- So, you've made a great mod and it works fine. You release it and someone comes back saying "When I clicked on the xyz link it logged me out... why did this happen?" - and there's a simple answer.
- When you click on a link to another page in phpBB, it needs to keep track of who you are, whether you're logged in, etc. It does this this using sessions, each user has a unique session id (SID). This is then sent back to the user usually to be stored as a cookie.
- The append_sid() function works wonders with the session ID and makes sure that those users unfortunate enough to not have working cookies (yes, it has happened to me... Sad ) can still stay logged in. Instead of storing a cookie, it adds the session ID as a GET variable with an url (ie xyz.php?sid=c0b8c3bd254eb8258176d7cfb94dcb9f). Without this, phpBB does a security check and logs you out.
By always making sure that you do this:- Code: Select all
'U_XYZ' => append_sid("xyz.$phpEx"),
instead of- Code: Select all
'U_XYZ' => "xyz.$phpEx",
you make sure that everyone is going to be able to use your mod. - You may be asking "Well, what if I have to use a url like xyz.php?foobar=nada?"... no problem! append_sid() will automatically recognise the '?' character and append '&sid=c0b8c3bd254eb8258176d7cfb94dcb9f' instead of '?sid=c0b8c3bd254eb8258176d7cfb94dcb9f'. Pretty clever, hey?
- Another question you may ask is "What if I need to use it in a form?"... append_sid() is used on ALL URLS. No exceptions. I cannot stress that enough.
- So that's the basics. Make sure you always use append_sid() and you'll be safe. (and you'll have one less bug to fix)
- The append_sid() function works wonders with the session ID and makes sure that those users unfortunate enough to not have working cookies (yes, it has happened to me... Sad ) can still stay logged in. Instead of storing a cookie, it adds the session ID as a GET variable with an url (ie xyz.php?sid=c0b8c3bd254eb8258176d7cfb94dcb9f). Without this, phpBB does a security check and logs you out.
Knowledge Base
Sessions and SIDs (append_sid)
Article ID: 35
Written By: sj26
Written On: Tue May 01, 2007 7:23 am
Description: This article deals with the often misused append_sid() function.
Article ID: 35
Written By: sj26
Written On: Tue May 01, 2007 7:23 am
Description: This article deals with the often misused append_sid() function.
- Link to this article: Select All
[url=http://www.phpbb.com/kb/article/sessions-and-sids-append-sid/]Knowledge Base - Sessions and SIDs (append_sid)[/url]
Overview