sylvest Posted March 2, 2017 Posted March 2, 2017 Does anyone know how to access the session variables of a different session, in PHP?. The reason I need to do this is that I am accessing most pages on my website via a domain name, such as http://www.****/login.php. However, the form on the login.php page where the username and password are entered uses https://hostname.tchmachines.com/~username/do_loginphp as its Action page because I must use SSL for this to ensure that my usernames and passwords are not sent over the net in open text. This means that do_login.php is running in a different session from login.php, so I can't use the $_SESSION array to pass values from one to the other. If I pass the PHPSESSIONID of the original unencrypted session to the do_login.php page via a GET or POST variable, what I am trying to find out is, how would I then read and write values from/to the original $SESSION array? Thank you - Rowan Quote
sylvest Posted March 2, 2017 Author Posted March 2, 2017 Whatr I'm trying is: in the login page http://www.****/login.php. Do session_start(). Write some values into $_SESSION. add to the login form a hidden control with name='sessionid' and value='<?=session(id)?> In the form handler (https://hostname.tch...ame/do_login.php) Do session_start(). Read the value of session_id(), which is 4579fnvb049q7u5h8dmveqdm92 Check the value of $_SESSION which is an empty array. Check the value of $_POST['sessionid'] which is thp24j106dp9ffdif406l37vg3 Now do: // This should restore the old session. $fname = session_save_path() . "/sess_" . $_POST['sessionid'];session_decode(file_get_contents($fname))) // This should set some new session variables$_SESSION['uehdj'] = 'iwenfio';$_SESSION['oqyhekj'] = 'owhusnxdi'; Check the value of $_SESSION, which is$_SESSION =Array( [uehdj] => iwenfio [oqyhekj] => owhusnxdi) I.e. the old session variables have not been recovered. 6. Now do: // Ths is supposed to write the session data back to the old session file. $session_string = session_encode();$bytes = file_put_contents($session_string); // This is supposed to return to a http://www.****/ page header('Location: http://www.nydomain,.com/welcome.php'); exit(); 7. Use $_SESSION, which is supposed to contain any values that it had at the beginning of this who process, plus the two I added in do_login.php My main question is: Why are there no sess_ files in the directory /home/myaccount/tmp that match either 4579fnvb049q7u5h8dmveqdm92 or thp24j106dp9ffdif406l37vg3. The only file there is sess_ea6d51dbplto9ukucbk9fvkep86kt5f7 which doesn't mathch any session I know about. I hope someone understands how all this stuff works and can explain to me how to get it working. Thanks - Rowan Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.