mzehner
asked on
PHP session ID causing error
I have recently written a website in PHP. My pages use sessions all starting with:
<?php
session_start();
?>
I use a query to control what part of the mysql database is displayed on each page. Each page is the same, only the query prompt changes and controls what section information is displayed.
The problem is that when the main page is first opened in the browser, the PHP session ID also is appended to the query string. This causes the software to think an invalid page is selected. If I refresh the page in any way this problem disappears and I must open another instance of the browser to make it reappear.
The website address is:
http://www.techtutorials.info
Does anyone have any idea why this problem is occuring and how to solve it?
Thanks for any help.
<?php
session_start();
?>
I use a query to control what part of the mysql database is displayed on each page. Each page is the same, only the query prompt changes and controls what section information is displayed.
The problem is that when the main page is first opened in the browser, the PHP session ID also is appended to the query string. This causes the software to think an invalid page is selected. If I refresh the page in any way this problem disappears and I must open another instance of the browser to make it reappear.
The website address is:
http://www.techtutorials.info
Does anyone have any idea why this problem is occuring and how to solve it?
Thanks for any help.
Same, no problem for me either.
JD
JD
Hi,
I see your problem. You can "clean" QUERY STRING value with this regular expression:
$index = preg_replace("/^(.*?)&.*$/
So, for query string "apps&PHPSESSID=63bc9cb741
$index will contain "apps".
I see your problem. You can "clean" QUERY STRING value with this regular expression:
$index = preg_replace("/^(.*?)&.*$/
So, for query string "apps&PHPSESSID=63bc9cb741
$index will contain "apps".
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Comment to my code:
it returns the first part of QUERY STRING, from the very beginning till the first & - so it will work with any additional parameters which can be need later
it returns the first part of QUERY STRING, from the very beginning till the first & - so it will work with any additional parameters which can be need later
I was talking case where PHPSESSID is inbetween other parameters. ;)
JD
JD
ASKER
I get the problem in IE 6.0 and I believe on other computers I am using IE 5.5 or 5.0. It only occurs the first time the browser is opened to that page. If you right click on the link above and open another browser window in IE, then hold the mouse over a link, you should see the PHP session ID show up.
I believe andreif and dkjariwala may have a good solution but I am curious as to why this would happen in the first place. I think it is an interesting problem. When I first created the web site, I did not notice this problem. I had not changed the code for a while, then the problem began. I wonder if my provider may have made server changes that could have affected it. I know there has been a recent PHP security patch. Could this patch have affected this?
I will try the solutions tonight.
Thanks for your answers.
I believe andreif and dkjariwala may have a good solution but I am curious as to why this would happen in the first place. I think it is an interesting problem. When I first created the web site, I did not notice this problem. I had not changed the code for a while, then the problem began. I wonder if my provider may have made server changes that could have affected it. I know there has been a recent PHP security patch. Could this patch have affected this?
I will try the solutions tonight.
Thanks for your answers.
I think this text from manual gives answer:
"PHP is capable of doing this transparently when compiled with --enable-trans-sid. If you enable this option, relative URIs will be changed to contain the session id automatically."
So, it's possible that PHP settings were changed
"PHP is capable of doing this transparently when compiled with --enable-trans-sid. If you enable this option, relative URIs will be changed to contain the session id automatically."
So, it's possible that PHP settings were changed
Yeah ,
but PHP also utilises cookie to pass on session ID not necessarily through query string.
JD
but PHP also utilises cookie to pass on session ID not necessarily through query string.
JD
I think this text from manual gives answer:
"PHP is capable of doing this transparently when compiled with --enable-trans-sid. If you enable this option, relative URIs will be changed to contain the session id automatically."
So, it's possible that PHP settings were changed
"PHP is capable of doing this transparently when compiled with --enable-trans-sid. If you enable this option, relative URIs will be changed to contain the session id automatically."
So, it's possible that PHP settings were changed
sorry for copy :)
Got the same problem using IE6 and Netscape 6.2, even when I use any of your sites links in a new window.
http://www.techtutorials.info/ctt.php?olschool
How are you generating your first page?
Believe this is were the problem originates
According to the source code all the links have the session id in the URL. Can you supply us with a sample of the query/php code that you run before displaying the first page, and for creating the urls.
http://www.techtutorials.info/ctt.php?olschool
How are you generating your first page?
Believe this is were the problem originates
According to the source code all the links have the session id in the URL. Can you supply us with a sample of the query/php code that you run before displaying the first page, and for creating the urls.
ASKER
The code needs cleaned up but here it is:
$page=1;
if (!$QUERY_STRING) /* Use sections for query unless there is a query string */
{
$sectionn="sections";
$section=$sectionn;
}
else
{
$dash="-";
$pos=strpos($QUERY_STRING,
if ($pos===false)
{
$sectionn=$QUERY_STRING;
}
else
{
$sectionn=substr($QUERY_ST
$page=substr($QUERY_STRING
}
$section=$sectionn;
$thisection=$sectionn; //Store the section in case of a search
}
if ($section=="unknown")
{
$section="sections";
}
The code for the links on the left is hardcoded in HTML as follows:
<li class="dot"><a class="featureSetText" href="ctt.php?olschool" target="_top" onMouseOver="window.status
$page=1;
if (!$QUERY_STRING) /* Use sections for query unless there is a query string */
{
$sectionn="sections";
$section=$sectionn;
}
else
{
$dash="-";
$pos=strpos($QUERY_STRING,
if ($pos===false)
{
$sectionn=$QUERY_STRING;
}
else
{
$sectionn=substr($QUERY_ST
$page=substr($QUERY_STRING
}
$section=$sectionn;
$thisection=$sectionn; //Store the section in case of a search
}
if ($section=="unknown")
{
$section="sections";
}
The code for the links on the left is hardcoded in HTML as follows:
<li class="dot"><a class="featureSetText" href="ctt.php?olschool" target="_top" onMouseOver="window.status
ASKER
I've added the code written by dkjariwala and it stripped the session ID so the problem no longer appears.
I think andreif may have posted the reason for the change. The statement by dkjariwala is also correct, but I believe it depends on how my web site host compiled the PHP. Still investigating this.
I think andreif may have posted the reason for the change. The statement by dkjariwala is also correct, but I believe it depends on how my web site host compiled the PHP. Still investigating this.
So who would get the points ?? ;)
JD
JD
Hi mzehner, I think there was an answer, am I right?
ASKER
Sorry for the delay. I have been very busy and had a difficult time deciding who should get the points.
It seems like the changes to PHP have slowed the performance of the site. I have removed PHP sessions from the main pages of the site due to performance. I am beginning to think sessions should be avoided unless absolutely necessary. Use of hidden variables in forms to pass extra information rather than sessions is a good idea.
It seems like the changes to PHP have slowed the performance of the site. I have removed PHP sessions from the main pages of the site due to performance. I am beginning to think sessions should be avoided unless absolutely necessary. Use of hidden variables in forms to pass extra information rather than sessions is a good idea.
Is the error on the URL you supplied?
Try to retype the URL and hit enter.