Re: [PHPLIB] Warning - Same session in two browsers? From: Simon Sadler (simon.sadler <email protected>)
Date: 11/28/99

Florian,

Thanks for the ideas.

> the first one. sam mentioned some other ways to do that. i don't know
> why users always have to do things you don't want them to do, they have
> all kind of strange ideas... ;-)

: ) They certainly do. Bless them.

> but anyway, i don't really understand why you want to do that. it seems a
> bit confusing to me having opened the same page for the same user at the
> same time but with a different session variable... but you certainly have
> good reasons...

I'll enlighten you. The main reason is that I'm using persistent
(registered) objects that contain important info. I generally have an object
for each table in my database. These objects contain the record data and
functions for retrieving, saving etc. The situation is a main menu with a
link to a client selection page. Each client should be opened in a separate
window so the user can flip between clients easily without losing the
others. If a user had two windows with different clients but the same
session, my registered Client object is corrupted.

I think I may have the answer. The link to my client selection page on the
main menu will use JS to open the page in a new window. The page in
this new window will create a new session for the existing user and then
redirect to the client selection page itself. That should work in theory.
: )

Of course, this solution won't stop users opening a new window with the same
session. I don't think there is an answer to that. Unless some sort of
unique window ID is sent in a HTTP header?

Thanks again,

Simon.

----- Original Message -----
From: Florian Gnägi <gnaegi <email protected>>
To: Simon Sadler <simon.sadler <email protected>>
Cc: <phplib <email protected>>
Sent: 25 November 1999 11:01 pm
Subject: Re: [PHPLIB] Warning - Same session in two browsers?

hi simon

i think you can achieve this by using only get mode. in the first window
with the first session variable you use everywhere $sess-url() to code
your links that should show up in the same window sharing the same session
variable.

now, the link where you make it possible to open a new page with a new
session variable (e.g. with target=_blank) you just don't use
$sess->url(). since in the new window the session variable is missing,
phplib will create a new session wich is only valid in the second window.

of course, if a user clicks on a link with ctr.-click, middle mousbuton or
whatever one can get a new window witch uses the same session variable as
the first one. sam mentioned some other ways to do that. i don't know
why users always have to do things you don't want them to do, they have
all kind of strange ideas... ;-)

but anyway, i don't really understand why you want to do that. it seems a
bit confusing to me having opened the same page for the same user at the
same time but with a different session variable... but you certainly have
good reasons...

have fun

-florian

On Thu, 25 Nov 1999, Simon Sadler wrote:

> Thanks for your help Florian.
>
> I think my empty objects must be down to the multiple browser windows
> sharing one session record. I was heading down that road anyway but you've
> helped me confirm that. Thanks.
>
> I guess that the best way around this is to have the user log on every
time
> they open a new window. It would be even better if I could detect whether
> they were already logged on in another window and create a new session
> straight away. Then there would be different session IDs using different
> records. Any idea how to do this?
>
> Simon.
>
> ----- Original Message -----
> From: Florian Gnägi <gnaegi <email protected>>
> To: Simon Sadler <simon.sadler <email protected>>
> Cc: <phplib <email protected>>
> Sent: 23 November 1999 6:22 pm
> Subject: Re: [PHPLIB] Warning - Same session in two browsers?
>
>
> > hi
> >
> > if you need two different sessions within the same browser you have to
> > define two different sessions in your local.inc. in the new window you
> > should use your second session definition.
> >
> > cookies as i understand them are valid for the whole browser
environnement
> > and not for a single browser page. go reading your cookie file, you
won't
> > find any window information in there. therefore the behaviour seems
> > to be correct.
> >
> > if two windows are opened and do use the same session variable they will
> > store their information within the same record in the database. this is
> > also true if the virtually impossible case happens that at the same time
> > another person is using the same session variable for some reason. but
> > don't care about this, it'll never happen ;-)
> >
> > the blanking of your object, hm, misterious, maybe it's in your code
> > somewhere? do you use an auth object? if yes, maybe you should choose a
> > longer livetime for the authentication...
> >
> > put an
> >
> > echo $auth->auth["uid"]."<br>";
> > echo $Login= $auth->auth["uname"]."<br>";
> >
> > somewhere in your code to check if you loose your auth information after
> > closing one window. maybe auth->delete() gets executed where it
> > shouldn't...
> >
> > hope this helps
> >
> > -florian
> >
> > On Tue, 23 Nov
> > 1999, Simon Sadler wrote:
> >
> > > I wrote concerning this a while back but got no replies so I've
> rephrased
> > > it...
> > >
> > > session->mode = "cookie"
> > > session->lifetime = 0 - session cookies
> > > Browser = IE5
> > >
> > > In setup.inc I create some objects of my classes and register them
with
> the
> > > session. They are persistent the whole time a user is logged on and
> contain
> > > vital info.
> > >
> > > On my site there are links that open a page in a new browser window.
I'm
> > > using <a target="new window"...> to do this. When this new window is
> opened
> > > it seems that the session from the original window is inherited as all
> the
> > > registered variables are the same. Firstly, can anyone confirm that
the
> > > cookie is inherited? Now the main question is, what happens when
either
> of
> > > the windows is closed?
> > >
> > > Whatever the answer, something is wrong as occasionally my registered
> > > objects become blank. At first I thought that the session cookie might
> be
> > > deleted when any of the windows were closed but I now doubt that
because
> the
> > > log in screen never appears after this problem occurs. Would I be
right
> in
> > > thinking that if the cookie did go missing I'd have to re-log in?
> > >
> > > I suppose that it must be down to PHPLIB itself. Would there be
trouble
> if
> > > two browsers were sharing the same session? They would both be
accessing
> and
> > > saving to one session record. Would that cause any trouble? I know it
> > > shouldn't but there may be something obscure here.
> > >
> > > Obviously, everything works fine if restricted to one window.
> > >
> > > Please help. I believe this is an important point and something that
we
> > > should all be aware of. If I haven't been clear enough please ask
> anything
> > > you need to.
> > >
> > > Thanks in advance,
> > >
> > > Simon.
> > >
> > >
> > >
> > > -
> > > PHP3 Base Library Mailing List. Send messages to
> <phplib <email protected>>.
> > > To unsubscribe, send "unsubscribe" to <phplib-request <email protected>>
> in
> > > the body, not the subject, of your message.
> > >
> >
> > -
> > PHP3 Base Library Mailing List. Send messages to
<phplib <email protected>>.
> > To unsubscribe, send "unsubscribe" to <phplib-request <email protected>>
in
> > the body, not the subject, of your message.
> >
>
>
> -
> PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
> To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
> the body, not the subject, of your message.
>

-
PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
the body, not the subject, of your message.