A hole in my understanding about PHP sessions records

[ocpaul20]

 

From the mickey-mouse test programs I have written in php to test this can you tell me if I have understood this correctly please?

 

1) A PHPsession is unique to each client browser. (ffox on my PC opens a page from my website will get a PHPsession. IE on my PC opens a page from my website will get a separate PHPsession.)

 

2) It appears like, in a browser I can open 2 tabs(or different instances/windows), each showing a different page from my website and each having different values one tab can be entering invoices, the other tab can be amending a customer record.......However, the php below seems to suggest that I am kidding myself, and if one window/tab alters the value of a SESSION variable, all the other windows/tabs will use that value when they reference that SESSION variable.

 

 

How does a browser tab/window request a page from the server, and then know which tab/window it is destined for when it arrives back from the server?

 

I just dont understand how it works at the moment and I was wondering if some kind soul would try and explain it to me please?

Thanks,

Paul

 

session_start();
echo session_id();

if (!isset($_SESSION['this_user'])) {
    $_SESSION['this_user'] = rand(1,999999);
    echo "<BR>I have set the value in SESSION[this_user] to [".$_SESSION['this_user']."]";
} else{
echo "<BR>Now, the value in SESSION[this_user] is [".$_SESSION['this_user']."]";
    $_SESSION['this_user'] = rand(1,999999);
echo "<BR><BR>I am changing the value in SESSION[this_user] to [".$_SESSION['this_user']."]";
}
exit;

 

 

[PFMaBiSmAd]

IE and FF operate differently, when the session cookie lifetime is zero (just tested.) In IE, two different instances of the browser each get their own session. In FF, two different instances of the browser only get a single session.

 

In IE, I know that when the session cookie has a zero life time (deleted when the browser closes) that the session cookie is kept in a memory cookie cache. It would appear that each instance of IE has its' own memory cache.

 

I also just tested in IE using a positive cookie lifetime (where the cookie is actually stored in a file), and the behavior changed to match FF (one session.)

 

I don't know where/how FF stores its' cookies, but it would appear that all instances of FF share one location and share a single cookie by any one name.

 

All of the above has to do with the session id cookie. When a page is requested all cookies that have host/domain/path settings that match the host/domain/path of the page being requested are sent to the server. For FF and IE (when it is forced to store the cookie in a file) all instances of the same browser only have one cookie available to send to the server, resulting in one session for all instances of the same browser.

[ocpaul20]

Thanks for your reply.

 

All this is about trying to make sure that my PHP pages are not accessed in the wrong order (example edit=>confirm=>write sequence) and I do this by setting a unique number into a SESSION[ pagenum] variable at the top of each page. I can then check if the confirm page has been called from the edit page, and the write page has been called from the confirm page. If the user has called the page from somewhere else, I can redirect them to a known starting place.

 

This seems to work fine - which is what I dont understand.

 

If one tab/window is in confirm and another viewprofile tab/window alters SESSION[pagenum] to its own page number value, then when the confirm page calls the write page, the write page SHOULD read the SESSION[pagenum] set by the viewprofile page. But it doesn't.

 

This sounds complicated, I know, however, it seems to work which is strange. From what we have established, there seems to be only one set of SESSION[ ] variables saved per sessionid.

 

How do people cope with multiple tabs/instances of a visit to a website?

[ocpaul20]

actually, it does 'corrupt' the variables. So I was wrong.

 

Basically, in order to get around some of these problems I need to use different variables for different form input items.

 

That still leaves me with the problem of making sure the sequence of events is correct. How would I do that?