1

I'm really lost here while trying to send a session with my jquery ajax post call, here is a simplified example of my code.

File fom which request is sent:

<?php session_start(); $token = md5(rand(1000,9999)); $_SESSION['contactToken'] = $token; ?> <script type="text/javascript"> $.post(ContactUrl,{req:"contact_sub",tok:"<?php echo $token; ?>"},function(contactAns){ alert(contactAns); return false; }); </script>

File request is sent to:

<?php if(@isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']=="url"){ if( isset( $_SERVER['HTTP_X_REQUESTED_WITH'] ) && ( $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' ) ){ session_start(); $token = $_POST['tok']; $sess_token = $_SESSION['contactToken']; if($token == $sess_token){ echo "sessions match"; exit(); } else{ echo "sessions does not match"; exit(); } } else{echo "error"; exit();} } else{echo "error"; exit();} ?>

At first the session was not getting recognized, I made all the checks - made sure it was setup in the first place made sure it was posted, declared session start on both pages, never the less if i tried to do this on the second file:

<?php session_start(); $token = $_POST['tok']; $sess_token = $_SESSION['contactToken']; print_r($_SESSION['contactToken']); exit(); ?>

I would get an empty alert. Then I transferred the session start to the top of my script on the second page and started getting a value for the session:

<?php session_start(); $sess_token = $_SESSION['contactToken']; if(@isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']=="url"){ if( isset( $_SERVER['HTTP_X_REQUESTED_WITH'] ) && ( $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' ) ){ $token = $_POST['tok']; echo "$token, $sess_token"; exit(); } else{echo "error"; exit();} } else{echo "error"; exit();} ?>

And what I'm getting now is that the posted variable changes each time I refresh the page but the $sess_token always gives me the same value: 0589dd536fd043ff3865f8223fef3030

I really dont understand this wierd behavior, can some one please assist me with this?

Improve this question
13
  • 3
    are you mixing PHP and jQuery in your first code? o.0 session_start(); $.post(ContactUrl,{req:"contact_sub",to~~ Commented Sep 8, 2015 at 1:13
  • no ofcourse not I just gave the an example of the code without wrapping it Commented Sep 8, 2015 at 1:21
  • 2
    @AlbertKuzmin Please wrap PHP code between <? and ?>. Commented Sep 8, 2015 at 1:22
  • 1
    What's the value of your $token js var? If its a JS var.. I believe you meant <?php echo $token; ?> Commented Sep 8, 2015 at 1:28
  • 1
    What's the output in your File request is sent to:? "Sessions match", "Sessions does not match" (check your grammar), first "error", or second "error"? What's the value for $_POST["tok"]? What about $_SESSION["contactToken"]? Commented Sep 8, 2015 at 1:42

1 Answer 1

Reset to default
4

Your problem here is that you're using a PHP var in an JS script without wraping and echoing it.. Here is your code modified:

You're also trying to contatenate with . in JS. That's from PHP too.

<script type="text/javascript"> $.post(ContactUrl, { req: "contact_sub", tok: "<?php echo $token; ?>" }, function(contactAns) { alert(contactAns); return false; }); </script>

Update

I came back to this answer again today. This is what I did:

FILE: index.php

<?php session_start(); $token = md5(rand(1000,9999)); $_SESSION["contactToken"] = $token; ?> <script type="text/javascript"> $.post("myOtherScript.php", { req:"contact_sub", tok:"<?php echo $token; ?>" }, function(contactAns){ alert(contactAns); return false; }); </script>

FILE: myOtherScript.php

<?php session_start(); $sess_token = $_SESSION["contactToken"]; if(isset($_SERVER["HTTP_X_REQUESTED_WITH"]) && ($_SERVER["HTTP_X_REQUESTED_WITH"] == "XMLHttpRequest")){ $token = $_POST["tok"]; echo $token ." - ". $sess_token; } else { echo "Not an AJAX request"; } ?>

What I get is the alert where one token is equal to the other and both are refreshed each time I reload the index.php file.

As a conclusion, your problem is not in the code you shared.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Sorry for the confusion im actually echoing the js script from the php that why its written like that I updated my code in the question - my problem is with the sessins
@AlbertKuzmin By taking and copying his answer and replacing your example with it, it affects the entire context of the question and its answers. -1
Im not replacing my code with the answer - like I said beofre I made a mistake in posting the code since in my real code im echoing the js script from server side like so: $script='<script></script>'; thats why i enclosed the php varialbe in '..' instead of <?php ?>. this was not my problem in the first place the variable was set up just fine.
Thank you my friend you are absolutly right, after making more checks I found out that I had another session_start() declared on an included page that was intefering with this one, I fixed the problem. Thank you very much!
Had the same problem and it was about where session_start() is, before, after or in the include() of the same script.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.