How to differentiate multiple sessions?
jing_li
I am a newbee for php and I need your help. One of my coworker and I
are both developing a webpage for our project using php. We have a
copy of the same files in different location on the server (in our own
accounts on the same machine). When I am testing both versions of our
program using the same browser (IE on Windows or Konqueror on Linux)
the session variables will mix up and only the latest selection or
options will be displayed. If I go back and forth using the "Previous"
and "Next" buttons on our pages not only the variables from my pages
will change to the variables from his page, but also my page will jump
to his page as well. I am wondering if there is a way to specify where
to save the session variables on the local machine so later the users
can open multiple browsers to lead to different branches of our web
site without mixing session variables.
Thanks in advance,
Jing
Jeffrey Silverman
> Hi, you all,
<snip>
I am wondering if there is a way to specify where
> to save the session variables on the local machine so later the users
> can open multiple browsers to lead to different branches of our web
> site without mixing session variables.
>
> Thanks in advance,
>
> Jing
Suggestions:
1) Try using unique name spaces for your session variables. PHP doesn't
really support name spaces but you can fake it. For example, put all of
your session variables in an array an name that array $_JING_SESS and he
does the same and puts his in $_HISNAME_SESS. Then you get the values for
whatever by $_JING_SESS['whatever'] and he does likewise. You can facke
name spaces in other ways as well (but I can't think of 'em offhand).
2) Put the sessions in a database. I found a good tutorial for this here:
http://phpbuilder.com/columns/ying20000602.php3
I put sessions for each Web application I create in a completely
diffeerent database. That way there is no overlap.
3) Google a bit. This problem has been seen and solved by others. I
guarantee it.
later...
--
Jeffrey D. Silverman | jeffrey AT jhu DOT edu
Website | http://www.wse.jhu.edu/newtnotes/
Larry Jaques
<jef...@jhu.edu> brought forth from the murky depths:
>On Wed, 17 Dec 2003 12:25:30 -0800, jing_li wrote:
>
>> Hi, you all,
><snip>
>I am wondering if there is a way to specify where
>> to save the session variables on the local machine so later the users
>> can open multiple browsers to lead to different branches of our web
>> site without mixing session variables.
>>
>> Thanks in advance,
>>
>> Jing
>
>Suggestions:
>
>1) Try using unique name spaces for your session variables. PHP doesn't
>really support name spaces but you can fake it. For example, put all of
>your session variables in an array an name that array $_JING_SESS and he
>does the same and puts his in $_HISNAME_SESS. Then you get the values for
>whatever by $_JING_SESS['whatever'] and he does likewise. You can facke
>name spaces in other ways as well (but I can't think of 'em offhand).
Hmmm, interesting. I have a client who wants me to stack carts on a
page so her commercial clients can do all their shopping in one trip.
The ASP equivalent she wants me to clone in PHP is the business gift
style at http://www.godiva.com . You can get several items for one
client, then start another cart before checking out, later sending
batches of gifts to several people with different messages for each
batch. I wonder if they're doing something like you mention here,
but with different session names. (They have changed their setup and
cart flow since she and I first discussed it, and, checking again
tonight, I see that it is changed yet again.) The problem I see with
it is getting the cart page to grab all session data and blend it on
that and subsequent pages for checkout. Sessions are usually meant for
a single entity and follow through semi-linearly.
Yes, I know this is a sidestep from the OP's question but it appears
that handling might work in the same fashion.
(Remember this one, Rajesh?)
>2) Put the sessions in a database. I found a good tutorial for this here:
>http://phpbuilder.com/columns/ying20000602.php3
Has anyone else noticed that not a single one of their book links
works on the Linux Central site? After entering some titles into
the LC search box and coming up empty, LC obviously doesn't carry
_any_ of the books they refer to. Very strange. I wonder whose DB
they're tracking. <vbg> They don't ACK mail on it, either.
Hmm, he calls this a handler and uses it for multiple
>I put sessions for each Web application I create in a completely
>diffeerent database. That way there is no overlap.
Why use a database for session data, or are you merely catching
that as well as the "good stuff" such as order data?
>3) Google a bit. This problem has been seen and solved by others. I
>guarantee it.
Good idea. I (too) often forget how useful Google, et al, can be.
