By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,278 Members | 1,342 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,278 IT Pros & Developers. It's quick & easy.

Manually setting session ids

P: n/a
I am writing some server to server software that needs to maintain state.

When I say server to server I mean that the client is not a browser, it
is another PHP server (as if that wasn't obvious).

The obvious way to do this is to use the session ID. The problem is, how
to first of all generate a session ID and then send back a session ID to
reload a session.

Perhaps my understanding of sessions is too limited, but I can't see the
wood for the trees at the moment. Maybe it's obvious and I can't see it.

This is the server (pseudocode). Forget the transport mechanism, imagine
that any function can be called remotely.

<?php
session_start();

function GetSessionID()
{
return session_id();
}

function SetSessionID($session_id)
{
session_id($session_id);
}

function SetVar($var, $val)
{
$_SESSION[$var] = $val;
}

function GetVar($var)
{
return $_SESSION[$var];
}

?>

now, on the client side, the idea is to do something like this

$sid = $client->GetSessionId();
$client->SetSessionId($sid);
$client->SetVar('foo', 'bar');
echo $client->GetVar('foo'); //returns 'bar'

The problem seems to be that session_start on the server side is called
at the top of the script, and there is no way to change the session_id
midstream.

Even if I could change the session_id, would I get back the data I had
already set?

Does anyone have any thoughts. I'm going mad.

Sep 29 '08 #1
Share this Question
Share on Google+
4 Replies


P: n/a
*** Hugh Oxford escribió/wrote (Mon, 29 Sep 2008 18:33:09 +0100):
I am writing some server to server software that needs to maintain state.

When I say server to server I mean that the client is not a browser, it
is another PHP server (as if that wasn't obvious).
The word "server" has lots of meanings. What do you mean exactly? If you
are connecting to a remote server using HTTP, it doesn't matter who you
are: the mechanism is exactly the same.

This is the server (pseudocode). Forget the transport mechanism, imagine
that any function can be called remotely.
You are making a rather curious assumption but...
The problem seems to be that session_start on the server side is called
at the top of the script, and there is no way to change the session_id
midstream.
.... this works for me:

<?php

session_id('A');
session_start();
$_SESSION['who_am_i'] = 'I am session A';
session_write_close();

session_id('B');
session_start();
$_SESSION['who_am_i'] = 'I am session B';
session_write_close();
session_id('A');
session_start();
echo $_SESSION['who_am_i'] . "\n";
session_write_close();

session_id('B');
session_start();
echo $_SESSION['who_am_i'] . "\n";
session_write_close();

?>

You need to set session.use_cookies to 0 in your php.ini (or use @ to hide
warnings).
--
-- http://alvaro.es - Álvaro G. Vicario - Burgos, Spain
-- Mi sitio sobre programación web: http://bits.demogracia.com
-- Mi web de humor en cubitos: http://www.demogracia.com
--
Sep 29 '08 #2

P: n/a
>I am writing some server to server software that needs to maintain state.
>
When I say server to server I mean that the client is not a browser, it
is another PHP server (as if that wasn't obvious).
But for the purpose of this connection, it's another client.
>The obvious way to do this is to use the session ID. The problem is, how
to first of all generate a session ID and then send back a session ID to
reload a session.
CURL permits things such as getting the session cookie returned
from a request, saving it, and re-sending it on subsequent requests
in the same session.

The session ID is set by the server acting as a server in this situation.
It is up to the client to get the returned session ID, *NOT CHANGE IT*,
and re-use it when necessary. If you need to save the session cookie
across a PHP page in the client, use a database.

Don't confuse the session ID for server-to-server vs. the session
ID for the PHP page browser-to-server. They are two different
session IDs.
>Perhaps my understanding of sessions is too limited, but I can't see the
wood for the trees at the moment. Maybe it's obvious and I can't see it.

