PHP Sessions: is this only per window?

Anon

If I write an PHP script which uses sessions, if part of that script involves opening a new window, will the PHP session carry across to that new window, or is the session "per window"?

Also, would opening a window using javascript (with size properties etc.) possibly affect the above?

Thanks

ThaSpY

I am doing the exact same thing and would appreciate an answer!

jakem

Sessions include the starting window and any windows spawned from that. If you have a javascript that opens a new window, the session would include that window. It would not include a new window that the user opens on their own.

bryson

what about framesets?

keith73

Originally posted by jakem
Sessions include the starting window and any windows spawned from that. If you have a javascript that opens a new window, the session would include that window. It would not include a new window that the user opens on their own.

that isn't entirely correct.

if you use cookies to store your session ID, then it will include any and all windows you open from the browser the session was started with. If you launch Mozilla, login to a site and a session is created. all mozilla windows whether opened on your own or through javascript, etc will be able to take you back to your session because the cookie is not window dependent.

If you pass the SID in the url then as long as each new window has the SID passed to the page, you should be ok.

if the user opens a new window on their own, then most likely the SID is not included there and that window will not access the session.

as for framesets, same thing. If you use cookies, no problem, pages in the frameset can access the cookie just the same. If you don't use cookids, then your frame tag has to include the SID in the src attribute. (src="pagename.php?PHPSESSID=" )

keith

Drakla

Hi everyone, I had this very same problem a while ago while writing a test shopping trolley. If you opened a new window the the same site / page then it would start a new trolley off, not continue the old one - I tried loads of tricky solutions, which were basically utterly pants, wasted days on it - then found all all you do is this:

session_set_cookie_params(1440);

That makes the cookie last for 1440 seconds, and you'll get exactly the same cart back if you're storing it in sessions, close every damn window in sight, have a cup of tea and then come back. Call that function before session_start().

I was almost blubbing my face off when I found out it was that bleedin easy.

bryson

don't you also have to start the session on each new page loaded with session_start(); ?

Or is that just to restart the idle timeout?