Jump to content

Archived

This topic is now archived and is closed to further replies.

topcoder1

[SOLVED] php running inside an iframe and session data and IE

Recommended Posts

I have a php app running inside an iframe.

I pass a piece of info to this iframe through http parameters, php gets it and then set it in the session.  However, the session data is lost when I read it from another php page within the same php application.

 

index.php which resides in an iframe

	session_start();

	$_SESSION['mydata']=$_POST['mydata'];  // ok

 

another.page that I later invoke

error_log(print_r($_SESSION,1)); //nothing!

 

this weirdness only happens on IE.  and if I refresh the iframe again, the session data will be available.  any idea?

thanks

 

Share this post


Link to post
Share on other sites

On the other page are you calling session_start?

 

yes I am. Here's the complete code:

 

index.php

session_start();
$_SESSION['mydata']=$_POST['mydata'];  // ok
session_write_close(); //ensures that I dont lock the session for too long

another php page I invoke later

session_start();
error_log(print_r($_SESSION,1)); //nothing in the session array!

 

also the html file that has the iframe is hosted by a different domain than the phps.  They are both hosted on the same machine however.  The problem only occurs on IE. 

 

Share this post


Link to post
Share on other sites

solution according to

hbertini at sapo dot pt

13-Mar-2005 03:29

 

workaround when using session variables in a .php file referred by a frame (.html, or other file type) at a different server than the one serving the .php:

 

Under these conditions IE6 or later silently refuses the session cookie that is attempted to create (either implicitly or explicitly by invoquing session_start()).

 

As a consequence, your session variable will return an empty value.

 

According to MS kb, the workaround is to add a header that says your remote .php page will not abuse from the fact that permission has been granted.

 

Place this header on the .php file that will create/update the session variables you want:

 

<?php header('P3P: CP="CAO PSA OUR"'); ?>

 

Regards,

Hugo

 

http://us.php.net/function.session-start

 

 

Share this post


Link to post
Share on other sites

I know you guys are much older now. Still, I want to appreciate your answer. By the way, I found that I need

<?php header('P3P: CP="CAO PSA OUR"'); ?> to read the session data, as well.

 

Brian

Share this post


Link to post
Share on other sites

As a bit of extra info on the topic, for others:

 

@brianko: That's quite obvious. If the session ID can't be read from the cookie (implying cookie usage), the session can't be continued thus you can't access the session data.

 

The safest thing to do is to have this header sent along whenever, even if you're not in an frame or iframe.

 

Only thing I find strange is that ONLY microsoft has this weird safety built into their browser and, assuming, no other browser vendors have this.

 

Cheers!

Share this post


Link to post
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.