PHP Sessions/Cookies On The Fly

Multiple Web Technologies for dynamic php session controlThis article shows how to save and modify php session data, cookies, do anything really... without using ajax or iframes or forcing the user make a request.

Warning: Touches on some moderately advanced web development, definately some very cool stuff though.

.htaccess mod_rewrite code

This code turns a request for to serve the file /cgi-bin/session-cookie.php - further disguising this "image".

RewriteEngine On
RewriteBase /
RewriteRule ^(.*)session.gif$ /cgi-bin/session-cookie.php [NC,L,QSA]

Using javascript

You can either put a basic img tag somewhere and it will capture this info, or if you want a dynamic way to call this image, you can do it with javascript very easily.

This code loads a new image as soon as this code is executed.. so you could quite easily add this code to be executed upon a certain button click, anything.

	var t=new Image();

The php controller

This file has some cool stuff in it, check it out. First we check to see if a session has been initialized and if not we start a session. Then we initialize an output buffer to hold all the output including the headers until we are ready to send output, the only output we will be sending is a 43 byte 1x1 white image. The code also sends HTTP headers that prevent the clients browser from caching the image, so a new request is made for the image each time a browser encounters it.

The data we will be saving in the users session file using the session variable called IMAGETEST are the entire $_GET, $_COOKIE, $_POST, and $_SERVER global variable arrays builtin to php.



header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
header("Pragma: no-cache");
header('Content-Length: 43');
header('Content-Type: image/gif');
echo $imagedata;

echo $r;

The result from requesting the php file is a session variable is created called IMAGETEST that contains a base64 encoded and gzip compressed and php serialized string representing the $_REQUEST and $_SERVER variables for that specific request.

Example Session IMAGETEST value

 [IMAGETEST] => eJy1Vm1vo0YQ/ivIUqu7Orws78ZCKrKxg842LuBE1y9ogSVBscEFnERX33/vsIDj5NK75NQqcoDd2Zln3p5ZbIjG35UhGYO5HQzG2ED9d5KVg

Decoding the IMAGETEST

So to see the values of IMAGETEST if you used my method to compress and save the data as a string, is basically to run the string through the same process backwards.


This results in displaying all the variables and data you saved.

[REQUEST] => Array
[ASKAPACHE] => 6a81995f0c4b73b4d
[MP3] => off
[subscribe_checkbox_0460e1098afa8bf8b] => unchecked
[wordpresspass_5510982bf8b] => 6555555
[wordpressuser_0559828bf8b] => youdliketoknow
[wordpress_test_cookie] => WP Cookie check

[SERVER] => Array
[PATH] => /usr/local/bin:/usr/bin:/bin
[SCRIPT_URL] => /sess.gif
[TZ] => America/Las_Vegas
[SERVER_ADMIN] => webmaster[at]
[HTTP_USER_AGENT] => Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/20080311 Firefox/
[HTTP_ACCEPT] => image/png,*/*;q=0.5
[HTTP_ACCEPT_LANGUAGE] => en-us,en;q=0.5
[HTTP_ACCEPT_ENCODING] => gzip,deflate
[HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.7
[HTTP_CONNECTION] => keep-alive
[HTTP_COOKIE] => 405485
[SERVER_SOFTWARE] => Apache/2.0.61 (Unix) PHP/4.4.7 mod_ssl/2.0.61 OpenSSL/0.9.7e mod_fastcgi/2.4.2 DAV/2 SVN/1.4.2
[DOCUMENT_ROOT] => /web/
[REMOTE_PORT] => 1857
[REDIRECT_URL] => /cgi-bin/session-cookie.php
[QUERY_STRING] => dir=
[REQUEST_URI] => /sess.gif
[SCRIPT_NAME] => /cgi-bin/session-cookie.php
[ORIG_PATH_INFO] => /cgi-bin/session-cookie.php
[PHP_SELF] => /cgi-bin/session-cookie.php
[REQUEST_TIME] => 1206697334


Simpler php example