HOME Community Articles Code Library People Mail Archive My Account Contribute PHP Jobs

Open Source Database Feature Comparison Matrix Try Declarative Programming with Annotations and Aspects Locate All Stored Procedures and Their Objects/SQL Tables Building a Stored Procedure Generator Making Tables Read-only in Oracle

24-hour Support Daily Backup Dedicated Servers JSP/Java Servlets PHP MySQL Streaming Audio/Video Telnet/SSH Unix Hosting 24-hour Support

From: Maxim Derkachev (max.derkachev <email protected>)
Date: 05/31/01

• Next message: Gerald Howse: "[phplib] Re: Creation of GIF image buttons in PHP - plus URLENCODE Links in array"
• Previous message: Sascha Schumann: "Re[2]: [phplib] Session IV"
• In reply to: Sascha Schumann: "Re[2]: [phplib] Session IV"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Sascha,

Thursday, May 31, 2001, 11:21:52 AM, you wrote:

>> Have I missed something important?

SS> Saving the current state implies closing the session.

True, but the task is to let the page know the current session state,
but close the session without saving it.
The real life example:
I have a support chat for an online shop. The user should be able to
browse the pages, put something into cart, etc., while chatting with
an operator. So, the session data is changed many times while he is
chatting. But he has to be authenticated to chat. He also should be
able to access some of his session variables from within the chat (e.g.
his cart contents). That means that the chat window should have the same
session id as the main window. The chat window is reloaded frequently.
Imagine that the user put some stuff to the cart. The main page script
is ended, and the session writes its state. Shortly after that, the
chat window script that read session data before the latest update was made,
is also ended and saved its variant of the session data. As a result, the
session data is had been rewritten with obsolete data, and the stuff the user
placed to the cart recently is lost. That would not happen if the session in the
chat window was not allowed to write its state.
This happens very often in framed or multi-windowed environment, since
we could not know for sure the order a window/frame pages would save
its session state. The order can not be managed in any way. I remember that some
time ago the same issue was discussed in this list, and, if I not
mistaken, it was You who suggested not to call page_close() on
frames/pages that should not write anything to the session. With the
PHP session API that trick no longer works. But the need in read-only
sessions is still here. Without it it's impossible to write secure multi-windowed
apps with session support.

-- 
Best regards,
Maxim Derkachev mailto:max.derkachev <email protected>
System administrator & programmer,
Symbol-Plus Publishing Ltd.
phone: +7 (812) 324-53-53
www.books.ru, www.symbol.ru 
---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>

• Next message: Gerald Howse: "[phplib] Re: Creation of GIF image buttons in PHP - plus URLENCODE Links in array"
• Previous message: Sascha Schumann: "Re[2]: [phplib] Session IV"
• In reply to: Sascha Schumann: "Re[2]: [phplib] Session IV"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]