Share session between 2 websites: a legacy PHP and a Kohana 3.1 site_问答_开发者

I have 2 php websites in the same machine. The first site (a legacy system) has a basic auth: checks if is set $_SESSION['user_id']. I'm working in the second site (a Kohana 3.1 based) that will extends the funcionalities of the first one. Both sites will link each other, so I need to share the session between those systems. Both sites use the same Database. Users will login in the first site. In my site I have a code that detects the $_SESSION['user_id'] of the first one, but I'm having problems retaining the session with the Kohana-Auth module.

The first site (the legacy one) checks the session like this:

<?php
session_start();
if(empty($_SESSION['user_id']))header("Location: index.php?action=3");
... //more dark code

this is in all php files... a lot of files.

In my Kohana site I have a controller that before any action checks the session.

<?php

class My_Controller extends Controller_Template {

    public function before() {
        session_start();
        $this->auth = Auth::instance();
        if ($this->auth->logged_in()) {
            //I have session in the second site... Do I have a session on the first one?

            if (!isset($_SESSION['user_id']) || $_SESSION['user_id'] == "") {
                //I have no session in the first site... I logout the user in my site
                $controller = Request::current()->controller();
                if ($controller != 'auth') {
                    Request::current()->redirect('auth/logout');
                }
            }
            $this->user = ORM::factory('user', $this->auth->get_user()->id);
        } else {
            //I have no session in the second site... Do I have a session on the first one?
            $user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null;
            if (isset($user_id)) {
                $user = Model_User::get_user($user_id);
      开发者_如何学编程          if ($user->loaded()) {
                    //I have session in the first site... I login the user in my site
                    $this->auth->force_login($user);
                    $this->user = ORM::factory('user', $this->auth->get_user()->id);
                }
            }
            if (!$this->auth->logged_in()) {
                //I still have no session => redirect to login of the first site
                //Request::current()->redirect(...);
                echo Debug::vars("BUUUU");
            }
        }
    }

}

This code is near to work: I can go from one site to the other and the user is detected... but I realised that when the user navegates between the differents actions inside my Kohana site, the "logins" couter of the Users table increases. That means that before any action the "$this->auth->logged_in()" is FALSE... and this means that the Auth module do not retains my user between actions and do the force-login every time.

I don't know what can I do.

I want detect the session form the first site, but I don't want to login this user in every click.

I found the answer!! In Kohana 3.1, the Kohana_Session class has a default value of the cookie.

/**
 * @var  string  cookie name
 */
protected $_name = 'session';

That value didn't match with the default name of the PHP session: "PHPSESSID".

And that value is modified by creating a config file called "session.php" in the config directory. So I created a config/session.php like this:

<?php defined('SYSPATH') or die('No direct script access.');

return array(
    'native' => array(
        'name' => 'PHPSESSID',
    )
);

And my final controller was something like this:

<?php

class My_Controller extends Controller_Template {

    public function before() {
        $this->auth = Auth::instance();
        if ($this->auth->logged_in()) {
            //I have session in the second site... Do I have a session on the first one?

            $user_id = Session::instance()->get('user_id');

            if (!isset($user_id) || $user_id == "") {
                //I have no session in the first site... I logout the user in my site
                $controller = Request::current()->controller();
                if ($controller != 'auth') {
                    Request::current()->redirect('auth/logout');
                }
            }
            $this->user = ORM::factory('user', $this->auth->get_user()->id);
        } else {
            //I have no session in the second site... Do I have a session on the first one?

            $user_id = Session::instance()->get('user_id');

            if (isset($user_id) && $user_id != "") {
                $user = Model_User::get_user($user_id);
                if ($user->loaded()) {
                    //I have session in the first site... I login the user in my site
                    $this->auth->force_login($user);
                    $this->user = ORM::factory('user', $this->auth->get_user()->id);
                }
            }
            if (!$this->auth->logged_in()) {
                //I still have no session => redirect to login of the first site
                //Request::current()->redirect(...);
                echo Debug::vars("BUUUU");
            }
        }
    }

}

that's all...