iframe not always recognizing session
Moderator: General Moderators
iframe not always recognizing session
Hey guys, I have a couple of iframes inside of an admin area. They sometimes, but not always, do not recognize that I am logged in (my logged in and admin check is done via a function that accesses the session).
I am thinking that while the page that houses the iframes is using the session data, these iframes can't read from it? Does that sound plausible? It's a tad annoying having to refresh a couple of times until it works.
Is there any way I can wait for the session without having to do ... sleep() or something similar?
I am thinking that while the page that houses the iframes is using the session data, these iframes can't read from it? Does that sound plausible? It's a tad annoying having to refresh a couple of times until it works.
Is there any way I can wait for the session without having to do ... sleep() or something similar?
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Re: iframe not always recognizing session
I don't quite understand why you think waiting might help. Is there some kind of timing issue with logging in and the iframe?
Are your sessions cookie based? They need to be for the user agent to access the data for the iframe.
Are your iframes on the same domain? If they are on different sub-domains you might need to use
There is also a known issue on IE6 and up related to P3P or platform for privacy preferences. In this case pages that set cookies need something like this in the header for IE:
Are your sessions cookie based? They need to be for the user agent to access the data for the iframe.
Are your iframes on the same domain? If they are on different sub-domains you might need to use
Code: Select all
ini_set("session.cookie_domain", ".domain.com");Code: Select all
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');Re: iframe not always recognizing session
Because it seems like the current session might be in use and that's why the code inside of the iframe isn't recognizing that I'm logged in. It does this about 50% of the time and then about 50% of the time it works.
Sessions are cookie based and pages are all on the same domain. And I'm not using IE.
I'm thinking of playing around with session_write_close() perhaps
Sessions are cookie based and pages are all on the same domain. And I'm not using IE.
I'm thinking of playing around with session_write_close() perhaps
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Re: iframe not always recognizing session
Do you use file-based session storage handler?
Re: iframe not always recognizing session
Yes. Default php install session handling.Weirdan wrote:Do you use file-based session storage handler?
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Re: iframe not always recognizing session
The browser is responsible for passing the cookie data and retrieving the iframe. So if your session is started, the cookies are passed, then when the iframe is loaded they get passed back. Try running tamperdata or live http headers and watch what is going on. Also on your main page and iframed pages you could have them echo the session array so you can see what the server thinks is going on.s.dot wrote:Because it seems like the current session might be in use and that's why the code inside of the iframe isn't recognizing that I'm logged in.
Re: iframe not always recognizing session
Yeah, good call. I should've dumped it out to debug.. don't know what I was thinking. I'll try that.
I should mention that this only happens when I load the main page plus 2 iframes at the same time. Subsequent loads inside of the iframes are fine.
I should mention that this only happens when I load the main page plus 2 iframes at the same time. Subsequent loads inside of the iframes are fine.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Re: iframe not always recognizing session
It could also be a browser quirk. You might try something else to see what it does.
Re: iframe not always recognizing session
OK, the problem is occasionally the session appears to be empty. just shows Array ()
Could this be because session_regenerate_id() is called on the main page that houses the iframe and then the iframes try to load old session data?
Could this be because session_regenerate_id() is called on the main page that houses the iframe and then the iframes try to load old session data?
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Re: iframe not always recognizing session
You might want to echo out the session id's too. If they don't match then the server is confused, if they do, then it might be that the browser is confused and not passing the right cookie data. You also might want to watch with live http headers or a sniffer to see what is going back and forth.
Re: iframe not always recognizing session
OK, some good and weird news.
The session ids always match on the main page and in the iframes, so the session is not being confused on the server by session_regenerate_id(). Also, if I comment out session_regenerate_id() it doesn't matter - problem still happens.
The reason I think it's a race condition with the pages loading simultaneously is because I think I ran into this issue once before - but I can't for the life of me find it or remember what I did to fix it.
But you're right.. I'm going to look for a firefox extension that shows me what headers are being sent.
Thank you
The session ids always match on the main page and in the iframes, so the session is not being confused on the server by session_regenerate_id(). Also, if I comment out session_regenerate_id() it doesn't matter - problem still happens.
The reason I think it's a race condition with the pages loading simultaneously is because I think I ran into this issue once before - but I can't for the life of me find it or remember what I did to fix it.
But you're right.. I'm going to look for a firefox extension that shows me what headers are being sent.
Thank you
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Re: iframe not always recognizing session
Yep still can't figure this out. Everything looks fine.
Just going to use jquery to inject the iframes into the dom on $(document).ready()
Just going to use jquery to inject the iframes into the dom on $(document).ready()
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Re: iframe not always recognizing session
Yep, this worked like a charm. Wouldn't if javascript wasn't allowed though.
And I just left the src empty on the iframe declaration.
Code: Select all
$(document).ready(function(){
$('#aif1').attr('src', 'page1.php');
$('#aif2').attr('src', 'page2.php')
});Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Re: iframe not always recognizing session
So I'm just curious if you saw this problem on multiple browsers. It seems a little odd that the iframes are loading before the cookies have been set in the headers. I would have to assume this is a browser bug of some kind where it isn't passing the cookie data to whatever thread is retrieving the iframe.
Re: iframe not always recognizing session
Yeah, I'm curious too.
Unfortunately I don't have the time or motivation to setup a test.
It does seem practical though.
Setting a cookie sends a header. If the page does not send the header to the browser before the iframe request, then the browser cannot send it to the iframe (but what's quirky, is i could echo out the session id (which had to have come from the cookie)).
I believe a non-javascript solution would be to set the cookie, then redirect to the same page via header('Location..');
It definitely has something to do with the session being active and session requests being acted on that session.
I'm glad I did the javascript solution though because I then added some code to auto-resize the iframes based on the height of the content in them. It now feels like the admin area is super fast ajax
Unfortunately I don't have the time or motivation to setup a test.
It does seem practical though.
Setting a cookie sends a header. If the page does not send the header to the browser before the iframe request, then the browser cannot send it to the iframe (but what's quirky, is i could echo out the session id (which had to have come from the cookie)).
I believe a non-javascript solution would be to set the cookie, then redirect to the same page via header('Location..');
It definitely has something to do with the session being active and session requests being acted on that session.
I'm glad I did the javascript solution though because I then added some code to auto-resize the iframes based on the height of the content in them. It now feels like the admin area is super fast ajax
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.