Urgent: How to retrieve ASP session variables in PHP?

forzagrifo

I'm doing this project at work and I need to ask you experts for help. We have a Web app that is written in ASP, and I've just created a PHP app which adds functionalities to the exisitng system. Problem is I need to use the session variables from that ASP app in the PHP pages. How can I make them available in my PHP pages? I do not want to simply pass the variables in the URL because it would be a huge security hole. Storing the ASP session info in a database is also not an ideal solution for me. Can somebody give me some pointers?

arelgee

I am certainly no expert but I will be watching to see what answers you get. You are trying to combine two items, one (php) designed to work with all systems and hardware and the other (ASP) designed specifically NOT to work with Non-Microsoft products. There is some support for ASP but very spotty. Microsoft will not divulge their secrets and will be (I believe) left out of the new world order as far as computer software is concerned.
By your post, you are saying your company has decided not to go with ASP (Microsoft) for this new project. I think that is a smart move, but you have already run into complications.
Just my opionion
arelgee

forzagrifo

Thank you for the reply. The reason that my company decided to go with PHP for this project is that I'm more familiar with PHP than ASP, and this project needs to get done fast so I wouldn't have enough time to mess things around if I were to do it in ASP.

Anyway I've spoken to the ASP dev and he said he could pass a cookie to the PHP pages so that I can access the ASP session variables. I'm crossing my fingers and hope that it's going to work.

Rex__

I believe that both ASP and PHP session variables are stored in cookies. Why don't you just access the cookies set with your ASP session? There are a few problems with this method. One is that you can only access a cookie from the domain that the cookie is set in.

You can do a quick check for what cookies names and values were set for a domain in your ASP scripts by calling the phpinfo function in PHP from a script in that domain, ie. if the file viewcookies.php had the phpinfo function in it in the url http://www.mysite.com/dir1/viewcookies.php , it will show all the cookies set in http://www.mysite.com/dir1/

forzagrifo

ASP (and I think PHP as well) can alternatively store session in memory. The ASP dev who wrote the ASP script used memory to store the session. But I've already spoken to him and he will create a cookie for me to use with my PHP pages.

btw, I can't see the cookie variables with phpinfo(). Which heading do they appear under?

Rex__

Look in the html table called "Environment" for "HTTP_COOKIE". It will show a list of the cookies set for the domain that the script is running in.

If you don't see any cookies set with your ASP scripts then

It's possible that you are calling the script from outside the domain.
The cookies may have expired
the PHP session.cookie_path or session.cookie_domain settings aren't set properly
You may not have called the page again (cookies are only set when the page that sets it unloads. leave the page then go back to see if the cookie is set)

Of course, all variables can be stored in memory, but exchanging data held in volatile memory on a server between ASP and PHP scripts is something you likely won't want to try.

Try making these 2 scripts (one is asp and one is php) and putting them in the same directory then running the cookietest.asp file first through your browser.

Code for cookietest.asp :

<html>
<form action=cookietest.asp method=get>
Your name: <input type=text name=n value=<%=Request("myname")%>> <input type=submit>
</form>
<%
if Request("myname") <> "" then
Session("myname") = Request("myname")
%>
This ASP script now set a cookie. Click <a href=cookietest.php>here</a> to test the cookie in php
<%
end if
%>
</html>

Code for cookietest.php :

As a last resort, remember that you can pass all info that isn't too private or too long in URL query strings. cheers 🙂

forzagrifo

Rex, thanks for the advice. I'm now able to read from a cookie and all is well.