| Re: Strange url session behaviour after upgrade to 4.3 [message #182748 is a reply to message #182747] |
Tue, 03 September 2013 16:59   |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 9/3/2013 11:58 AM, Tobiah wrote:
> On 08/30/2013 05:28 PM, Jerry Stuckle wrote:
>> On 8/30/2013 4:33 PM, Tobiah wrote:
>>> I have a page that needs to get another page on the fly, using
>>> the same session. I figured out how to stop my session and set
>>> the cookie on the CURL handler, and everything was cool. The
>>> curled page had my same session available as the calling page.
>>> Life was good.
>>>
>>> Now something has changed after upgrading from 5.2.4 to 5.3.10.
>>> My session was no longer available on the curled page. What's
>>> strange is that the PHPSESSID cookie was still being set, and
>>> hit had the correct value.
>>>
>>> Here is the weirdest part. If I do this:
>>>
>>> session_id($_COOKIE['PHPSESSID']);
>>> session_start();
>>>
>>> The session is there! But why isn't php taking
>>> the cookie as the id all by itself? Regular
>>> pages (not curled) all work as before. All of
>>> our websites work fine on the new version, except
>>> for this one curl call. I could update 100's of
>>> websites to fix them with the added lines, but
>>> I'd really rather find out why the curled page
>>> is not taking the session_id from the PHPSESSID
>>> cookie.
>>>
>>> Thanks!
>>>
>>> Toby
>>
>> I don't know what would have changed in the PHP update. But you
>> haven't shown us the failing (cURL) code - so anything would be a
>> guess.
>>
>> Are you trying to access a PHP script on a different server (or
>> domain)? Or what are you trying to do specifically?
>>
>
>
> So I'm executing PHP, and I need to grab the HTML from another
> url on the same domain. It's easy to use curl for this, but
> I need the other url to execute PHP with the same session id as
> the calling script.
>
> I'm doing something like this:
>
> $session_id = session_id();
> session_write_close();
>
> Then I make a cookie jar of the Netscape type and point to it:
>
> $cookie = sprintf("%s\t%s\t%s\t%s\t%s\t%s\t%s\n",
> $this->host, "FALSE", "/$this->path/", "FALSE",
> "0", $key, $val
> );
> $cookie_jar = fopen($this->cookie_jar_name, 'a');
> fwrite($cookie_jar, $cookie);
> fclose($cookie_jar);
>
> $ch = curl_init($this->url);
> curl_setopt($ch, CURLOPT_COOKIEFILE, $this->cookie_jar_name);
>
> I set some other options, including CURLOPT_POST and
> CURLOPT_RETURNTRANSFER. I've tried some others that don't
> seem to matter either way:
>
> CURLOPT_USERAGENT
> CURLOPT_FOLLOWLOCATION
> CURLOPT_SSL_VERIFYPEER
> CURLOPT_SSL_VERIFYHOST
> CURLOPT_FORBID_REUSE
>
> $other_html_page = curl_exec($ch);
>
> So, under php 5.2.4, the 'other' page php
> sees the session and the page runs correctly.
> Now, under 5.3.10, I have to do this on the other page:
>
> session_id($_COOKIE['PHPSESSID']);
> session_start();
>
> So what I don't understand, is why php doesn't know to
> look at the PHPSESSID cookie and makes me spoon feed it
> the value. This is all running on the same server under
> the same .ini file. Sessions work fine in the main page,
> and I know PHP is getting the session value out of the
> cookie, because deleting the PHPSESSID cookie results in
> a reset of all my data for the app.
>
> So there is some difference in curl, where just setting
> the cookie is not enough. I have to force the cookie
> value into session_id().
>
> Thanks again,
>
> Toby
>
Hi, Toby,
Well, one thing I see right off hand:
$cookie_jar = fopen($this->cookie_jar_name, 'a');
You are appending to the file. I think you want 'w' here to overwrite
the contents of the cookie_jar (unless you have previously cleared the
contents in this script).
Additionally, setting the domain to www.example.com with a value of
FALSE would say you have to access www.example.com - example.com won't
work, for instance. Setting .example.com with a value of TRUE would
allow access via either www.example.com or example.com. I don't know if
this is part of the problem or not, though. Maybe not.
I also don't know what's in your $this->path; normally I just use '/' here.
I don't know if the latter two are related to your problem, but I highly
suspect the appending to the file will cause a problem. They are just a
couple of other things to look at.
Hope this gives you a lead. I'd be interested in knowing if one of
these fixed your problem, and if so, which one.
Jerry
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]