Jump to content
Larry Ullman's Book Forums

Session Id Shared Amongest Different Websites (Ch15 And Ch16)


Recommended Posts

Hello all,

 

I have found this forum a fantastic compliment to a very good book. Both have helped me numerous times to find solutions as I have learnt more about PHP and MYSQL. Alas, there is one question I cannot find help on...

 

I am in the middle of Chapter 16. After completing index.php in script # 16.5 I came across a problem whereby my browser is still recognising the session_id from the forum website built in Chapter 15 and as a result my code encounters an error when trying to execute the following code in the footer.html (script # 16.2):

 

// Add links if the user is an administrator:

if ($_SESSION['user_level'] == 1) {

  echo '<a href="view_users.php" title="View All Users">View All Users</a><br />

           <a href="#">Some Admin Page</a>';

}

 

 

Please correct me if I am wrong, but I believe this is because I had not closed the browser after finishing chapter 15 so the browser still had a session_id() saved in the PHPSESSID cookie. Therefore, session_start() was not executed when the header.html (script # 16.1) was called from index.php (script # 16.5). I was able to quickly resolve this without closing the browser by running a page with $_SESSION = array(); which deleted the previous saved session. I know there is a more thorough way to remove all trace of a previous saved session in the "Tips" section on page 356. Below is a snippet of the error code returned in my browser before I made the fix, as you can see the _SESSION array is returning the session variables stored from running index.php in Chapter 15.

 

Error code:

[_SESSION] => Array
(
   [user_id] => 1
   [user_tz] => America/New_York
   [lid] => 1
)

 

Regardless, for me it raised a more important question that is: Because session_start() works by creating a session file on the server should you only load one website on one server at one time? Or can you run multiple websites on one server at the same time? If so, do any of you know how to get round the issue of your different websites using the same session data? So that in theory I could run the website created in Chapter 15 at the same time as Chapter 16 but not have any conflict between their session data?

 

Any pointers or advice would be greatly appreciated.

 

Kind regards

Pejowh

Link to comment
Share on other sites

Thanks for the nice words! I appreciate it.

 

As for the problem, your explanation is close but not quite. session_start() is being called all the time. And just closing the browser doesn't terminate the session. 

 

You can definitely run multiple sites on one server. The session IDs are stored in cookies by default, and each cookie can only be associated with one website. So you're seeing this because both the forum and Ch 16 are running on localhost, so the session ID is being shared.

Link to comment
Share on other sites

 Share

×
×
  • Create New...