I have a multi page sequence of input forms tied to a session. It
works perfectly with cookies. But I also want to make it work without
cookies, using:
php_value session.use_cookies 0
php_value session.use_trans_sid 1
in my .htaccess file, to use the SID support provided by PHP.
When testing this, I see that the SID works with all pages except the
first. But because the first page has no SID passed to it in the URL,
the first instance of:
session_start();
creates a new session every time you refresh the first page with the
browser. And that is the problem. I only want one session to be
created, no matter how many times the user hits refresh on the first
page.
So then I tried setting the session id myself, hard coding it to some
arbitrary value like:
<?
session_id('7777625d282694214b0459cebe287777');
session_start();
?>
and that solves the multiple session problem; only one session is
created, no matter how many times you hit refresh on the first page.
Yay!
But that still leaves a chicken and egg problem to solve:
I can generate some random value to be used for the session_id, but I
can't think of a good way to store it for use on the first page.
Since the first page does not get the SID in the URL, I need to set
the session_id before calling session_start. But that means I don't
have any session where I can store my random value, for recalling it
later, on the next page refresh.
Ack! I only need some simple way to store the SID value I generate,
before the page is loaded a second time.
I thought of using a CGI to dynamically generate all the PHP and HTML
for page 1, and also have the CGI put a random session_id value right
into the page source itself, just like I did when testing. I suppose
that would work, but it seems like there should be an easier way.
Maybe there is some obvious solution, but it is not obvious to me at
the moment.
Has anyone else solved this problem, with a better method?
Egan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
