Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Session data - multiple browser problems

Status
Not open for further replies.
sipps

sipps

Technical User
Feb 9, 2003
133
GB
Hi all,

I am looking for some advice as to why I'm experiencing problems with sites on an IIS server but not on an Apache server.

Background is that the site has a site_id which sits at the end of the URL which determines what products the user views amongst other things. (Using ASP).

If a user opens one browser with one site_id and starts looking through the site it works fine. Lets say they then open a new explorer window and view the same site with a different site_id thus seeing different products.
When they go back to the first browser and view another page, the products from the second browser are shown! This is because it's taking the second site_id to the other explorer window some how.

I am used to using Apache which holds the session id of a particular browser on the web server. If you open up another browser, you get another session id so the two are completely different and nothing can travel between the two browsers, i.e. a shopping cart. If you add items to a cart in one page, they do not appear in the other browser window when you view the cart! (This is in PHP).

I think that IIS/ASP must be doing something strange here, no idea what though!

Can anyone give me any advice and what the difference is between the two servers with regards to handling sessions?

Thanks

sipps
 
Sort by date Sort by votes
This is not an apache vs IIS problem, this is a difference in how your individual applications do their session management.

I can write software that can do either of these things in either environment.
 
Upvote 0 Downvote
Thanks siberian.

Is it right that ASP cookies can only be written once by the same URL on one computer?

If I set a session variable in PHP then that is available throughout the life of the browser and cannot be modified by another browser using the same URL. I am not sure what ASP does to individulise the session content from one browser to the next.

Thanks for your help.
 
Upvote 0 Downvote
sipps:
At their core, ASP and PHP implement sessions the same way. A cookie is set with a unique index, and that index is used to fetch session values from the server side.

Both of them will also, if a session cookie is already set, continue to reuse the came cookie. Because it's not the value of the cookie that is the session values, but the values stored in the matching session store.

Want the best answers? Ask the best questions: TANSTAAFL!!
 
Upvote 0 Downvote
IT depends on how your app is managing your sessions.

An example:

I have some apps that manage sessions in the URL. This means each browser can have its own session and you can have multiple sessions going on the same computer.

Another app uses cookies. This means that all browsers share the same session.

ITs really about how your app is managing sessions, not ASP vs Apache etc.
 
Upvote 0 Downvote
Thank you both.

I realise that it is not with the web servers, more with the apps, i.e. how PHP handles sessions compared to ASP. When I use sessions with PHP they are stored on the server in the PHP folder so I do not have to use cookies. ASP however uses cookies, and because the same cookie session variables get written over, this is the problem we are facing.
I am trying to move the apps to PHP, but people are asking for reasons why! It's very difficult when all people know is ASP/IIS.

Thanks again,

sipps
 
Upvote 0 Downvote
sipp:
Sessions, in nearly all implementations, consist of two parts.

One part is a session store on the web server. This is like a database, where each row of the database is one user's session variables.

The other part is the session store index. It's the key that determines which session store data is used by which user.

When you issue session_start() in a PHP script, PHP generates a random session_id (which is the session index) and places that id on the client in a cookie on the client.

Most session-handling mechanisms use a cookie on the client to store the session id. When the client connects to the server, it returns that ID from the cookie. The server then uses that ID as an index into the session store.

PHP has the facility to pass session ids around via HTML tag rewriting. But unless you have explicitly told PHP to use tag rewriting, it uses cookies to store the session id.

Want the best answers? Ask the best questions: TANSTAAFL!!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

RedLinux
  • Locked
  • Question
Login session issues with HTTP headers
Replies
0
Views
249
RedLinux
RedLinux
kjv1611
  • Locked
  • Question
RAID 5 Data Recovery? (Debian / OpenMediaVault) 1
Replies
2
Views
340
kjv1611
kjv1611
w5000
  • Locked
  • Question
mounting a filesystem multiple times - what sense?
Replies
7
Views
993
ChrisHirst
ChrisHirst
theniteowl
  • Locked
  • Question
Parsing data out of files
Replies
0
Views
298
theniteowl
theniteowl
srikanthgali87
  • Locked
  • Question
Shell script to sync user accounts multiple servers
Replies
1
Views
286
ady2012
ady2012

Part and Inventory Search

Sponsor

Back
Top