I am trying to convert my web game into a desktop app. Everything works except for the session data. I got websockets, images, audio, and all of that working. Great! But when I try to authenticate, it POSTs to the web server just fine, returns a successful authentication, and attempts to reload the page. However, upon page reload, the subsequent AJAX requests cannot get any of the $_SESSION values again.
I was able to find my PHPSESSID using win.cookies.getAll inside of the nw.js app, but I don't see how this helps me at all. Normally this is automatic when loading the webpage from the server. How do I fix this?
Related
I have an application running on 192.168.1.100. This application serves a page in which an iframe is embedded which is basically another application running on totally different ip e.g. 10.0.0.1.
The issue is whenever user performs a login inside iframe a cookie is set but it is not sent back to 10.0.0.1 for subsequent requests.
What i am trying to achieve is this even possible?
Any help in this regard is appreciated.
Today I started my first android app using "Android Studio". I have created a WebView app that displays a PHP scripts which has a HTML form with one input field and a submit button. Once the correct user code is entered the PHP script checks if the user code is correct. If correct opens another PHP script displaying data. At least that what it should do.
I already have a App written in Mac Xcode which works as expected and accessing the PHP using a browser works find.
The PHP script using PHP SESSION variables but the Android app does not seem to like them.
The problem seems to be related to how cookies are handled by Android's WebView.
By default, cookies are not enabled, therefore even if PHP tries to store the session_id, it cannot retrieve it later, and this causes a new session to start.
On SO you can find many answers that explain you how to enable cookies for WebView. See for example this one: How to enable cookies in Android WebView?.
When the Facebook session expires with my App, I have to use the Javascript SDK to create a new session. This is hugely annoying as it appears to the user that they are logged out occasionally as I do most of the detection server side. And then, when they reload the page and the javascript has executed, the session is recreated.
I am aware that I can fix this quite simply by using javascript to show a message saying 'please reload the page' (much like StackOverflow), however, I do not want my users to have to do this. I accept that the PHP SDK cannot do it, but is there any sort of hack I can do to achieve it myself using PHP instead of Javascript?
Can anyone explain why the PHP cannot do this?
PHP is running on your server, which has nothing to do with Facebook's servers. Remember that cookies are locked to the originating domain. The cookie will appear to have been set by YOUR server, and have an originating domain of "yoursite.com", not "facebook.com".
JS, on the other hand, runs on the client, and any requests made to Facebook's servers will also obey any cookies set by the Facebook servers.
so what i am trying to do is this:
login to the other server with a PHP on my own server (either with my username and pass/or with my cookies)
then have access to the page i want to display/download
i want to write a PHP script that is located on my own server, that automatically does a login to another server, that uses HTTPS and a web form for login.
after the login i have access to that page that i am trying to download.
i dont know if it would be possible to login and download the html only with the cookies that i have in my browser through a previous login, or if i need to do the login in my php script through some https login method.
can i do any of this with curl or fsocksopen or what would be the best way to realize this?
thanks in advance!
you just have to try. in most cases you should be fine if you export your cookies and use them in your curl request.
however the website mave hashed the cookies with the remote address, or given a timeout on them.
then you probably have to login from the server. with php / curl you can do that all.
the only thing that may be a problem is javascript/captcha codes.
in addition you should definately check zend http client, it has functionalities that makes "browsing" easy. for example saving cookies and automatically passing them on in the next request and also deleting them if the server tells you so etc.
Use the PEAR HTTP Request class.
The task was to bypass login form on remote server with a session_id acquired through a call to server's web API. So that user wouldn't have to login twice.
Since there's no way to set cookies for different domain. What we came up to was - put a little file on remote server, to which we pass encrypted session_id from hidden iframe and which is supposed to start a proper session for a remote app, which is then loaded in another iframe.
This approach works fine in FF/Chrome, but not IE... However if I copy url to self-made remote authorization script from iframe's src attribute to IE's address bar and load it from there, session get's created as expected. But for some reason it just doesn't want to do the same from an iframe.
Does anyone have any clue, why this is happening?
I just ran into the same problem and solved it by setting the time on the server serving the iframe to the time of the server that contains the iframe.
Ok, what we did for IEs, we just redirect the whole browser to the authorization script, which then redirects it back again. At least that resolves a problem, somehow.
Anyone having any better solution?