Tidbits @ Kassemi
A collection of opinions, thoughts, tricks and misc. information.Thursday, September 08, 2005
AJAX in-page browser pt 2
So. I've been working with my AJAX browser, and I've come across a problem. I set up user authentication with a script that is executed with every page that loads on the server... It checks to see whether or not the encrypted cookie or the session variables for log-in are accurate, and will forward to the log in page if they are not. I have an exception page array, which contains a list of pages that are allowed to be viewed by users who are not logged in. This makes things very secure.
The AJAX browser I'm using in the form allows the user to browse through category information, specifying what category they would like to place their entry into. When the request is made to the script that loads the category information, the included file checks to see whether they are logged in or not and the log in page is displayed in the AJAX browser. The AJAX browser does not allow for the reading of the PHP session if it is in a cookie...
If such a system is in place, the easiest solution is to force the PHP session id into the GET array passed to the div browser...
Because of the authenticating include, you will also need to make sure that PHP sets the correct session id:
if(isset($_GET['PHPSESSID'])){
session_id($_GET['PHPSESSID']);
}
session_start();
Pretty easy... I guess you now know I couldn't think of anything to write today :)
The AJAX browser I'm using in the form allows the user to browse through category information, specifying what category they would like to place their entry into. When the request is made to the script that loads the category information, the included file checks to see whether they are logged in or not and the log in page is displayed in the AJAX browser. The AJAX browser does not allow for the reading of the PHP session if it is in a cookie...
If such a system is in place, the easiest solution is to force the PHP session id into the GET array passed to the div browser...
Because of the authenticating include, you will also need to make sure that PHP sets the correct session id:
if(isset($_GET['PHPSESSID'])){
session_id($_GET['PHPSESSID']);
}
session_start();
Pretty easy... I guess you now know I couldn't think of anything to write today :)
Archives
August 2005 September 2005 October 2005 November 2005 December 2005 January 2006 February 2006 March 2006 April 2006 June 2006 July 2006 August 2006 September 2006 October 2006 November 2006
