Would an AJAX script persist a session in PHP?

Question

I've been asked to develop a social networking site to tie in with a game. The game is in Flash (so delivered as just a .swf file) and will be hosted on the social networking website.

One of the issues that's arisen during testing and developing is sessions timing out. I know session length can (theoretically) be modified using php.ini but in this instance it doesn't seem to have worked, most likely due to restrictions by our hosting provider.

Sessions are timing out because the game opens in a pop-up window, and if visitors remain on the game window for a long period of time, close the window and then attempt to use the social networking website, the next page load prompts them to log in.

Therefore, if I dropped a small JavaScript snippet into the head of my pages that simply fires off a request to a file hosted on the website, will that persist a session? If so, are there any drawbacks to this practice?

Answer 1

If the requested script calls session_start(), then the session cookie should be renewed on each request. At first glance I can't see why it would not work.

Answer 2

Yes Martin this does work. Javascript has access to the same cookies that your PHP session does. This means on your page that you do session_start(); on and start interacting with $_SESSION if an AJAX page makes a request to this page then they share the same cookies, thus both share the same $_SESSION.

Page 1 - Page receiving the AJAX request

session_start();
die(isset($_SESSION['myvar']) ? 'it exists' : 'it does not exist');

Page 2 - Page making the AJAX request

session_start();
$_SESSION['myvar'] = 1;

When you access page 2, session starts and sets a session variable 'myvar'. If you make an AJAX request from Page 2 to Page 1, then Page 1 has the variable 'myvar' set in the session and thus the output would be 'it exists'.

Hope this helps demystify sessions a little bit for you.