--
Remember: Every silver lining has a cloud.
----
http://diversify.com Comprehensive Website Development
R. Rajesh Jeba Anbiah
Your question is not clear to me. If you mean multiple sessions on
single browser session (ie, opening multiple browser windows from
single session usually by pressing Ctrl+N), that won't be possible
(IMHO). IMHO, Multiple sessions on multiple browser sessions are
possible (ie, opening different browser windows by running
iexplore.exe or clicking IE icons)---but only if you're not using
cookie based sessions 'coz it will pass the current session_id via a
request and will overwrite the current session cookie (PHPSESSID)
value. So, multiple sessions on multiple browser sessions are possible
only if the session_id is passed via GET or POST.
If I understand right, this is also true for custom session
handlers. So, no point in going for custom DB session handlers for
this issue.
--
"Show me a person who *really* hate Sadam, I'll show you a liar":-)
Email: rrjanbiah-at-Y!com
jing_li
> single browser session (ie, opening multiple browser windows from
> single session usually by pressing Ctrl+N), that won't be possible
> (IMHO). IMHO, Multiple sessions on multiple browser sessions are
> possible (ie, opening different browser windows by running
> iexplore.exe or clicking IE icons)---but only if you're not using
> cookie based sessions 'coz it will pass the current session_id via a
> request and will overwrite the current session cookie (PHPSESSID)
> value. So, multiple sessions on multiple browser sessions are possible
> only if the session_id is passed via GET or POST.
>
wiht URL:
http://calvin.vbi.vt.edu/DOME/step.php
For different selection from each page I wish to able to lead users to
differnt path for data selecting so they do not have to return to
previous pages to change selection. This site is in its infant stage
when I noticed the problem so I want to know if there is a solution
for this or I should use other stratagies (DB session?) to get things
right.
> If I understand right, this is also true for custom session
> handlers. So, no point in going for custom DB session handlers for
> this issue.
wiht URL:
http://calvin.vbi.vt.edu/DOME/step.php
For different selection from each page I wish to able to lead users to
differnt path for data selecting so they do not have to return to
previous pages to change selection. This site is in its infant stage
when I noticed the problem so I want to know if there is a solution
for this or I should use other stratagies (DB session?) to get things
right.
> If I understand right, this is also true for custom session
> handlers. So, no point in going for custom DB session handlers for
> this issue.
Forgive me for my ignorance but this is my first php application.
Thanks for your kind help,
Jing
> If I understand right, this is also true for custom session
> handlers. So, no point in going for custom DB session handlers for
> this issue.
Can you elaberate this a little more? I will goolge on it later.
Forgive me for my ignorance but this is my first php application.
Jeffrey Silverman
> Why use a database for session data, or are you merely catching
> that as well as the "good stuff" such as order data?
2 reasons for me:
1) It is easy to look up session data manually because I know where it is
SELECT * FROM sessions;
I can also manually delete sessions more easily and thus "log people out"
in essence:
DELETE FROM sessions;
During development, easy manual access to session data is quite useful.
2) It is easier for me to create separate sessions for multiple
applications by putting the sessions for different apps in different
databases.
3) It doesn't clutter up my temp directories.
allright, three reasons. I didn't expect the Spanish Inquisition.
Jeffrey Silverman
> I mean open IE twice by click on the icon twice. Start both browsers
> wiht URL:
> http://calvin.vbi.vt.edu/DOME/step.php
> For different selection from each page I wish to able to lead users to
> differnt path for data selecting so they do not have to return to
> previous pages to change selection. This site is in its infant stage
> when I noticed the problem so I want to know if there is a solution
> for this or I should use other stratagies (DB session?) to get things
> right.
>> If I understand right, this is also true for custom session
>> handlers. So, no point in going for custom DB session handlers for
>> this issue.
> Can you elaberate this a little more? I will goolge on it later.
> Forgive me for my ignorance but this is my first php application.
>
> Thanks for your kind help,
I'm fairly certain that both IE Windows are using the same "session". PHP
creates a unique session ID by using the current browser instance and
creating a unique ID -- not sure exactly how. But I'm pretty sure that
opening more than one window of IE (or any browser) -- no matter how you
open the window -- will all share the same session id.
You need to separate the data somehow.
