Session Management

Are you using LiveCode to create server scripts or CGIs?

Moderators: Klaus, FourthWorld, heatherlaine, kevinmiller, robinmiller

Post Reply
MrWizard.
Posts: 32
Joined: Tue Apr 17, 2012 3:31 am

Session Management

Post by MrWizard. » Wed Jul 24, 2013 3:51 am

Does anyone have a working examples of session management ?

I have attempted to use the 'start session' and $_SESSION as referenced in the documentation have encountered issues and the documentation seems week.

Questions;
- How do you test if a session is already active?
- In a given dynamic html page, do you need to open with 'start session' and close the page with a 'stop session' ?
- How do you set developer defined key/value pairs?
- Is there a list of $_SESSION keys exposed to the developer?
- Are any other $_ arrays exposed like; $_ENV or $_COOKIE

Thanks,
E

icouto
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 92
Joined: Wed May 29, 2013 1:54 am
Location: Sydney, Australia

Re: Session Management

Post by icouto » Wed Oct 09, 2013 4:34 am

I have just started playing with sessions myself. I'll try to answer some of your questions, but others more knowledgeable than me might have better answers...:
MrWizard. wrote:- How do you test if a session is already active?
Unless you have explicitly started a session (with "start session"), then there is no active session.
- In a given dynamic html page, do you need to open with 'start session' and close the page with a 'stop session' ?
The "stop session" command is used to save the session data to disk. You will usually call it after adding some data to the session array - not necessarily when the user is closing or leaving a page.
- How do you set developer defined key/value pairs?

Code: Select all

put "value" into $_SESSION["key"]
- Is there a list of $_SESSION keys exposed to the developer?
All the keys in $_SESSION.
- Are any other $_ arrays exposed like; $_ENV or $_COOKIE
Yes, there are several - like $_COOKIE, $_POST, $GET, $_SERVER and more. Go to the API page, and do a search for "$_":
http://livecode.com/developers/api/6.0.2/

I hope this helps!

I have some session questions of my own, which I have not been able to find answers for anywhere in the documentation, such as: is there any XSS protection built-in? - i.e., is the session owner's authenticity verified solely by a cookie id, or does the session handler also check things like IP address and browser agent?

sturgis
Livecode Opensource Backer
Livecode Opensource Backer
Posts: 1682
Joined: Sat Feb 28, 2009 11:49 pm

Re: Session Management

Post by sturgis » Fri Oct 10, 2014 1:28 am

You can find a very simple session example here: http://forums.livecode.com/viewtopic.ph ... ion#p50034

Post Reply

Return to “CGIs and the Server”