Building a Simple Search Engine with PHP
Subject:   Passing session id through fopen
Date:   2005-03-20 22:42:59
From:   TennisOne
Thanks for the article. I am attempting to use it for our website. The populate.php script which executes the fopen passes in the URL to an article on our website. Every article on our website ensures that the user accessing the article is a member. I am executing the populate.php script as a member, however, when I execute the fopen call I lose all of my session information and get redirected to a join page because the article page does not think that I am a member.

Is there a way for me to pass session information via the URL even though

session.use_trans_sid = 0

in my php.ini file. Which I believe from a security standpoint is the right thing to do.

I tried passing my session information by defining

$url_with_sid = $url."?PHPSESSID=".session_id()
if (!($fd = fopen($url_with_sid, "r"))

Unfortunately the fopen fails with "failed to open stream: HTTP request failed!"

I can define the url with a query string parameter such as

$url_with_sid = $url."?hello=world";

And this works fine. Consequently, the fopen is not allowing the PHPSESSID query string parameter to be passed. Any thoughts or ideas would be greatly appreciated.