Thanks Adam. I did the method you suggested and found it very nice,
but I'm having another problem now.
In my case, it works in two different cake applications within one
domain, but it doesn't seem to work in two separate domains.
I did the following:
This does a redirect from siteA.com/blah/index to siteB.com/blah/
index.
// siteA.com
function index() {
if(!$this->Session->check('Test')) {
$this->Session->write('Test', 'Hello, this is only a session
test!');
}
}
function redirectem() {
uses('string');
$this->data['SiteTransfer']['sess_id'] = $this->Session->id();
$this->SiteTransfer->id = String::uuid();
if($this->SiteTransfer->save($this->data)) {
$this->redirect('http://siteB.com/blah/catchem/uuid:'.$this-
>SiteTransfer->id);
}
}
// siteB.com
function beforeFilter() {
if(!empty($this->params['named']['uuid'])) {
$uuid = $this->params['named']['uuid'];
$this->data = $this->SiteTransfer->findById($uuid);
$this->Session->id($this->data['SiteTransfer']['sess_id']);
$this->SiteTransfer->del($uuid);
}
}
function catchem($uuid) {
$this->redirect('/blah/index');
}
function index() {
debug($this->Session->read('Test'));
}
I found that SiteB.com instantiates the session data with the session
ID in beforeFilter successfully;
however, when the page (siteB.com/blah/index) gets rendered
completely, siteB.com creates another session id.
Have I missed something fundamental?
On Jan 17, 6:36 pm, Adam Royle <[EMAIL PROTECTED]> wrote:
> Yes, here is one method of making it more secure.
>
> So have you two sites, siteA.com and siteB.com.
>
> User is browsing siteA.com and you want them transferred to siteB.com
>
> They click a link: eg. siteA.com/blah/redirectem/
>
> In your redirectem method you get the currentsessionid and save it
> into your database (eg. site_transfers) with a uuid (ie. String::uuid)
>
> then you do a redirect to siteB.com/blah/catchem/$uuid
>
> and search your database table for the uuid token and then instantiate
> thesessionwith thesessionid from the db.
>
> Then delete the uuid andsessionid from your site_transfers table.
>
> All done!
>
> On Jan 17, 2:57 pm, Kyo <[EMAIL PROTECTED]> wrote:
>
> > Following your instruction, now i figured out how to share sessions
> > between applications.
> > In my view I appended thesessionID to the link like this:
>
> > $html->link( 'Go to the other application',"http://www.example.com/
> > other_cake/tests/index/sess_id:{$session->id('Test')}");
>
> > On the other application, in the beforeFilter method in my controller:
>
> > function beforeFilter() {
> > $this->Session->id($this->params['named']['sess_id']);
>
> > }
>
> > I appreciate your instruction!
> > Are there any way to make this more secure?
>
> > On 1月16日, 午後10:48, Adam Royle <[EMAIL PROTECTED]> wrote:
>
> > > Yes! When you transfer between applications (I'm guessing you have a
> > > link of some description) append thesessionid onto your querystring
> > > and use $this->Session->id($this->params['url']['sess_id']) on the
> > > other end. There are more secure approaches to this, but you still
> > > need to pass some kind of token so you know your user is really your
> > > user.
>
> > > Adam
>
> > > On Jan 16, 6:58 pm, Kyo <[EMAIL PROTECTED]> wrote:
>
> > > > Yes, I use the same db for both applications.
> > > > When I jump from one cake application to another, they store two
> > > >sessiondata with different IDs.
> > > > Cookie got anything to do with it?
>
> > > > On 1月16日, 午後5:44, AD7six <[EMAIL PROTECTED]> wrote:
>
> > > > > On Jan 16, 6:15 am, Kyo <[EMAIL PROTECTED]> wrote:
>
> > > > > > I currently use two Cake applications (beta 1.2) for my project but
> > > > > > I'm wondering if there is any way to sharesessiondata between those
> > > > > > two applications. Both applications have database sessions.
>
> > > > > Use the same db for both? It's pretty much what db sessions are for.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
