Interesting? Cookie/Session question.

foamy

We have an application that sets a cookie and session in a subdirectory
/main/sub/

I would like to access the $_SESSION variables from
/main/sub/
in /main/

print_r($SESSION); from pages in /main obviously shows nothing
print_r($SESSION); from pages in /main/sub shows the array

What are some ways to get at the subdirectory vars?

Read the cookie from /main/sub ?

Set a global with the vars I need from the /main/sub $_SESSION[]

Set the path of the cookie in /main/sub to /main ? Viewing the cookie file show the path of the session to be /main/sub

Thanks for any ideas or help.

dagon

if you use '/' for the path in setcookie it will be readable in the whole domain

bradgrafelman

The default value for session.cookie_path is '/', so this should work...

Nevertheless, if it's not setting it to a path of '/', you can try using [man]session_set_cookie_params/man to explicitly define it (before you call [man]session_start/man in every script).

Alternatively, if PHP is installed as a Apache module, you can try using an .htaccess file to set the session.cookie_path directive.

foamy

Thanks to you both.

I have found the code that set the cookie (function shop_session_id) and gotten the path to be '/', but as is always the case uncovered a new problem. The application now doesn't know that the cookie has been set even though it is set in both the cookies file and in the database.

If the cookie is set to '/' this function is triggered, but if it is set at /sub it is not.

if (!document.cookie || document.cookie == '') alert('Please enable Cookies in your web browser preferences.');

Here's part of the class that does the cookie work. I can't figure out why it thinks the path must be /sub

class db_sessions {

function db_sessions($db_session_name = 'sessIDs') {

	ini_set('session.gc_probability', 1);
	ini_set('session.gc_divisor', 250);
	ini_set('session.save_handler', 'user');
	ini_set('session.use_cookies', 0);
	ini_set('session.use_only_cookies', 0);

	if (@$_COOKIE[$db_session_name]) $id = $_COOKIE[$db_session_name];
	if (@$_POST[$db_session_name]) $id = $_POST[$db_session_name];
	if (@$_GET[$db_session_name]) $id = $_GET[$db_session_name]; 
	if (strlen($id) > 32) $id = substr($id, 0, 32);
	if (strlen($id) < 32) $id = strtoupper(md5(time()));

	unset($_COOKIE[$db_session_name], $_POST[$db_session_name], $_GET[$db_session_name]);

	shop_session_name($db_session_name);
	shop_session_id($id, $db_session_name);

	session_set_save_handler(array(& $this, 'db_sessions_open'), array(& $this, 'db_sessions_close'), 
						 	array(& $this, 'db_sessions_read'), array(& $this, 'db_sessions_write'), 
							 array(& $this, 'db_sessions_destroy'), array(& $this, 'db_sessions_gc')); 

	session_start();
}

function db_sessions_open($path, $name) {
	return true;
}

function db_sessions_close() {
	return true;
}

. . . 


function shop_session_id($id = false, $shop_session_name = DB_SESSION_NAME) {
	if ($id || !defined('DB_SESSION_ID')) {
		session_id($id);
		define('DB_SESSION_ID', $id);
		define('SESSION_SID', $shop_session_name . '=' . $id);
		<b>if (!@$_COOKIE[$shop_session_name]) define('SID', $shop_session_name . '=' . $id);
		header("Set-Cookie: $shop_session_name=$id; expires=" . date("D, d-M-Y H:i:s", strtotime("+3 months")) . " GMT; path='/';");
		@$_COOKIE[$shop_session_name] = $id;
	}
	return DB_SESSION_ID;
}

function shop_session_name($name = false) {
	if ($name || !defined('DB_SESSION_NAME')) {
		session_name($name);
		define('DB_SESSION_NAME', $name);
	}
	return DB_SESSION_NAME;
}