Python using PHP5 sessions

Question

My sessions are located at:

/var/lib/php5/

I have changed my PHP session handler to PHP.serialize to change the format of the session data.

Using the library phpserialize in python i am able to read the data from any php5 session. https://github.com/mitsuhiko/phpserialize

I would like to create a PHP session from python using the same algorithm PHP uses for it's session_id.

I have 2 problems.

permissions denied from file writing in /var/lib/php5/
creating the session_id

I could change the file system permissions, but that will open a hell of a lot of security holes on my server that i am just don't want to do. I would like to allow a specific .WSGI application only to access these files.

The reason i would like to use the same algorithm as PHP for the session_id is to reduce the likelihood of sessions names colliding with each other.

If a session id already exist i am able to get the current session_id by using the cookie PHPSESSID. this is no problem.

check out line 307 for php_session_create_id: https://github.com/php/php-src/blob/master/ext/session/session.c#L307

Interesting information in regards to session_id http://stackoverflow.com/a/523741/5932040 — richard grant, Feb 15 '16 at 21:49
i am willing to use php in python but not in a seperate file: http://stackoverflow.com/questions/8984287/execute-php-code-in-python — richard grant, Feb 15 '16 at 21:51

Python using PHP5 sessions

0 Answers0