Page 1 of 1

Oh no not another Sessions question

Posted: Thu Dec 01, 2005 7:13 pm
by PeteMan
OK I've read lots of the 'sessions' posts and KB's.....

http://www.phpbb.com/kb/article.php?article_id=58
http://www.phpbb.com/kb/article.php?article_id=143

.....but I'm still struggling. When I code

Code: Select all

<?
define('IN_PHPBB', true); 
$phpbb_root_path = '..'.$phpbb_path;
include($phpbb_root_path.'extension.inc'); 
include($phpbb_root_path.'common.'.$phpEx); 

// Start session management 

$userdata = session_pagestart($user_ip, PAGE_PROFILE); 
init_userprefs($userdata); 

// End session management 

echo append_sid("xxx.php");
?>
I expect to see a session id displayed. but I don't. This is driving me crazy, can someone help?

Thanks, Pete

Posted: Thu Dec 01, 2005 8:12 pm
by agent00shoe
Session IDs are only attached to links when cookies are disabled.

Posted: Thu Dec 01, 2005 9:06 pm
by PeteMan
OK from what I understand there has been some new code in 2.0.18 that requires a session_id on logout. Otherwise you get an invalid_session error. I am trying to emulate this in my script and therefore included the append_session() command. However it nos seems that append_session only works whn cookies are disabled.

Note that when I hover over the "Log out [ Pete Man ]" on this page I can see a session id and my cookies are enabled.

So if I can't use append_session() how else should I get the session id so that I can perform a good logout from outside of phpBB.

Hope this made sense!

Pete

Posted: Thu Dec 01, 2005 9:25 pm
by PeteMan
Ahhh......

in page_header.php there lies the following code.....

Code: Select all

$u_login_logout = 'login.'.$phpEx.'?logout=true&sid=' . $userdata['session_id'];
AND

Code: Select all

'U_LOGIN_LOGOUT' => append_sid($u_login_logout),
So does this mean that the session id is there twice when cookies are off?

Posted: Thu Dec 01, 2005 10:51 pm
by agent00shoe
PeteMan wrote: Ahhh......

in page_header.php there lies the following code.....

Code: Select all

$u_login_logout = 'login.'.$phpEx.'?logout=true&sid=' . $userdata['session_id'];
AND

Code: Select all

'U_LOGIN_LOGOUT' => append_sid($u_login_logout),
So does this mean that the session id is there twice when cookies are off?

Nope, append_sid() is only used once there. :D

edit**
I'm not too familiar with the new sessions system for .18. I just happen to use phpBB's session handling for a couple websites so I knew those answers from experience. I'd like to know about the SID in the logout link, too.

Posted: Thu Dec 01, 2005 10:55 pm
by PeteMan
Look at the first snippet, the session_id is added in there

Code: Select all

.....( $userdata['session_id']; ).....
Pete

Posted: Thu Dec 01, 2005 11:01 pm
by MHobbit
Take a look at this.

Posted: Thu Dec 01, 2005 11:50 pm
by Josh18657

Code: Select all

echo $userdata['session_id'];
This shows the session id on the script I'm working on but I still can't get what I'm trying to do to work correctly.

Josh

Posted: Fri Dec 02, 2005 12:18 am
by Josh18657
My script now works with a log out button.

http://www.phpbb.com/phpBB/viewtopic.php?t=345596

Posted: Fri Dec 02, 2005 7:44 am
by PeteMan
MennoniteHobbit wrote: Take a look at this.

Already did, see the first line of this topic. With respect I don't think it helps though as you now need to use "$userdata['session_id'];" in the logout link.

Pete

Posted: Fri Dec 02, 2005 7:45 am
by PeteMan
Josh18657 wrote: My script now works with a log out button.

http://www.phpbb.com/phpBB/viewtopic.php?t=345596

Great minds think alike, my script now works by using "$userdata['session_id'];" in the logout.
Pete

Posted: Fri Dec 02, 2005 8:32 pm
by MHobbit
PeteMan wrote: Already did, see the first line of this topic. With respect I don't think it helps though as you now need to use "$userdata['session_id'];" in the logout link.

Pete


If the SID is already there, append_sid() won't (or shouldn't) append another SID.

Posted: Fri Dec 02, 2005 9:33 pm
by Hater
MennoniteHobbit wrote:
PeteMan wrote:Already did, see the first line of this topic. With respect I don't think it helps though as you now need to use "$userdata['session_id'];" in the logout link.

Pete


If the SID is already there, append_sid() won't (or shouldn't) append another SID.

This is true, hence why directly using the $user_data variable is necessary. As far as I remember, this has always been this way?