Apache Module development: PHP SESSION access
https://stackoverflow.com/questions/11916991
-
25-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am trying to develop an Apache 2 module that, among other functions, should intercept certain POST variables, and then establish a PHP session underneath, setting all the relevant session variables.
One option I've considered was using cookie libraries to set the PHPSESSID in the request, and then insert all these values in the $_SESSION associative array.
Problem is I can't seem to find an API for the PHP, and my suspicions that these values actually lie underneath, in the Apache server itself, are currently unfounded.
Does anyone know if this is even possible? Or even if I am overlooking a simple workaround that would work?
Solution
I eventually decided to write a PHP extension, alongside another handler on my Apache Module, since I prefer to parse some POST vars there.
The module will "chew" the data that needs to be saved to the session, and pass it off as new POST variables, after criptografically validating the data. The PHP extension will then start a new session, and set each item as a Session variable.
This assumes my module will run before the PHP module itself. In case that doesn't happen, I will have to handle the validation on PHP, or try to force the handler to run before PHP somehow.
