I have an API where I am passing the session id back and forth between calls. I set up the session like so:
// start API session
session_name('apikey');
session_id($data['apikey']); // required to link session
session_start();
Although I named my session and am passing the session id via GET and POST using the name, PHP does not automatically resume that session. It always creates a new one unless I set the explicitly set the session id.
I found some old user comments on www.php.net that said unless the session id is the first parameter PHP won't set it automatically. This seems odd, but even when I call tried it still didn't work: rest_services.php?apikey=sdr6d3subaofcav53cpf71j4v3&q=testing
I have used PHP for years, but am a little confused on why I needed to explicitly set the session with session_id()
when I am naming 开发者_StackOverflowthe session and passing it's key accordingly.
UPDATE
It seems I wasn't clear. My question is why is setting the session ID with session_id()
required when I am passing the id, using the session name apikey
, via $_GET
or $_POST
. Theoretically this is no different than PHP's SID
when cookies are disabled. But for me it doesn't work unless I explicitly set the session ID. Why?
It's because newer versions of PHP has a default value of 1 for session.use_only_cookies
which must be set to '0' in order to let PHP get the session ID from $_GET
and $_POST
.
You have to start the session first.
I find session_name()
to be more appropriate. Mucking around with the ID can be problematic.
精彩评论