Jump to content

session_id() problem with tabbed browsing


pee_aych_pee

Recommended Posts

To many of the seasoned PHP professionals who frequent this forum, this is probably a no-brainer.

 

I have visited many forums, and combed through the phpfreaks.com pages to find an answer, and haven't found one.

 

My application has multiple "views", each of which can be set by a simple login. If a user logs in and selects a view, and then subsequently opens a new tab in his browser, and logs in to the same application with a different view, the last login hijacks the first.

 

The unfortunate result is session information bleeding through into both browser tab instances, since they apparently are sharing the same session.

 

I have read that tabbed browsers, such as MSIE7, Firefox, Opera, etc. clone the page, rather instantiating a new one. The application works fine if a new browser window is opened before attempting to log in a second time.

 

<?php
session_start();
$view = $_SESSION['view'];
// DATABASE STUFF BELOW
?>

 

I attempted creating separate session_id's:

 

<?php
$unique_view_name = $_GET['unique_view_name'];
session_id($unique_view_name);
session_start();
$view = $_SESSION['view'];
// DATABASE STUFF BELOW
?>

 

...which works fine, but the application is enormous and full of legacy code which would need to be reworked to send a $_GET variable to inidicate which view is being used.

 

Is there a way to pull out this view name once, and use it to load the session_id() for all pages during the session?

 

Setting a session variable won't work before session_start(), and this is precisely where it needs to be set - and handed off to session_id().

 

I know using the $_GET superglobal is the defacto method for doing this, but it's inefficient to append every link and form action in my app with it. Besides, doing this would require finding a method of preserving the unique_view_name on concurrent pages without using a session variable.

 

I'm sure there is no easy answer.

 

Suggestions are appreciated.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.