Either use the custom session handler functions built into PHP or put the
data in unique piles, such as uniquely-named arrays.
Also, communication with your colleague is important. Make sure you are
not both using the same names for variables. People often don't mention
the human aspect of programming -- it is very important!
Also, you look like you have not really sketched out a plan. Create a plan
for your application! Decide how it will work before you create any code!
I cannot emphasize this enough.
later...
Larry Jaques
<jef...@jhu.edu> brought forth from the murky depths:
>On Thu, 18 Dec 2003 03:15:53 +0000, Larry Jaques wrote:
>
>> Why use a database for session data, or are you merely catching
>> that as well as the "good stuff" such as order data?
>
>2 reasons for me:
>
>1) It is easy to look up session data manually because I know where it is
>
>SELECT * FROM sessions;
I guess I'm still wondering why you need to track sessions.
I use sessions to keep tracked order data live while the client
is online, then store the data and dump the session.
>I can also manually delete sessions more easily and thus "log people out"
>in essence:
Ah, that makes sense.
>DELETE FROM sessions;
That'll certainly do it. <g>
>During development, easy manual access to session data is quite useful.
>
>2) It is easier for me to create separate sessions for multiple
>applications by putting the sessions for different apps in different
>databases.
OK, grok that, too. You appear to have a busy server.
>3) It doesn't clutter up my temp directories.
>
>allright, three reasons. I didn't expect the Spanish Inquisition.
OK. Please keep the pin in the Holy Hand Grenade for now.
==========================================================
Save the + http://www.diversify.com
Endangered SKEETS! + Web Application Programming
==========================================================
R. Rajesh Jeba Anbiah
> On Thu, 18 Dec 2003 07:00:28 -0800, jing_li wrote:
> I'm fairly certain that both IE Windows are using the same "session". PHP
> creates a unique session ID by using the current browser instance and
> creating a unique ID -- not sure exactly how. But I'm pretty sure that
> opening more than one window of IE (or any browser) -- no matter how you
> open the window -- will all share the same session id.
AFAIK,
1. "Same" session_id for multiple browser session (clicking IE
icons) is possible only if you use persistent session
Usually with the configuration:
session.use_cookies = 1
session.cookie_lifetime = 100; a non-zero value
In this case, even if you restart the browser, it will resume
the session as the session_id will be available in cookie.
2. Multiple session_id for multiple browser session is possible in
(a) non-persistent cookie based sessions
session.use_cookies = 1
session.cookie_lifetime = 0 ;note the zero
(b) trans sid based sessions in which session is resumed via
GET
session.use_cookies = 0
session.use_trans_sid = 1
I hope 2(b) will solve the OP's problem as the following things are
possible in different browser windows:
- http://www.foo.com/foo.php?PHPSESSID=xxxxxxxxxxxxxxxx -
First session
- http://www.foo.com/foo.php?PHPSESSID=yyyyyyyyyyyyyyyy -
Second session
- and so on. And thus no overlap of session vars.
> You need to separate the data somehow.
>
> Either use the custom session handler functions built into PHP or put the
> data in unique piles, such as uniquely-named arrays.
>
> Also, communication with your colleague is important. Make sure you are
> not both using the same names for variables. People often don't mention
> the human aspect of programming -- it is very important!
I'm totally confused here. Could you explain how the custom
session will help the OP? and why are you suggesting unique variables
if custom session could solve this issue? Do you have any codes or
related experience to demonstrate this one? I hope, you'll clarify it.
> Also, you look like you have not really sketched out a plan. Create a plan
> for your application! Decide how it will work before you create any code!
> I cannot emphasize this enough.
Yes, very correct. The OP should at least try some test code.
--
"Success = 10% sweat + 90% tears"
Email: rrjanbiah-at-Y!com
R. Rajesh Jeba Anbiah
> > Your question is not clear to me. If you mean multiple sessions on
> > single browser session (ie, opening multiple browser windows from
> > single session usually by pressing Ctrl+N), that won't be possible
> > (IMHO). IMHO, Multiple sessions on multiple browser sessions are
> > possible (ie, opening different browser windows by running
> > iexplore.exe or clicking IE icons)---but only if you're not using
> > cookie based sessions 'coz it will pass the current session_id via a
> > request and will overwrite the current session cookie (PHPSESSID)
> > value. So, multiple sessions on multiple browser sessions are possible
> > only if the session_id is passed via GET or POST.
