0

Currently my iOS app was retrieving data from the server which built using PHP + MYSQL through JSON, then in my PHP I tried to echo the session_id(). My app was using NSURLConnection sendAsynchronousRequest to communicate with PHP.

I tried request the same URL for 3 times, the returned session id will be in different value, I had included session_start() in my PHP as well.

But if I run the URL in browser, no matter how many times I run it the session id will always be the same.

Here is my iOS request code:

NSString *newURL = @"http://www.example.com/index.php?value=getData"];
NSURLRequest *urlRequest = [NSURLRequest requestWithURL:[NSURL URLWithString:newURL]];
[NSURLConnection sendAsynchronousRequest:urlRequest queue:[NSOperationQueue mainQueue] completionHandler:^(NSURLResponse *response, NSData *data, NSError *error){
            if ([data length] >0 && error == nil){
                NSDictionary *myDict = [NSJSONSerialization
                                                JSONObjectWithData:data
                                                options:kNilOptions
                                                error:&error];
                NSLog(@"%@", myDict);
            }
        }];

Please help. Thanks.

Ping
  • 339
  • 7
  • 18
  • I think some code would greatfully help us understand your misshapen.. – MoshMage Sep 26 '14 at 08:33
  • When you make a request to the PHP site and the session starts, it usually sets a cookie. Are you capturing that cookie in a cookie-jar in your ios app and using it in the subsequent request? – Latheesan Sep 26 '14 at 08:35
  • Unless you are using webviews in your iOs app(and maybe even then) I would recommend against using php sessions.. Why don't you try to make your API RestFul instead? – montexristos Sep 26 '14 at 08:37
  • @MoshMage already added with my iOS code. Thanks. – Ping Sep 26 '14 at 08:37
  • @Ping take a look at this: http://stackoverflow.com/questions/2053568/managing-http-cookies-on-iphone – Latheesan Sep 26 '14 at 08:38
  • @LatheesanKanes Nope I didn't store cookie from the server in my iOS app, I thought it's not necessary as session should retain through out the app? – Ping Sep 26 '14 at 08:39
  • @montexristos I'm using RESTful I guess? Now I want to retain the session in my PHP not iOS. – Ping Sep 26 '14 at 08:47
  • see [link]http://stackoverflow.com/questions/3105296/if-rest-applications-are-supposed-to-be-stateless-how-do-you-manage-sessions on what is statelesness of REST. Actually I don't know the concept of your app and why you want to keep the session server side but if you need to, forget my comments – montexristos Sep 26 '14 at 09:05
  • @LatheesanKanes Thanks for the link, but as I read through the NSURLConnection will automatically sends any stored cookies, but I still don't understand why my session id will be different everytime? – Ping Sep 26 '14 at 09:06
  • @montexristos Oh sorry I misunderstanding the meaning of RESTful already, so using access token will be one of the RESTful approach right? – Ping Sep 26 '14 at 09:10
  • If you have user authentication, yes using an access token is a great start :) – montexristos Sep 26 '14 at 09:17
  • @montexristos Okay noted, but I still wished to find a way that able to retain the session in PHP throughout the app. Thanks for your suggestion anyway. :) – Ping Sep 26 '14 at 09:25

2 Answers2

2

I had a similar problem here (in a webview).

Try to increase the Lifetime of your Session Cookie in your PHP File.

// Start session
session_start(); 

// Extend cookie life time by an amount of your liking
$lifetimecookie = 30 * 24 * 60 * 60; // A month 
setcookie(session_name(),session_id(),time()+$lifetimecookie);
derdida
  • 14,784
  • 16
  • 90
  • 139
0

You have to understand how PHP is keeping the session on the server side. It is done by sending back cookie to the client (PHPSESSID). This cookie is then sent back to the server with every new request BY YOUR BROWSER.

But, you are NOT using a browser but connection object. You need to keep the returned session id on the client side and send it back to the server with every new request. This is done via headers. Response from the server will contain Set-Cookie and you need to send the session id cookie with a Cookie header.

Jadran Josimovic
  • 86
  • 4