开发者

PHP Sessions and Passing Session ID

开发者 https://www.devze.com 2023-01-14 20:04 出处:网络
I have an API where I am passing the session id back and forth between calls. I set up the session like so:

I have an API where I am passing the session id back and forth between calls. I set up the session like so:

// start API session
session_name('apikey');
session_id($data['apikey']); // required to link session
session_start();

Although I named my session and am passing the session id via GET and POST using the name, PHP does not automatically resume that session. It always creates a new one unless I set the explicitly set the session id.

I found some old user comments on www.php.net that said unless the session id is the first parameter PHP won't set it automatically. This seems odd, but even when I call tried it still didn't work: rest_services.php?apikey=sdr6d3subaofcav53cpf71j4v3&q=testing

I have used PHP for years, but am a little confused on why I needed to explicitly set the session with session_id() when I am naming 开发者_StackOverflowthe session and passing it's key accordingly.

UPDATE

It seems I wasn't clear. My question is why is setting the session ID with session_id() required when I am passing the id, using the session name apikey, via $_GET or $_POST. Theoretically this is no different than PHP's SID when cookies are disabled. But for me it doesn't work unless I explicitly set the session ID. Why?


It's because newer versions of PHP has a default value of 1 for session.use_only_cookies which must be set to '0' in order to let PHP get the session ID from $_GET and $_POST.


You have to start the session first.


I find session_name() to be more appropriate. Mucking around with the ID can be problematic.

0

精彩评论

暂无评论...
验证码 换一张
取 消