Page 1 of 1

How to keep the session open

Posted: Wed Apr 18, 2012 8:23 am
by Chris-bbw
Hello,
I am using Wordpress with a PHP DMS called Dmanager.

I have integrated the DMS inside Wordpress with an iframe.

It works well, but I would like that the session of the DMS would be open when someone previously entered user and password.

This is the source:

Code: Select all

$sMicro = microtime();
@session_start();

if (!defined("SEP")) {
  if (getenv("WINDIR")) {
    define("SEP","\\");
  } else {
    define("SEP","/");
  }
}

// Overrides GPC variables
 if (get_magic_quotes_gpc())
{
	function stripslashes_deep($value)
	{
		$value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
		return $value;
	}

	$_POST = array_map('stripslashes_deep', $_POST);
	$_GET = array_map('stripslashes_deep', $_GET);
	$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
	$_FILES = array_map('stripslashes_deep', $_FILES);
} 

if (!file_exists("dbconfig.php")) {
	include("install.php");
	exit();
}

require_once("error_handler.php");
require_once("functions.php");
require_once("dbconfig.php");
require_once("m_docmanager.php");

// Goes to UTF-8 encoding : 
mysql_query("SET NAMES UTF-8;");

$doc = new docmanager();
$doc->getConfig();
$pngPath = "styles/" . substr($doc->config["conf_style"], 0, strrpos($doc->config["conf_style"], ".css")) . "/";

// we can put it in a cron php so that it will not take too much
// resources on busy document managers
// $doc->cleancomment();

require_once("lang.php");

if (empty($_SESSION["Sconnected"]) && empty($nocheck))
{
	$_SESSION = array();
	session_write_close();
	header ("Location: login.php");
	exit();
}

if (!empty($admin) && empty($_SESSION["Suser_admin"]))
{
	echo "<span style=\"color: red;\">" . _l("This page is restricted to administrators.") . "</span>";
	exit();
}


$available_mailcondition = array (
	0  => "Never",
	1  => "When a file is uploaded (every time)",
	2  => "The user choose it, and the default is Yes",
	3  => "The user choose it, and the default is No",
);

$available_sendrecipient = array (
	0  => "The administrator",
	1  => "All the users (whose 'mail' field has been filled)",
);

$yesno = array (
	0  => "No",
	1  => "Yes",
);


How can I check if someone entered his or her credential and let this program run in an iframe?

Thanks

Re: How to keep the session open

Posted: Wed Apr 18, 2012 8:49 am
by requinix
Sessions are managed with cookies. If the session isn't carrying over into... the iframe? or wherever, that would be because the cookie isn't carrying over.

Does the DMS have a different domain name than the rest of the site? More likely a different subdomain?

Re: How to keep the session open

Posted: Wed Apr 18, 2012 10:14 am
by Chris-bbw
nope, the dms is installed in a subfolder of the root. I will have a try storing this cookies in some way. Thanks

Re: How to keep the session open

Posted: Wed Apr 18, 2012 12:04 pm
by requinix
Check what cookies are being sent on both the "normal" site and the DMS site. There's probably one or two (or more) that are used on the former but not on the latter. $_COOKIE and phpinfo() can help with this. Could also be that cookies on the DMS site have an explicit path set and that will override the "global" cookie on the normal site.

FYI, odds are that PHP's session cookie has a really obvious name like "PHPSESSID".