> I mean open IE twice by click on the icon twice. Start both browsers
> wiht URL:
> http://calvin.vbi.vt.edu/DOME/step.php
> For different selection from each page I wish to able to lead users to
> differnt path for data selecting so they do not have to return to
> previous pages to change selection. This site is in its infant stage
> when I noticed the problem so I want to know if there is a solution
> for this or I should use other stratagies (DB session?) to get things
> right.
Jeffrey Silverman has given good reasons for custom sessions using
DB. As he said we can have good command over the sessions. We can even
emulate the gc. But, I don't think it will solve this mutliple
sessions problem...
> > If I understand right, this is also true for custom session
> > handlers. So, no point in going for custom DB session handlers for
> > this issue.
> Can you elaberate this a little more?
session_start() creates a session or
resumes the current one based on the
current session id that's being passed
via a request, such as GET, POST, or a
cookie. -- http://in.php.net/session_start
In short,
1. If you call session_start(), PHP looks COOKIE, GET & POST to find
existing session_id (PHPSESSID)
2. If (PHPSESSID is found)
then resume the current session
else
{
//create a new session
if (custom session handler)
create custom session (that can be DB or else)
else
create default session (which is creating a new file
on server (to store data) usually /tmp/sess_xxxxxxxxxxxxxxx where
xxxxxxxxxx is the session_id
}
> I will goolge on it later.
> Forgive me for my ignorance but this is my first php application.
You first take some book, learn good tutorials and of course Google
and then come here with your doubts. But I would say your question is
really good.
Jeffrey Silverman
> I'm totally confused here. Could you explain how the custom
> session will help the OP? and why are you suggesting unique variables
> if custom session could solve this issue? Do you have any codes or
> related experience to demonstrate this one? I hope, you'll clarify it.
Well, in my experience, I used the custom session handlers to put session
data in a database. I put all this in a single include file. I then
configure the handlers for a particular application to put the data in a
different database for each application.
I will post my sample code, documentation, and explanation to my website
but it will have to be in a few hours becuase I have a holiday luncheon to
go to :)
Jeffrey Silverman
> I guess I'm still wondering why you need to track sessions.
> I use sessions to keep tracked order data live while the client
> is online, then store the data and dump the session.
Mostly I only look at session data in the database during the development
phase. But truthfully, doing "print_r($_SESSION)" is often more useful
for debugging.
My primary reasons for putting the sessions in a DB are orderliness and
separation of applicaiton data.
Larry Jaques
<jef...@jhu.edu> brought forth from the murky depths:
>Mostly I only look at session data in the database during the development
Yes, to make sure it comes through, etc.
>phase. But truthfully, doing "print_r($_SESSION)" is often more useful
>for debugging.
Right, that or var dumps for a quick view.
>My primary reasons for putting the sessions in a DB are orderliness and
>separation of applicaiton data.
Ah, so you're a TM School of Thought follower? I may end
up there once I get a few more proggies under my belt.
R. Rajesh Jeba Anbiah
> On Thu, 18 Dec 2003 22:09:58 -0800, R. Rajesh Jeba Anbiah wrote:
>
> > I'm totally confused here. Could you explain how the custom
> > session will help the OP? and why are you suggesting unique variables
> > if custom session could solve this issue? Do you have any codes or
> > related experience to demonstrate this one? I hope, you'll clarify it.
>
> Well, in my experience, I used the custom session handlers to put session
> data in a database. I put all this in a single include file. I then
> configure the handlers for a particular application to put the data in a
> different database for each application.
- www.foo.com/project1/ Session for this project will be stored in
the database db1
- www.foo.com/project2/ Session for this project will be stored in
the database db2
- and so on. This is to avoid "clustering". I know this one as I
have done this. But,the question was how the custom (DB) session will
help the OP so that he can open multiple browser windows without any
session overlap? Also, why you have suggested the unique session
variables if custom session could solve such multiple sessions?
--
http://www.wikipedia.org/wiki/P.A.Sangma - Yet-another Mahatma
Email: rrjanbiah-at-Y!com