[danny_kay1710]

I am trying to use the functionality of an ASP.NET web application which uses some native .NET libraries in PHP however I am curious to know how PHP handles sessions.

$client = new SoapClient ($wsdl);
$client->CheckUser(array("username"=>"admin", "password"=>"pass");
echo "Success!";

Now in .NET I would use:

CookieContainer c = new CookieContainer();

Authentication auth = new Authentication() // The web service object
auth.CookieContainer = c;

auth.CheckUser("admin", "pass");

The CookieContainer takes care of persisting the session - how would I achieve this same thing in PHP?

Any help would be greatly appreciated.

[Dormilich]

check out the manual entries about sessions

to make it short. PHP uses a SuperGlobal ($_SESSION) to save data, which is available after starting the session (calling session_start(), please refer to the manual for further details)

[danny_kay1710]

I know how to use the $_SESSION[''] variable however how not it in this context.

I am using this function to login to the web service. In .NET without the CookieContainer I could log in and then on the next line call another function but I would no longer be logged in because the session would have been discarded.

How do I store the session information from a SoapClient and ensure that it is used in future calls?

Does this make sense?

[EDIT]
Just to clarify I am wanting to keep and store the session info about the ASP.NET web service within the PHP script (similar to what you have to do in .NET) - this isn't about storing session data between PHP and the client.

This post has been edited by danny_kay1710: 20 August 2010 - 05:59 AM

[JackOfAllTrades]

I can only tell you how we do it in our app. The session ID is saved in the cookie sent to the browser on login, and this is passed to each and every SOAP call that's made. However, that's communicating with a non-Windows/.NET system, so I don't know how viable it is.

[danny_kay1710]

The bigger problem really is that I am not entirely sure how the CookieContainer works.

I could implement my own form of database based session handling between PHP and ASP.NET.

In theory if amended both the web service and PHP script to pass a Session ID which is stored in the database alongside anything else it needs to store which then in turn allowed all the info to be looked up I could achieve session like behaviour but that's not really what I want to do.

[JackOfAllTrades]

C#/ASP.NET hides the implementation details from you...that's one of the downsides obviously. The cookie container may be re-presenting the username/password on each request, which the server maps to a session. You could run client requests on Windows through Fiddler2 and see what's being passed I suppose.

[danny_kay1710]

I didn't know about Fiddler2 thanks!!

I found that an instance System.Web.SessionState.SessionIDManager of exposed a GetSessionID function which in theory would work but I would expect this to be pre-initalised somewhere but I just don't know where along with a CreateSessionID which could be useful.

Also this is a custom SessionIDManager (http://msdn.microsoft.com/en-us/library/system.web.sessionstate.isessionidmanager.aspx) which you would configure your app to use via Web.Config but the question still remains as to where the instance of this object is in the framework.

Still not quite sure how I am going to attack this one, I am also wondering if it is possible now to use a .NET dll in php directly save me having to deal with an intermediary web service and make it more secure.