Re: Manually setting session ids

I am writing some server to server software that needs to maintain state.

When I say server to server I mean that the client is not a browser, it
is another PHP server (as if that wasn't obvious).

But for the purpose of this connection, it's another client.

The obvious way to do this is to use the session ID. The problem is, how
to first of all generate a session ID and then send back a session ID to
reload a session.

CURL permits things such as getting the session cookie returned
from a request, saving it, and re-sending it on subsequent requests
in the same session.

The session ID is set by the server acting as a server in this situation.
It is up to the client to get the returned session ID, *NOT CHANGE IT*,
and re-use it when necessary. If you need to save the session cookie
across a PHP page in the client, use a database.

Don't confuse the session ID for server-to-server vs. the session
ID for the PHP page browser-to-server. They are two different
session IDs.

Perhaps my understanding of sessions is too limited, but I can't see the
wood for the trees at the moment. Maybe it's obvious and I can't see it.

This is the server (pseudocode). Forget the transport mechanism, imagine
that any function can be called remotely.

That's a strange assumption.


<?php
session_start();

function GetSessionID()
{
return session_id();
}

function SetSessionID($session_id)
{
session_id($session_id);
}

function SetVar($var, $val)
{
$_SESSION[$var] = $val;
}

function GetVar($var)
{
return $_SESSION[$var];
}

?>

now, on the client side, the idea is to do something like this

$sid = $client->GetSessionId();
$client->SetSessionId($sid);
$client->SetVar('foo', 'bar');
echo $client->GetVar('foo'); //returns 'bar'

The problem seems to be that session_start on the server side is called
at the top of the script, and there is no way to change the session_id
midstream.

Even if I could change the session_id, would I get back the data I had
already set?

Does anyone have any thoughts. I'm going mad.



.

Relevant Pages

  • Re: HELP: send binary replies back and forth ???
    ... a client, not a server. ... simple php function to set the timeout), ... Issues in writing php server are: ... >> and communication then goes back and forth between the server and client ...
    (comp.lang.php)
  • Re: SSL/TLS & renegotiation and Internet Explorer
    ... When IE closes the connection with the server and prompts the user to choose ... recovery logic the SSL session is discarded. ... If the user only has one suitable client certificate, ...
    (microsoft.public.security)
  • Re: RDP Printing by station
    ... flagged as non-printing stations can not print for ANY users. ... multiple NIC's on the terminal server. ... I'd then just have to ensure that the client stations that are ... session is limited to NIC # 1. ...
    (microsoft.public.windows.terminal_services)
  • Re: How do we get there from here?
    ... >> executing on the server as a pre-processor. ... If there are client side versions of PHP, ... > name implies a static text file, is it different from a PHP script? ...
    (comp.databases.pick)
  • SSL and IPS (was RE: ssh and ids)
    ... How many simultaneous SSL sessions can be tracked?" ... I assume you're talking about a case in which the client constantly ... If you walk the possible session id space and ... The server chooses the session ID, ...
    (Focus-IDS)