Jump to content

Problem using curl on asp with cookie


Levian
Go to solution Solved by requinix,

Recommended Posts

Hi,

 

I'd stumbled upon a problem around doing curl on an asp website which use cookie.

 

I use username n session id to determine the cookie file, on a case when a second browser open up it should have different session id, hence it may create new cookies instead of using the active previously-made cookie file, please do correct me if I'm wrong.

 

So question is....how to detect a user is logged or not in such situation ?

Or perhaps how is the proper way to determine a cookie file in such situation ?

 

 

Thanks in advance,

Link to comment
Share on other sites

I use username n session id to determine the cookie file, on a case when a second browser open up it should have different session id, hence it may create new cookies instead of using the active previously-made cookie file, please do correct me if I'm wrong.

I believe you are. The session ID is stored in a cookie, right? Either the cookies are being shared in the two windows or they're not being shared; if shared then the windows will be using the same session (which is generally what happens), if not then there's no risk of accidentally "reusing" cookies from the other window.
Link to comment
Share on other sites

Thanks for the reply requinix,

 

May I inquire a bit more....

 

The session ID is stored in a cookie, right?

if not then there's no risk of accidentally "reusing" cookies from the other window.

The first one...is it about asp.net session id inside the cookie file ?

 

n I'm not quite understand the 2nd line of the if...sorry if it sounds like a dumb question...it does I admit it :sweat:

 

I hope you don't mind answering.

 

 

Thanks,

Link to comment
Share on other sites

I open a browser n it creates a new cookie file which include asp.net session id inside

Then I open a browser on another (in this case a mobile browser)...n again it creates new cookie file (since the cookie file name is determined by login username n session id of the browser, which is different from the previous browser) which include a different asp.net session id.

 

So the 2nd browser count it as a new session, create new session id, despite the fact that the same username is currently logged on 1st browser, or so it seems to me.

Edited by Levian
Link to comment
Share on other sites

...Are you talking about deliberately reusing the same session for the same logical user even if they're on separate devices? I thought you were asking about something else.

 

Please don't do that. The session should not be a place where you store temporary data. I don't want my sessions to be the same everywhere I go.

Link to comment
Share on other sites

Thanks requinix,

 

Maybe I should rephrase my question...

 

There's 2 sites, the users should first login to site A, then inside they're using single username to login to site B n get the needed data

The connected users on site A will get different sessions...I get that, even the same user on different devices should have different session

However the problem is...how site B will recognize them all as the same user ? Cause how it currently works...site B didn't get them as the same user n prompt them to login again despite it actually is logged on from another user on another device. (it's using only 1 username for site B logging)

 

Honestly, it's confusing...more to the fact that I know not how asp works, so meanwhile I'm also seeing as to how asp works on

 

 

 

Thanks in advance,

Link to comment
Share on other sites

  • Solution

It will recognize them because they're using the same "single username"...

 

Regarding session IDs and the cookie containing that ID, it's the same thing as with your site A: they're different sessions with different cookies. The two sessions simply happen to be referencing the same account - as if they had the same value for $_SESSION["user_id"].

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.