[thelist] 'Hijacking' sessions
Rob Agar
robagar at westnet.com.au
Wed May 24 00:21:39 CDT 2006
hi Nick,
One way I've employed successfully is by using the PEAR::HTTP_Session
class (http://pear.php.net/package/HTTP_Session) and configuring it to
store session data in a database, then just passing the session id in
the GET request to the other site. Of course, the second site has to be
able to access this db.
hth
Rob
Nick Daverin wrote:
> I was wondering if there is a way to pass session data between sites...
> Sort-of Œhijacking¹ my own session. As an example: On the one site, we
> collect donations. All data is stored as session variables until the
> purchase is completed. Then info we save is sent to a completely unrelated
> (non accessible) database. We would also like to give people the option of
> visiting our gift shop before they checkout. Now this site is on a different
> domain, so even if I pass the session id [using session_id($_GET[Œsid¹]) for
> example] the session variables I¹ve stored while on the first domain are
> inaccessible so a user would have to check out twice. We use php on these
> pages though some type of javascript solution could be implemented (as long
> as I can explain how it works to my boss).
>
> Thanks for any info!
> -Nick
More information about the thelist
mailing list