I am trying to capture a session ID from a URL so that the ID will follow a user throughout the site and then get captured when they fill in a form.
The URL will look something like this.
http://www.mysite.co.za/?campaign=the_campaign_name
Then I inserted this code into the top of my Joomla template file:
session_start();
$_SESSION['campaign']=$_GET['campaign'];
Will this capture the session (the_campaign_name) and will this work with Joomla as I know Joomla uses its own session ID's?
When I check the sessions I just get a PHPSESSID showing its session.
Thanks in advance.
This seems to have worked for me, if this helps anyone:
<?php
if (isset($_GET['campaign'])) {
$campaign = $_GET['campaign'];
}
setcookie('CampaignName', $campaign);
?>
Not sure if it's even the correct way but it worked for me on Joomla.
yes it should work, joomla is PHP. and what you are trying to do is PHP, if you want to check all the created session variable then try
session_start();
var_dump($_SESSION);
Update:
it seems joomla stores the session variables in database, according to the documentation you need to set and access session variable in joomla like this.
to set session variable
$session =& JFactory::getSession();
$session->set('campaign', $_GET['campaign']);
to get session variable
$session =& JFactory::getSession();
echo $session->get('campaign');
it seems joomla upon initialization destroys the regular session variable for some security reason they say, here is the link from joomla documentation to help you http://docs.joomla.org/How_to_access_session_variables_set_by_an_external_script
hope this helps. and always remember to sanitize user input with proper validation. before using it.
Since you are using Joomla, why not make use of the Joomla framework?
To set:
JFactory::getSession()->set('campaign', JRequest::getVar('campaign'), $optional_namespace);
To get:
JFactory::getSession()->get('campaign', $optional_default_value, $optional_namespace);
Related
I'm currently working on a new project based on Mini2 PHP framework
(here is the GitHub of the framework).
As you can see this framework use Twig, but when I want to log in people with a form, I send a request to the Model.php where I start a Session and set $_SESSION['user'] = 'John' for exemple.
The issue is that I have no idea how to check on other page is the Session has been created or even how to show the user name on a page.
Could you please help me ?
Thank you :)
try something like this:
session_start(); // start the session to have access to the session variables
if(isset($_SESSION['user'])) { // check the existance of a variable with isset()
echo "User ".$_SESSION['user']." is logged on";
}
I read many question and post about my question but all were not helpful.
I develop website, and in login page i use session.
As i know session is end when browser close,, but my session is not end on browser close..
I want to access my web with out login
here is code that create session
$_SESSION['session_name'] = 'session value';
$_SESSION['is_admin'] = '1';
$general->redirect('home.php');
by this code session is created and i access website definitely,
i try to add session manually , and set these session name in manually session, and then i want to access website,..
you Not give me full detail, but please give me initialize suggestion and helpful source where i read about this.
Thank you.
Simply create a separate page on your website’s root (preferably protected by a HTACCESS password). Call it something like *hack_login.php* (or something more cryptic).
<?php
session_start();
$_SESSION['session_name'] = 'session value';
$_SESSION['is_admin'] = '1';
?>
Now when you access that page, and provided your session cookie is written correctly, you should be authorized when you access your website through the front page.
Don't forget to remove that page once your tests are done ;)
How can I switch to a previously saved session using Zend\Session\SessionManager? I know the session ID.
For example, this doesn't work:
$sm->start();
$sm->setId('abc');
$_SESSION will not contain the data of session 'abc'. Calling $sm->writeClose() after $sm->start() doesn't help either.
I can easily do this using standard PHP functions:
session_start();
session_write_close();
session_id('abc');
session_start();
//$_SESSION is populated with 'abc' data.
Zend uses session namespaces for that. If you give the session a name like this
$sess = new Zend_Session_Namespace('abc');
you can access the contents via $sess->var and reload the session in a different PHP file just by creating the new session with the same name again.
http://framework.zend.com/manual/1.12/de/zend.session.basic_usage.html
I am passing my session ID thru a flash file to a php file and I am capturing the session ID on the other side and replace the newly generated ID by the old one.
$SID = $_GET['mysession'];
session_id($SID);
session_start();
Unfortunately the session is now empty and I don't get why.
print_r($_SESSION);
returns just a 1. All variables from the session are empty/do not exists.
Anyone an idea how to catch the data again?
PHP Version 5.2.6-1+lenny12 with Apache.
Thanks
David
I think you need to use session_start(); before you set anything in the session.
use it like this,
session_start();
$SID = $_GET['mysession'];
session_id($SID);
This says, enable session handling on this page and starts a session. after that you are fetching your previous session id and then assigning the same session id to this session.
Hope, it helps you.
I'm wondering if there's a way to dump all of the values of
$this->session->userdata()
so I can troubleshoot?
I'm working within Facebook, and have a login page, and once that's successful I want to pass around the UID of the current user, and I thought this would work well.
I currently have the uid set as follows:
require_once 'facebook.php';
$appapikey = 'XXXX';
$appsecret = 'XXXX';
$facebook = new Facebook($appapikey, $appsecret);
$user_id = $facebook->require_login();
$this->db->like('uid', $user_id);
$this->db->from('users');
$has_signed_up = $this->db->count_all_results();
if ($has_signed_up == 0) {
redirect('/setup/signup/', 'location');
}
else {
$this->session->set_userdata('uid', $user_id);
redirect('/preferences/index/', 'location');
}
So the redirection occurs, and I have a very simple setup over at preferences/index:
echo "this is the preferences form <br />";
echo $this->session->userdata('uid');
echo $this->session->userdata('session_id');
And the result is an inscrutable:
this is the preferences form
858f500e167e359edc1942a96f3bac35
So it totally skips over the middle echo containing the uid. Am I not setting this correctly? Is there a way to dump all values of the session array to see what's getting through? Any help would be just great.
UPDATE
I have run var_dump($this->session->userdata) on each the raw website and through Facebook.
On the website it exposes all set values in an array containing 5 values (session_id, IP, User_agent, last_activity, and uid).
Within the Facebook chrome however, it only shows the 4 values set by CodeIgniter. I've heard cookies can only be 4k and that encryption could be a problem. Could FB be filling up cookies with its own encrypted (read:larger) data?
UPDATE 2
When I comment out the redirect, and just have:
else {
$this->session->set_userdata('uid', $user_id);
echo ':test_'.$this->session->userdata('uid').'_test:';
//redirect('/preferences/index/', 'location');
}
It dutifully returns :test_1234_test: within Facebook. So somewhere during the redirect it's losing this part of the array (but not the whole array).
Is it possibly just creating a new session on the redirect page? So that's why it only has the four "stock" variables? If this is the case, I'll need to research how it creates the sessions, and if Facebook clears cookies I suppose.
UPDATE 3
So I've turned to using a DB to store session information instead of cookies, thinking FB was either stripping them or colliding with them. I currently have the app set up to
Set $user_id = 1234
$this->session->set_userdata('uid', $user_id)
Redirect to the new page
Var_dump all possible information
What occurs in the DB is this:
DB records http://nikolausjj.facebook.joyent.us/Picture2.png
So it creates one good record, with the user data, then immediately upon the redirect creates a new session without recognizing the prior one. Can someone explain where the CI framework checks to see if it has a prior session existing? The user manual explains it as "magic" basically.
You can use var_dump() to output the session. Something like this
var_dump($this->session);
The set_userdata call looks ok. Are you sure $user_id is set. Because the echo is surley executed but uid isn't set or set to empty string.
Try replacing the echo with
echo ':test_'.$this->session->userdata('uid').'_test:';
Other information helpful for answering
What browser are you using?
Do you have an underscore _ in your domain name?
Are you using CI sessions or some wrapper for native PHPsessions
Is the value for uid also lost/not set when you comment out the redirect?
Other suggestions:
try redirect('/preferences/index/', 'refresh'); instead of location
I'm not familiar with facebook development but is /preferences/index under your control? If yes try removing (if present) $this->load->library(‘session’) and instead load it in autoload.php.
try changing $config[‘sess_match_ip’] to `FALSE
try setting $config[‘sess_encrypt_cookie’] to FALSE
try replacing the use of CI-Session with CI Native session
Is UID sensible information if not store it in a cookie. If it matters if it can be spoofed don't.
I didn't solve how to pass session variables from one page to another via Facebook. My solution was simply to call the Facebook API for the user's UID again on each page. Not great programming, but it works alright for me. :-/