[TYPO3-dev] Session Fixation "Feature" -> breaks Session Handling
Armin Günther
armin.guenther at augusta.de
Thu Mar 26 12:22:25 CET 2009
Steffen Ritter wrote:
>
> AFAIK you have to explicitely save into the session after setKey, for
> anonymous users, for logged on it should work automatically.
>
> This is what I get rom "Session troubles" topic from 23.03.2009,
> Sebastian van Parijs and corresponding answers.
>
> Have a look at it...
>
> regards
>
> Steffen
> _______________________________________________
>
Steffen, thanks a lot! You and a more thorough
<ende?lp=ende&p=thMx..&search=thorough> look into the source pointed me
to the right direction.
For those struggling with the same problem the steps for anonymous users
(but with $GLOBALS["TSFE"]->fe_user->id / session cookie set) are:
(1) $GLOBALS["TSFE"]->fe_user->fetchSessionData()
to read session data (if any) from table fe_session_data into variable
$GLOBALS["TSFE"]->fe_user->sesData
<tbl_structure.php?db=usr_p24275_1&server=1173&token=2c0d641afc0ad7014c733acbad6e8159&table=fe_session_data>
(2) $GLOBALS["TSFE"]->fe_user->getKey('ses',someKey)
to select some data from array $GLOBALS["TSFE"]->fe_user->sesData
<tbl_structure.php?db=usr_p24275_1&server=1173&token=2c0d641afc0ad7014c733acbad6e8159&table=fe_session_data>
(3) $GLOBALS["TSFE"]->fe_user->setKey('ses',someKey,someData)
to write some data to array $GLOBALS["TSFE"]->fe_user->sesData
<tbl_structure.php?db=usr_p24275_1&server=1173&token=2c0d641afc0ad7014c733acbad6e8159&table=fe_session_data>
and set sesData_change flag to 1
(4) $GLOBALS["TSFE"]->fe_user->storeSessionData();
to write data back from $GLOBALS["TSFE"]->fe_user->sesData
<tbl_structure.php?db=usr_p24275_1&server=1173&token=2c0d641afc0ad7014c733acbad6e8159&table=fe_session_data>
to table fe_session_data
<tbl_structure.php?db=usr_p24275_1&server=1173&token=2c0d641afc0ad7014c733acbad6e8159&table=fe_session_data>
if sesData_change flag is set
What puzzled me was that in former times -- 4.1.2 -- the first and last
step were not required at least when using the built-in shopping basket
(someKey='recs'). As pointed out before this should be documented in
http://typo3.org/documentation/document-library/core-documentation/doc_core_tsref/4.2.0/view/1/14/
Best wishes
Armin
<tbl_structure.php?db=usr_p24275_1&server=1173&token=2c0d641afc0ad7014c733acbad6e8159&table=fe_session_data>
More information about the TYPO3-dev
mailing list