Sessions and URL masking

[minware]

Hi, I use php sessions but I also need some kind of url masking.

My domain name server provides frames based url masking but if I use that sessions don't work.

How can I do this?

Steve

[MadTechie]

Frames are client side, sessions are sever site.. they touch each other.. so i fail to see how a frame can mess up sessions...

 

whats the problem? "don't work" doesn't help!

[minware]

To give more detail, I have a main domain ie main.com and an addon domain (addon.com) that points to a directory 'addon'.

 

All my files are in my main directory except an index.php file in my subdomain directory 'addon' that has include paths pointing to files in my main directory.

 

When I am in addon.com I cannot add items to the shopping cart which uses sessions, although I can if I am in the full path http://main.com/addon/index.php

 

I don't want to display the full path but always have addon.com showing only.

 

I have discovered that there is a problem with using sessions with some kind of url masking.

 

How can I solve this?

Thanks, Steve

[MadTechie]

its not a session problem its a cookie one, send the PHPSESSIONID via the URL and it should work fine

[minware]

Ok I have now tried that by stating (on the add to cart page)

$_SESSION['added']="yes";

$PHPSESSID=session_id();

<script type=text/javascript>

window.top.location.href =echo'addon.com/?PHPSESSID=$PHPSESSID'';

</script>

 

(I tried to get rid of the slash / before ?PHPSESSID but it always gets added when page loads)

 

And when addon.com/ loads it has added ?PHPSESSID=acc2f6a31f1dc319bbe54591d684c685

 

Which is the session id, but sessions are still not working.

 

My index.php page that addon.com loads contains the line

'if(isset($_SESSION['added']))'

/*if something is added to the cart*/

{display shopping cart}

else

{display stock pages}

 

How can I make the passing of the session id make this work? How do I use that information?

Steve

[MadTechie]

your need to use

session_id($_GET['PHPSESSID'])

before using the sessions

 

 

basically the problem is when you starta session a cookie is created (on that domain) you can use that cookie on other domains, so we create a session on one domain and pass its ID to the other domain via get, then you need to tell that domain to use that same ID,

, i hope that clears it up (incase anyone was confused) 

[minware]

Do I put that before or after the session_start(); on my index.php page that addon.com loads.

Neither position works.

[MadTechie]

the use is on the main and the cart is on the addon correct?

 

main

passes the PHPSESSID to addon

 

session_start();
$_SESSION['test'] = "Hello";
$PHPSESSID= session_id();
echo "addon.other.com/index.php?PHPSESSID=$PHPSESSID;"

 

addon

session_id($_GET['PHPSESSID']);
session_start();
echo $_SESSION['test'];

 

is that what your doing, becuase that should work..

 

[minware]

That is basically how it's setup.

Its wierd, after passing the session varible 'added=yes' I get it by

 

session_id($_GET['PHPSESSID']);

session_start();

echo $_SESSION['added'];

 

Then I exit; to just see this variable. And sure enough the page displays 'yes'.

 

But later on in this same page I call the include file ../frames.inc (which is in the root directory)

and have the line

'if(isset($_SESSION['added']))'

/*if something is added to the cart*/

{display shopping cart}

else

{display stock pages}

 

But all that displays is the stock pages.

Steve

[minware]

Ok I have changed the include path from file ../frames.inc

to http://wwwmaindomain.com/frames.inc

 

An I can add items to the shopping cart which is great but at the start of my page before I do anything I get

 

Warning: session_start() [function.session-start]: The session id contains invalid characters, valid characters are only a-z, A-Z and 0-9 in /home/minware/public_html/mwbeads/index.php on line 3

 

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/minware/public_html/mwbeads/index.php:3) in /home/minware/public_html/mwbeads/index.php on line 3

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/minware/public_html/mwbeads/index.php:3) in /home/minware/public_html/mwbeads/index.php on line 3

[minware]

Ok I got it all working with

 

if(isset($_GET['PHPSESSID']))

{session_id($_GET['PHPSESSID']) ;}

 

And the error message has disapeared!

Thanks for your help! much appreciated

Steve

[MadTechie]

lol beat me to it

 

your welcome

 

if your done, can you click solved please

[minware]

Hi me again, it appears the problem isn't solved yet. The shopping cart only works sometimes as it did yesterday when I thought it was solved, but most of the time it doesn't work.

 

Basically my main page index.php is on the subdomain which has product links pointing to an include frame.

If nothing is added to the cart (ie $_SESSION['added']==no) the frame includes the welcome page.

When customers click on the links the correct product page which is on my maindomain is loaded into the include frame.

 

When customers click on 'add to cart' the main page index.php refreshes and loads the main page index.php again but this time the $_SESSION['added']==yes and it displays the shopping cart page (which is on my maindomain) in the frame window (this is what we achieved above yesterday).

 

But 9 times out of 10 the shopping cart is empty.

this is very wierd.

Steve

[minware]

I've found out when it works.

I have 2 websites, 1 on maindomain and 1 on subdomain. They share the same pages and php files which are stored in the maindomain directory.

If I just have the subdomain's website open the shopping cart doesn't work but if I also have the maindomain's website open I can add items to the shopping cart when in the subdomain's website.

 

The sessions are stored and created in the main domains directory.

This helps make things clearer I hope, Steve