tags:

views:

24

answers:

1
Q: 

Pasting the required url to address bar destroys the session..pls help

I get a mail in which i am given a link to a page of accounthistory page like this: 

http://www.mydomain.com/accounthistory.php?order_id=491

using this i can view the order detail, but when I am logged in to my account and I access the same link copying from mail i got, I get the page but i get logged out.

this page is also available in general of my site after login and the url is displayed as

http://www.mydomain.com/accounthistory.php?order_id=491&osCsid=v2i9agpobsce2dvlfgi28449j3

hence my question is

If I am logged in my account and using the link which i got in my mail i.e. http://www.mydomain.com/accounthistory.php?order_id=491

what should i do so that i do not get logged out of my account?

after looking through the both ways, i found that i need the "osCsid" appended to my url which i got in my mail. and from debugging i found it to be saved in session.. how can I use it to get my point work?

+3  A: 

If your shop system doesn't use Cookies for sessions, carrying the session ID in the URL is in fact the only way to continue the session.

However putting the session ID into the E-Mail is not very elegant. The session ID will become invalid at some point, and it makes the URL long and ugly.

I would consider activating Cookie based authentication for those clients that accept it.

Pekka  2010-09-10 05:33:25
-ve Potter, :-(, any other alternative!!
OM The Eternity  2010-09-10 05:34:37
@OM alternative to what? Why are you not using Cookies?
Pekka  2010-09-10 05:36:36
Regarding last line, Or is there any way to check for the existing session id and appending in requested url which I paste in address bar?
OM The Eternity  2010-09-10 05:37:23
@OM nope, it's either session ID or Cookies. Why can't you use cookies?
Pekka  2010-09-10 05:37:42
@OM re your update, yes there is, it's called Cookies ;) I know no other way.
Pekka  2010-09-10 05:39:33
is there any way to check for the existing session id and appending in requested url which I paste in address bar?
OM The Eternity  2010-09-10 05:44:23
@OM only if your session is cookie based. There is no other way. We can do this all day :P
Pekka  2010-09-10 05:50:30
@Peter true, but in that case, it is probably not advisable to carry on the session by passing on the session ID.
Pekka  2010-09-10 06:08:11
@Pekka - Thanks... I realized the issue was continuing an ongoing session and deleted that comment :/
Peter Ajtai  2010-09-10 06:08:54

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases