We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

php and session variable

SiemensSEN
SiemensSEN asked
on
Medium Priority
277 Views
Last Modified: 2012-06-27
Hello,
  I have a PHP web application that I am have some problem with keeping the session unique.

here is what is happening

1:Open Browser 1 , login .. get a session ID -- Ok
2: Open Browser 2, login with a different user .. get a another session ID --OK
3: Refresh browser 2 --OK
4: Refresh Browser 1 -- It now have brower 2 information -- NOK

Why is it updating Browser 1? Any suggession how to fix it

Thanks for the help
Comment
Watch Question

CERTIFIED EXPERT

Commented:
Are "browser 1" and "browser 2" the same browser on the same PC? I would expect the behaviour you describe if Browser 1 and Browser 2 were both Firefox or IE on the same PC, but I would not expect this to be the case if Browser 1 was Firefox and Browser 2 was (say) IE.

What more can you tell us?

Author

Commented:
Browser 1 and 2 is FF and on the same PC. I do not get this issue if the browser 1 is IE and Browser2 is FF

I am not doing any special session handling . In by bootstrap file (ZEND) I am calling the session_start() function

Thanks in advance for your help
CERTIFIED EXPERT
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
CERTIFIED EXPERT

Commented:
"If you are opening the links in the same browser with different TABS this may occur. But I don't when different browser is refreshed"

That's not the case with FF. With FF if you start a new window (not a tabbed one - CTRL-N rather than CTRL-T) the second window has access to the session established by the first window. Other browsers may vary in their behaviour.
Most Valuable Expert 2011
Author of the Year 2014
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
Loganathan NatarajanLAMP Developer
CERTIFIED EXPERT

Commented:
CERTIFIED EXPERT

Commented:
Ray said: "There is no "fix" for this."

Well, there is....sort of...... but it's messy.

The solution is to embed an ID in the URL or form. You then use this identifier to access a class or array stored in the session using the URL ID as the key, but you need to encode this into everything you do. If you are security conscious then you can use PHP's mycrypt to encode/decode the value stored in the URL

Messy, but doable.
Most Valuable Expert 2011
Author of the Year 2014

Commented:
Yeah, what I really meant to convey is that there is no (easy, practical, feasible, sane, sensible, utilitarian) fix on the client side of things.  And it's not really a big deal - it only seems to be troublesome to developers.  How many "real-world" clients try to access your web pages from two instances of the browser with two different IDs?  It just doesn't occur outside of the test environment.  That's probably why PayPal and Amazon don't care about this phenomenon.
CERTIFIED EXPERT

Commented:
True enough - but it annoys the heck out of me.......
Most Valuable Expert 2011
Author of the Year 2014

Commented:
Me, too.
Vimal DMSenior Software Engineer
CERTIFIED EXPERT

Commented:
hai,

Just gothorw the session variable like

-- session_register
-- session_id


 
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.