Session and Excel

Hi to all,
When i export my reports to excel i can't start session. Because session_start send to browser some information so excel output don't work. In this case i can't check security information.
What's your opinion? What can i do for security check or can i start session with excel header. Is there any way?

Thanks to all.
header("Content-Type: application/xls; charset=UTF-8");
header("Content-Disposition: attachment; filename=report.xls");
header("Pragma: no-cache");
header("Expires: 0");

Open in new window

erenpasaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

hernst42Commented:
Why you still can check the security information. If the security information do not match just issue a 404 error vi header


<?php 
if (!isValidUser()) {
    header("HTTP/1.0 404 Not found");
    header("Content-type: text/plain");
    die(1);
}
 
header("Content-Type: application/xls; charset=UTF-8");
header("Content-Disposition: attachment; filename=report.xls");
header("Pragma: no-cache");
header("Expires: 0");

Open in new window

0
Loganathan NatarajanLAMP DeveloperCommented:
better I would suggest check the link before it is available to the user..

. otherwise some it would be risk to check on the export page.,
0
erenpasaAuthor Commented:
Hi logudotcom,
Could you explain some more?
0
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

Loganathan NatarajanLAMP DeveloperCommented:
In this case i can't check security information.

>> can you tell me bit here???

you want to restrict the  user to access the report of this page?
0
erenpasaAuthor Commented:
For example a user login to system and i have all information of users in session. But when i output to excel i can't start session so for this reason i can't check user security validation.
//If i start session in here so headers for excel don't work.
session_start();
if (!isset($_SESSION["userID"])){
   header("location:login.php");
}
header("Content-Type: application/xls; charset=UTF-8");
header("Content-Disposition: attachment; filename=report.xls");
header("Pragma: no-cache");
header("Expires: 0");	

Open in new window

0
hernst42Commented:
Those things work. We use such things on a regular base in our application. make sure to exit after you send the Location header. I would suggetst the following code.

Or do you open the xls file via Excel (macro) and not via Browser?
Are you using SSL?


<?php
 
//If i start session in here so headers for excel don't work.
session_start();
if (!isset($_SESSION["userID"])){
    header("HTTP/1.0 404 Not found");
    header("Content-type: text/plain");
    die(1);
}
 
header("Content-Type: application/xls; charset=UTF-8");
header("Content-Disposition: attachment; filename=report.xls");
header("Pragma: no-cache");
header("Expires: 0");   

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
erenpasaAuthor Commented:
Hi Hernest,
I've developing full ajax software. I couldn't see a important point.After your warning i've checked it again and i've change some codes. The code run properly at the moment with session.

Thanks alot.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.