PHP session variables in Perl

[madpar3]

Hey,

Hi, I need to access existing PHP session variables(actually just one...) in a perl script?

I tried installing PHP::Session and then trying several variations of

my $session= PHP::Session->new($id);
my $id = $session->id;
my $login = $session->get('username');

But obviously that doesn't work. I hope I posted this in the right spot. I would really appreciate any and all help ASAP.

Many, Many Thanks in advance.

[bazz]

OK, until an worthy expert arrives I will suggest this: -

The session data (as required), is stored in the browser so it does not matter if it is perl or php.

so in a perl file, you need to load an existing session or load afresh.

Code:

  use CGI::Session;
  my $cgi = new CGI;
  my $session = CGI::Session->load($cgi) or die CGI::Session->errstr;

Then use the code as below, to get the data you need.

Code:

my $var = session->param('parameter');

where parameter is the name given to the session value when it was stored.

If you are wanting perl to load an existing session OR to cretae anew one the new need to use the line as shown below

Code:

  use CGI::Session;
  my $cgi = new CGI;
  my $session = new CGI::Session($cgi) or die CGI::Session->errstr;

for perl things: look up (in cpan)
use DBI;
use Session;
use CGI;

most of it is explained there in an easy-to-get-format. ERM; why did I say easy? I found it difficult until I got more help.

bazz

[spetsacdc]

Should you use CGI::Session; or PHP::Session http://search.cpan.org/~miyagawa/PHP-Session-0.27/ ?

[spetsacdc]

Hey, I got it to work...

first, I opened my php.ini file. It was previously saving the session files in /var/lib/php5. I changed it to save it in my "tmp" directory.

Code:

session.save_path = "/tmp"

I also have:

Code:

; Name of the session (used as cookie name).
session.name = PHPSESSID

I can use my login.php page to login like normal. It creates a session variable called "user" which stores the user id. Then, if I go to my perl page it will print out the user id.

The perl code is:

Code:

#!/usr/bin/perl -w

use CGI::Carp 'fatalsToBrowser';

#try to get session username
use PHP::Session;
use CGI::Lite;
my $session_name = 'PHPSESSID'; # change this if needed

print "Content-type: text/plain\n\n";

my $cgi = new CGI::Lite;

my $cookies = $cgi->parse_cookies;
print "cookies session_name: " . $cookies->{$session_name};
if ($cookies->{$session_name}) {
 my $session = PHP::Session->new($cookies->{$session_name});
 # now, try to print uid variable from PHP session
 print "The user id is:" . $session->get('user');
} else {
 print "can't find session cookie $session_name";
}

exit;

Note: you have to have the following perl modules installed:

CGI::Lite (http://search.cpan.org/~smylers/CGI-Lite-2.02/)
and the PHP::SESSION one:
http://search.cpan.org/~miyagawa/PHP-Session-0.27/

You prolly know how to install them, but I didn't at first. Just untar them, and cd into the directory then run the following commands:

Code:

sudo perl Makefile.PL
sudo make
sudo make install

Hope that works for you

[spetsacdc]

Actually the above has a problem...I'm not sure how to fix it.

Code:

if ($cookies->{$session_name}) {

checks to see if there is a cookie "PHPSESSID" to find the session name. If a user is logged in, and is logged out for some reason, and clicks the link/button to run the perl script, the cookie will still be there (you can't delete the php session cookie...only when the user closes their browser).

So the following line gives an error:
my $session = PHP::Session->new($cookies->{$session_name});

[dizee]

Hello - After setting the session variable in the Perl, how do I get it from the PHP? It seems to be setting just fine, but when I go to the PHP, it's not in my $_SESSION variables.

Thanks!

[bazz]

welcome to CF.

Re-read this thread because it answers your question. if your session data is being stored by one language (php) and not retrieved by perl (or the other way around), make sure each session data is being stored in the same dir.

see post #4

bazz

[mlcprs]

I'm using the approach suggested in this thread to access php session variables from a perl cgi script. I've got it working on my local Apache server, but on a client's server which is a VPS (Virtual Private Server) running Apache 2.2 the perl script can't open the session variable file that php saved in /var/lib/php5. The owner is www-data, which is the Apache user, and it has RW permission for owner only. The same situation exists on the local server, but it doesn't have a problem.

Might this be because the VPS is imposing some kind of additional permission constraint? Could it be something to do with suEXEC? I'm not familiar with a VPS and don't know how it affects things.

Does anyone have any advice? E.g. could I tell php to save it somewhere in the web tree, by creating a folder there owned by www-data?
Regards,
Peter

[doobiest]

Quote:

Originally Posted by spetsacdc

Actually the above has a problem...I'm not sure how to fix it.

Code:

if ($cookies->{$session_name}) {

checks to see if there is a cookie "PHPSESSID" to find the session name. If a user is logged in, and is logged out for some reason, and clicks the link/button to run the perl script, the cookie will still be there (you can't delete the php session cookie...only when the user closes their browser).

So the following line gives an error:
my $session = PHP::Session->new($cookies->{$session_name});

Same for me, did you figure it out yet? From what I gather:

-perl gets a list of cookies from the client
-parses it looking for a match
-it does find a match, even though the session is expired the cookie is on the client
-perl looks for the session for in php's session dir
-the file doesnt exist as the session was destoryed/expired
-apache prints this log because of that file missing
[Wed Nov 04 13:23:43 2009] [error] [client 208.65.73.103] /tmp/sess_e471eaf0fe142c...78470: No such file or directory at /var/www/doobiest/perlses.pl line 13

-perl script dies, where what I'd really like it to do is say the file wasnt found, thus invaliding the login process for the client.


Any help would be appreciated.

[doobiest]

OK I figured it out.. that was quick :P

The problem here is that, YES we are successfully finding the cookie on the client, and YES we are getting the hash for the session name. But NO we arent checking to see if the file exists before trying to open it, we just simply try to open it. Here's a fix, basically after getting the session hash, check if exists, if it does THEN execute the code to get the username etc. For me I dont use it, seeing a hash on the client that matches a hash on the server is good enough for me, as it's a single user, private site.

Code:

#!/usr/bin/perl -w

use CGI::Carp 'fatalsToBrowser';

#try to get session username
use PHP::Session;
use CGI::Lite;
my $session_name = 'SESHUNNAME'; # change this if needed

print "Content-type: text/plain\n\n";

my $cgi = new CGI::Lite;
my $cookies = $cgi->parse_cookies;
my $file=$cookies->{$session_name};

if (-e "/tmp/sess_$file") 
{print "File exists!";}
else 
{print "File does not exist.";}

#Put this stuff in the 'File Exists' portion.
#if ($cookies->{$session_name}) { #this line isnt required any longer. we dont care if the cookie exists, we care if the cookie's hash matches a server session
# my $session = PHP::Session->new($cookies->{$session_name});
#  # now, try to print uid variable from PHP session
#   print "The user id is:" . $session->get('user');
#   } else {
#    print "can't find session cookie $session_name";
#    }

#    exit;