sylvest Posted March 2, 2017 Share Posted March 2, 2017 Does anyone know how to access the session variables of a different session, in PHP?. The reason I need to do this is that I am accessing most pages on my website via a domain name, such as http://www.****/login.php. However, the form on the login.php page where the username and password are entered uses https://hostname.tchmachines.com/~username/do_loginphp as its Action page because I must use SSL for this to ensure that my usernames and passwords are not sent over the net in open text. This means that do_login.php is running in a different session from login.php, so I can't use the $_SESSION array to pass values from one to the other. If I pass the PHPSESSIONID of the original unencrypted session to the do_login.php page via a GET or POST variable, what I am trying to find out is, how would I then read and write values from/to the original $SESSION array? Thank you - Rowan Quote Link to comment Share on other sites More sharing options...
sylvest Posted March 2, 2017 Author Share Posted March 2, 2017 Whatr I'm trying is: in the login page http://www.****/login.php. Do session_start(). Write some values into $_SESSION. add to the login form a hidden control with name='sessionid' and value='<?=session(id)?> In the form handler (https://hostname.tch...ame/do_login.php) Do session_start(). Read the value of session_id(), which is 4579fnvb049q7u5h8dmveqdm92 Check the value of $_SESSION which is an empty array. Check the value of $_POST['sessionid'] which is thp24j106dp9ffdif406l37vg3 Now do: // This should restore the old session. $fname = session_save_path() . "/sess_" . $_POST['sessionid'];session_decode(file_get_contents($fname))) // This should set some new session variables$_SESSION['uehdj'] = 'iwenfio';$_SESSION['oqyhekj'] = 'owhusnxdi'; Check the value of $_SESSION, which is$_SESSION =Array( [uehdj] => iwenfio [oqyhekj] => owhusnxdi) I.e. the old session variables have not been recovered. 6. Now do: // Ths is supposed to write the session data back to the old session file. $session_string = session_encode();$bytes = file_put_contents($session_string); // This is supposed to return to a http://www.****/ page header('Location: http://www.nydomain,.com/welcome.php'); exit(); 7. Use $_SESSION, which is supposed to contain any values that it had at the beginning of this who process, plus the two I added in do_login.php My main question is: Why are there no sess_ files in the directory /home/myaccount/tmp that match either 4579fnvb049q7u5h8dmveqdm92 or thp24j106dp9ffdif406l37vg3. The only file there is sess_ea6d51dbplto9ukucbk9fvkep86kt5f7 which doesn't mathch any session I know about. I hope someone understands how all this stuff works and can explain to me how to get it working. Thanks - Rowan Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.