One way around this is to make the first page just a dummy that starts a
session then redirects to the real first page, with the session id passed on
the redirect URL.
Kirk
> -----Original Message-----
> From: Egan [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 21, 2001 10:56 AM
> To: [EMAIL PROTECTED]
> Subject: [PHP] chicken and egg problem with SID
>
>
> I have a multi page sequence of input forms tied to a session. It
> works perfectly with cookies. But I also want to make it work without
> cookies, using:
>
> php_value session.use_cookies 0
> php_value session.use_trans_sid 1
>
> in my .htaccess file, to use the SID support provided by PHP.
>
> When testing this, I see that the SID works with all pages except the
> first. But because the first page has no SID passed to it in the URL,
> the first instance of:
>
> session_start();
>
> creates a new session every time you refresh the first page with the
> browser. And that is the problem. I only want one session to be
> created, no matter how many times the user hits refresh on the first
> page.
>
> So then I tried setting the session id myself, hard coding it to some
> arbitrary value like:
>
> <?
> session_id('7777625d282694214b0459cebe287777');
> session_start();
> ?>
>
> and that solves the multiple session problem; only one session is
> created, no matter how many times you hit refresh on the first page.
>
> Yay!
>
> But that still leaves a chicken and egg problem to solve:
>
> I can generate some random value to be used for the session_id, but I
> can't think of a good way to store it for use on the first page.
>
> Since the first page does not get the SID in the URL, I need to set
> the session_id before calling session_start. But that means I don't
> have any session where I can store my random value, for recalling it
> later, on the next page refresh.
>
> Ack! I only need some simple way to store the SID value I generate,
> before the page is loaded a second time.
>
> I thought of using a CGI to dynamically generate all the PHP and HTML
> for page 1, and also have the CGI put a random session_id value right
> into the page source itself, just like I did when testing. I suppose
> that would work, but it seems like there should be an easier way.
>
> Maybe there is some obvious solution, but it is not obvious to me at
> the moment.
>
> Has anyone else solved this problem, with a better method?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
