Menu
I've got a python/WSGI app which needs to check to see if a user has logged on to a PHP web app. The problem is that the PHP app checks if a user has logged on by comparing a value in the $_SESSION variable to a value in the cookie from the user's browser. I would prefer to avoid changing the behavior of the php app if at all possible.
My questions:
Is there anyway I can access the session variables from within python? Where should I start to look?
Are there any obvious security/performance issues I should be aware of when taking this approach?
338
If you want to get a session id, you can use the session_id function, as shown in the following snippet. session_start(); echo session_id();
The PHP session which is accessible via the global variable $_SESSION is stored on the server as files by default. Also the reference to it (called session_id ) is stored on client side as browser cookies.
PHP $_SESSION is an associative array that contains all session variables. It is used to set and get session variable values. Example: Store information.
PHP Session Start By default, session data is stored in the server's /tmp directory in files that are named sess_ followed by a unique alphanumeric string (the session identifier).
yep. session (in default) is a regular file. so all what you need is look over session directory and find file with name of session cookie value. then - you have to implement php-like serialize/unserialize and do whatever you want.
nope
153
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
