Solved

Switching sessions mid-stream

Posted on 2004-03-20
5
203 Views
Last Modified: 2006-11-17
I have an app that stores the user's IP and useragent with the session... then also stores the session ID in the database.

Every time a page is accessed, I check the current session against the one in the DB. If they're differerent, voila, I can tell the account is logged in from two different computers at the same time.

What I'm trying to do now is switch over to the canned session and fetch the old IP and useragent so I can log them. My code is as follows:


$oldsess = (fetched from user record in db)
$newsess = session_id();

if ($oldsess != $newsess) {

      session_id($oldsess);            // switch to the one we found in the db
      session_start();
      $oldIP = $_SESSION['ip'];
      $oldUserAgent = $_SESSION['useragent'];
      
      session_id($newsess);            // switch back to the current one
      session_start();
      $newIP = $_SESSION['ip'];
      $newUserAgent = $_SESSION['useragent'];

The problem is that it's not really 'switching' sessions when I try to go to the old one-- at the end of the code above, $oldIP == $newIP and $oldUserAgent == $newUserAgent.

Why is this failing? Does switching sessions require a page refresh (so http headers are sent), or something like that?

E

p.s. I'm trying to avoid storing the IP address in the db, though that would be a different way to solve this.
0
Comment
Question by:pnoeric
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 6

Expert Comment

by:jkna_gunn
ID: 10647571
does session_id not need to be called before session_start??, so when you try to switch back it fails.
0
 

Author Comment

by:pnoeric
ID: 10647601
eh? not sure I follow. session_id sets the session, then session_start "kicks it into place." or so I believe that's how it works. or are you saying try it without the session_start after switching it with the _id?
0
 
LVL 6

Accepted Solution

by:
jkna_gunn earned 125 total points
ID: 10647721
i had never used session_id before so checked on php.net, and it says that it needs to be called before session_start
but since you are calling session_id and session_start twice then i dont think it would work. as the second time you call session_id the session has already started. try session_destroy before using session_id the second time.
0
 

Author Comment

by:pnoeric
ID: 10819111
Ugh. I tried it-- then I get "Session object destruction failed" on the line with session_destroy

Very, very strange. Any other ideas? I can't tell if the problem is that sessions are buggy or the documentation is just really fuzzy.

best
Eric
0
 

Author Comment

by:pnoeric
ID: 11975125
Never was able to really get this working :-( Sesssions seem to either be broken in PHP or not documented well enough that I could figure out how to switch 'em in mid-stream. I ended up just storing the IP address and running with that.

I'm crediting jkna_gunn the points since s/he tried to help me out :-)

best
Eric
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question