Databases
StackOverflow2013
Postsdbo
POPHP sessions and AJAX request (from injected JS code)
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POPHP sessions and AJAX request (from injected JS code)
    primarykey
    data
    text
    <p>I think I forgetting something in my code but can't find what.</p> <p>On my server I have simple <code>logging.php</code> file. If I pass <code>user/password</code> parameters then a new session is created. If I pass <code>loggout</code> the session is destroyed. If I pass <code>report</code> the list of current session variables are reported on screen.</p> <p>If I test the code writing urls in my browser all works fine. First invoke <code>.../logging.php?user=xxx&amp;password=xxx</code>. The session is started and the session variables are reported to me. And finally I destroy the session passing the <code>logout</code> parameter.</p> <p>If user request a <code>report</code> or a <code>logout</code> and no session exists a <code>HTTP-401</code> error code is returned to client.</p> <p>On the other hand I have a piece of JavaScript code that I can inject on web page using a bookmarklet. Once code is injected I show a toolbar where user can write user/password and send to server. </p> <p>The logging actions seems to works fine, and server returns me a 200 status code, but later if I make a request to <code>logout</code> the server returns me a 401 error, which mean no session exists.</p> <p>I was using chrome and looking at HTTP request and responses can see that when I logging the server returns in the response different values for <code>PHPSESSIONID</code>. That means two different <code>AJAX</code> request are considered different sessions. The server seems to not recognize the second request from <code>AJAX</code> as if it was started by the same client.</p> <p>Repeat, the <code>PHP</code> code works fine if I execute using browser directly but not with AJAX request, so I think I forgetting something in AJAX.</p> <p>Any ideas?</p> <p>Thanks in advance.</p> <p><strong>Update</strong></p> <p>To be more concise, my problem is calling php from JavaScript. It seems there are no sessions started.</p> <p>Imagine a very simple PHP code:</p> <ul> <li><p>logging.php: given a user/password starts a new session and also stores 'user' names as a session variable.</p></li> <li><p>request.php: which returns the user name stored as session variable.</p></li> <li><p>logout.php: which destroys the session.</p></li> </ul> <p>My first AJAX request start a PHP session. That seems fine because a PHPSESSIONID cookie is returned from server. Also I store the user name as session variable.</p> <p>The second AJAX request tries to get the user name (stored in the session) but it gets nothing and in addition a new PHPSESSIONID cookie is returned from server.</p> <p>I know it seems impossible and more when I'm testing using browser url request and works fine, but it's the truth.</p> <p>I'm forgetting something on AJAX, expiration times or something similar?</p> <p><strong>Update again</strong></p> <p>I made some tests and I found the problem but not the solution.</p> <p>My JS code is injected through a bookmarklet. When I inject the code in a HTML page from my server, the AJAX requests works fine. The first (logging) request gets a PHPSESSID which is passed in subsequent request to the server.</p> <p>On the other hand If I load google.com and inject the code, the first (logging) request gets the PHPSESSID too but later it is not sent with next requests.</p> <p>Anyone has experienced the same issue? which is the problem?</p> <p>Thanks in advance.</p> <p><strong>Update again, again</strong></p> <p>Ok finally I found my problem. Because my JS is injected from a different domain (current page is from domainA and my JS code comes from domainB) cookies are not cross domain, so PHPSESSID can be shared.</p> <p>A possible soulution is when I logging I will return the PHP session ID in pice of JSON data and use it for subsequent calls.</p>
    singulars
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PTQuestion
    1. USEricSonaron
    1. USEricSonaron
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    2. PO
      singulars
      1. PTAnswer
    3. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POPHP sessions and AJAX request (from injected JS code)
      1. This table or related slice is empty.
      1. VTApproveEditSuggestion
    1. COCan you make your question conscise .. and clear
      singulars
      1. POPHP sessions and AJAX request (from injected JS code)
      1. USSantosh Linkha
    2. COIf you have updates or changes to your question, please include them by editing the original question. I've migrated your post below into your question here.
      singulars
      1. POPHP sessions and AJAX request (from injected JS code)
      1. USSampson
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload