Jump to content

accessing php sessions in iframes

buzz2050

By buzz2050
in PHP Coding Help

 Share

Recommended Posts

buzz2050 Newbie

buzz2050

Posted
Posted

Hi,

 

I have a very basic idea of PHP session management. From what I know, in order to maintain variables across multiple scripts we can store them in a session.

 

I have a main page called index.php in which I have embedded an iframe referencing another php script bar.php. All I am trying to do is access the session variables from index.php in the iframe which so far I haven't been able to accomplish.

 

My code is as follows:

 

index.php

<?php

session_start();
$_SESSION['myVar']="hello" ;

$sessId=session_id();
echo "<br> sessId: " . $sessId . "<br>" ;

print('<iframe name="test" id="test" src="foo/bar.php?sessId='.$sessId.'" marginwidth=0 marginheight=0 onload="this.height=this.contentDocument.height" width="100%" frameborder="0" scrolling="yes"></iframe>');

?>

 

 

bar.php

<?php

$sessId = $_REQUEST['sessId'] ;

if(session_id() == "") 
{ 	
session_id($sessId);
session_start(); 
echo "<br> sessId: " . $sessId . "<br>" ; //shows same sess-id as index.php
echo "<pre>" ;
print_r($_SESSION); //empty array
} 
else
{
//something
}

?>

 

Earlier I noticed that simply saying session_start() in the iframe-script was actually creating a new session with a different session id, hence I appended the session id from index.php into the iframe URL so that I can try to access the same ongoing session from bar.php, but print_r($_SESSION) doesnot show me anything.

 

Any suggestions?

Link to comment
https://forums.phpfreaks.com/topic/146344-accessing-php-sessions-in-iframes/
Share on other sites
buzz2050 Newbie

buzz2050

Posted
  • Author
Posted

Hi again,

 

Just to be clear, what I am basically trying to do is customize an existing application to add some functionality, hence the goof ups, I apologize.

 

More information:

 

I have xampp on my localhost; scampering around the app I realized that the session files were stored in a dir data/sessions/ which had an htaccess file in it, could that have something to do with me not being able to access the session variables from within the iframe?

 

Another thing which I noticed was that the iframe did print the session vars set in other test scripts that I wrote... just not the ones from the parent page in which it was embedded.

 

I am not very adept at PHP or Apache for that matter, but it looks to me like some security measures are implemented by the original app creators so as to avoid the session vars being accessed by any other code outside that application (such as my iframe), can this be tackled?

 

Any help appreciated!

buzz2050 Newbie

buzz2050

Posted
  • Author
Posted

Hi Q695,

 

Thanks for the reply.

 

I did try your suggestion, still print_r($_SESSION) in bar.php gives me something like this..

 

Array

(

    [f89e89a4be8fd013097c18665b3e4c90] =>

)

 

None of the session variables set in the parent page(index.php) appear in the child iframe(bar.php) embedded in it.

 

And as mentioned in my second post, I am trying to add some features to an existing application for which I am tweaking the core code a bit. I need to embed a calendar in the index page of this app, hence the iframe.

Philip Advanced Member

Philip

Posted
Posted

the page should say:

session_start();

session_register($sessId);

$sessId = $_SESSION[id];

 

change this on the second set of data:

if($sessId)

 

I don't see why you're using iframe though.

 

Session register is deprecated, and you aren't using quotes around the index. ;)

 

session_start();
$_SESSION['id'] = "foo";
$hi = $_SESSION['id'];
echo $hi;
// shows 'foo'

 

@OP, any reason to why you're trying to call the session id?

<?php
session_start();
$_SESSION['myVar']="hello" ;

// don't really need this
$sessId=session_id();
echo "<br> sessId: " . $sessId . "<br>" ;

print('<iframe name="test" id="test" src="foo/bar.php" marginwidth=0 marginheight=0 onload="this.height=this.contentDocument.height" width="100%" frameborder="0" scrolling="yes"></iframe>');

?>

<?php
session_start();


if(!isset($_SESSION['myVar']) || empty($_SESSION['myVar'])) 
{ 	
echo "<pre>" ;
print_r($_SESSION);
echo '</pre>';
} 
else
{
//something
}

?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.