is trivial in comparison to some of
the other things I have done (and I am running out of time!!!).

Thanks again,

Pete.
Jul 17 '05 #3
<SNIP>
First things first : Now that my brain is slightly less frazzled today I can tell you that I am using PHP 4.3.7 on Apache 2 under Mandrake Linux 8.2.

I am passing through the session id via the URL into the second page (and so on) and use session_start() in subsequent pages so that means that it
doesn't start a brand new session with a new session id and allows me access to all my previously stored session variables (unless I unset them or
destroy the session). At least that is my understanding and that is what
has been happening.

So is session_id() now superseded by $_SESSION['session_id']? Not that it
seems to make much difference as session_id() is still working for me but if using the other method is recommended then I would change my code.

For info, I tried to pass through the session id into the function call,
store it in a local variable and return it with the URL but it didn't seem
to work (the session id returned was still different to the session id in
some hard coded URLs). As I said previously I was just trying to show some initiative but I'll probably just hard code the URLs in for now as I don't
want to get hung up on something which is trivial in comparison to some of
the other things I have done (and I am running out of time!!!).

Thanks again,

Pete.


Okay, I've had one of those "Now it works, but should it?" experiences. The
problem arose in the first bit I tested so I assumed that I couldn't do what
I was trying, period. However, the part that I was testing was a set of
search results from a database based on criteria posted from a form on a
separate page. When the form was posted to the searchresults.php page I
wasn't passing through the session id but as soon as I added that to the URL
in the action part of the form, it worked.

Now the session id is the same when returned from urls.inc as it is if I
"hard code" it in to the script using "<URL>.php?PHPSESSID=" . session_id()
so it seems as though the included file will pick up the correct session
details and as it works, I'm not going to fiddle with it anymore.

If only I'd tested another bit first....
Jul 17 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

3 posts views Thread by BlueFrog | last post: by
1 post views Thread by Sean Pinto | last post: by
1 post views Thread by Werner | last post: by
5 posts views Thread by google | last post: by
3 posts views Thread by damezumari | last post: by
10 posts views Thread by =?Utf-8?B?V2FubmFiZQ==?= | last post: by
4 posts views Thread by Cirene | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.