This is the server (pseudocode). Forget the transport mechanism, imagine
that any function can be called remotely.
That's a strange assumption.
>
<?php
session_start();

function GetSessionID()
{
return session_id();
}

function SetSessionID($session_id)
{
session_id($session_id);
}

function SetVar($var, $val)
{
$_SESSION[$var] = $val;
}

function GetVar($var)
{
return $_SESSION[$var];
}

?>

now, on the client side, the idea is to do something like this

$sid = $client->GetSessionId();
$client->SetSessionId($sid);
$client->SetVar('foo', 'bar');
echo $client->GetVar('foo'); //returns 'bar'

The problem seems to be that session_start on the server side is called
at the top of the script, and there is no way to change the session_id
midstream.

Even if I could change the session_id, would I get back the data I had
already set?

Does anyone have any thoughts. I'm going mad.

Sep 29 '08 #3

P: n/a
On 29 Sep, 18:33, Hugh Oxford <ares...@fas.comwrote:
I am writing some server to server software that needs to maintain state.

When I say server to server I mean that the client is not a browser, it
is another PHP server (as if that wasn't obvious).

The obvious way to do this is to use the session ID. The problem is, how
to first of all generate a session ID and then send back a session ID to
reload a session.

Perhaps my understanding of sessions is too limited, but I can't see the
wood for the trees at the moment. Maybe it's obvious and I can't see it.

This is the server (pseudocode). Forget the transport mechanism, imagine
that any function can be called remotely.

<?php
session_start();

function GetSessionID()
{
return session_id();

}

function SetSessionID($session_id)
{
session_id($session_id);

}

function SetVar($var, $val)
{
$_SESSION[$var] = $val;

}

function GetVar($var)
{
return $_SESSION[$var];

}

?>

now, on the client side, the idea is to do something like this

$sid = $client->GetSessionId();
$client->SetSessionId($sid);
$client->SetVar('foo', 'bar');
echo $client->GetVar('foo'); //returns 'bar'

The problem seems to be that session_start on the server side is called
at the top of the script, and there is no way to change the session_id
midstream.

Even if I could change the session_id, would I get back the data I had
already set?

Does anyone have any thoughts. I'm going mad.
You're trying to make the session model for browser wielding users fit
a server-to-server model. Start again with a blank bit of paper.

We can't advise further without knowing a lot more about the
interchange - how does security figure? Will there be multiple
clients? "Forget the transport mechanism" - do you mean we should
assume that it's transactionally secure or that this doesn't matter?
Does it have to run synchronously or asynchronously? Are you writing
the code at both ends?

C.
Sep 30 '08 #4

P: n/a
Hugh Oxford wrote:
I am writing some server to server software that needs to maintain state.

When I say server to server I mean that the client is not a browser, it
is another PHP server (as if that wasn't obvious).

The obvious way to do this is to use the session ID. The problem is, how
to first of all generate a session ID and then send back a session ID to
reload a session.

Perhaps my understanding of sessions is too limited, but I can't see the
wood for the trees at the moment. Maybe it's obvious and I can't see it.

This is the server (pseudocode). Forget the transport mechanism, imagine
that any function can be called remotely.

<?php
session_start();

function GetSessionID()
{
return session_id();
}

function SetSessionID($session_id)
{
session_id($session_id);
}

function SetVar($var, $val)
{
$_SESSION[$var] = $val;
}

function GetVar($var)
{
return $_SESSION[$var];
}

?>

now, on the client side, the idea is to do something like this

$sid = $client->GetSessionId();
$client->SetSessionId($sid);
$client->SetVar('foo', 'bar');
echo $client->GetVar('foo'); //returns 'bar'

The problem seems to be that session_start on the server side is called
at the top of the script, and there is no way to change the session_id
midstream.

Even if I could change the session_id, would I get back the data I had
already set?

Does anyone have any thoughts. I'm going mad.

I don't understand what the session id has to do with what you're trying
to accomplish. In fact, I have no idea exactly what you're even trying
to accomplish.

How about describing what you're trying to do, instead of why what
you're doing won't work (and no, it won't work).

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================

Sep 30 '08 #5

This discussion thread is closed

Replies have been disabled for this discussion.