When using PHP sessions, if the user's browser supports cookies, PHP sets the session id as a cookie (so far as I understand it). So when trying to use the session ID in a script, a cookie request is sent to the browser to get the ID and assigns it to the internal variable $PHPSESSID (again, so far as I understand it). My problem is this and I'm hoping someone has come up with a workaround... When I try to use the Header() function call (which I do alot to set the content type such as PDF, doc, xl, etc), I'm getting errors opening up the file due to previous headers already having been sent - namely, the header call to get the cookie value. This problem prevents me from using sessions in scripts I write to output and open up Word, Acrobat, Excel, etc. and I am finding that to be an increasing problem as it requires that I come up with a different way to access the session data and open the script up to vulnerabilities. I've tried using ob_start() and ob_end_clean() before and after the session calls hoping that it might somehow solve my problem but it doesn't. Has anyone else come up against this problem? Have you found a workaround other than come up with a different way to do the same thing as code you already have and use to access session data?
thnx, Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
