By yuniar on

Hi, I've been searching a lot of posts in this forum. It seems that lot of people having the same difficulties to access drupal session from outside script.

What I would like to do is to integrate the session from drupal into other script, so user don't need to login to enter that script.

Isn't there any official way to do this? to share session?

I found this is difficult, since drupal stores all session data into database, which is good for security though.

The only solution I can think of atm is to share the session id to the outside script, and then doing a query to the database for that id. But isn't it a bit cumbersome?

I'm sorry if this question is already asked by a lot of other people. but I can't found the answer yet :(

Best regards.

Comments

Michael Hofmockel’s picture

Michael Hofmockel commented

I use this bit of code stolen from 'index.php' in Drupal core.


require_once './includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);

This basically loads drupal with no content. Then I add my code below and refer to the user as '$user->uid'.

HofMonkey
Open-Source | Open-Access | Open-Mind

mounte’s picture

mounte commented

This method doesnt work for me when I try to require and call bootsrap from within sites/all/modules/mymodule using something like:

<?php
require_once '../../../../includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
?>

is there a way to make this work

jbernat’s picture

jbernat commented

I have a similar need. I am trying to integrate Open Flash Charts into my Drupal site. The Flash SWF opens a URL to fetch the data to chart, and I intend to pass the data behind the scenes via the session (instead of a bloated URL querystring). Only an hour ago I discovered that what I store into the $_SESSION in a Drupal page using the "PHP" content type is not available to a plain-vanilla PHP script's $_SESSION. (I have confirmed the session is working in the drupal page by implementing a simple session-based counter.)

I have tried mhofmockel's suggestion, but then my script returns an empty response to the charting SWF.

My external PHP script is in a folder called "charts" one level down from the root, so I tried both of the following to no avail:

require_once '/includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);

require_once '../includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);

I see mhofmockel's post is from back in 2006, and I am running Drupal 5.2, so I am wondering if I need to do something different?

Many thanks,
Jim

compound interest chart

nevets’s picture

nevets commented

I was actually going to try try this but can not get Open Flash Charts to run under windows.

My though is why not just set up a menu path within Drupal? The way $_SESSION should work without a problem.
The callback instead of returning something would end with

print $g->render();
exit();
jbernat’s picture

jbernat commented

nevets,

Your suggestion is certainly worth a try. I'll give it a shot when my mind is a little fresher.

Regarding your difficulty, do you mean you could not get the charts working under windows on the client or on the server side? My site is hosted on linux, and my flash interest charts display fine in windows, linux and mac clients.

planning for retirement savings

nevets’s picture

nevets commented

I try including the php files shown in the samples. If I add a print statement I can see it is including the correct file but the function or class is not defined. But if I copy the php from the source file and replace my include with the actual code it works. It is late, my mind is fuzzy and I for the life of me can not figure out what the deal is. I am running Windows XP with IIS if it matters.

jbernat’s picture

jbernat commented

nevets,

Yes, your symptoms do sound unusual. The kind that keep you guessing. I got mine working, and posted my solution here. Maybe you can cut and paste my code and see if it works on your site...

Jim Bernatowicz

shafiqhossain’s picture

shafiqhossain commented

I got a similar problem with my project based on drupal 4.7, where i was worried how to secure my popup pages which are not drupal modules. I did a little study and found that the problem is related to includes files which drupal did directly reference from the root directory. For that reason bootstrap.inc can't be included from other directory.

What i did:

1. I have created an .inc file where i have declared a constant to where my local site is reside. like:
define("ALTERNATE_URL", "tdcr");
2. Then i copy the following drupal files into different file:
bootstarp.inc ----> bootstarp2.inc
database.inc ----> database2.inc
theme.inc ----> theme2.inc
common.inc ----> common2.inc

3. Now where ever there are some include / require_once command, change it with a variable name before which is a global variable (on the copied files). Like

global $alternate_path;
require_once $alternate_path.'includes/path.inc';
require_once $alternate_path.'includes/theme2.inc';
require_once $alternate_path.'includes/common2.inc';
require_once $alternate_path.'includes/unicode.inc';

4. I did change a little in the bootstrap2.inc file of conf_init() function. Here is the code;

function conf_init() {
global $db_url, $db_prefix, $base_url, $base_path, $base_root, $conf,$alternate_path,$alternate_url;
$conf = array();
require_once $alternate_path. conf_path() .'/settings.php';

if (isset($base_url))
{
// Parse fixed base URL from settings.php.
$parts = parse_url($base_url);
if (!isset($parts['path']))
{
$parts['path'] = '';
}
$base_path = $parts['path'] . '/';

// Build $base_root (everything until first slash after "scheme://").
$base_root = substr($base_url, 0, strlen($base_url) - strlen($parts['path']));
}
else
{
// Create base URL
$base_root = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https' : 'http';
$base_url = $base_root .= '://'. $_SERVER['HTTP_HOST'];
//$base_url = $base_root .= '://'. $alternate_url;

//if ($dir = trim(dirname($_SERVER['SCRIPT_NAME']), '\,/'))
if ($dir = trim($alternate_url))
{
$base_path = "/$dir";
$base_url .= $base_path;
$base_path .= '/';
}
else
{
$base_path = '/';
}
}
}

5. Now the final part. I write the code in each non-drupal php file like this:

include_once('../../../includes/tdcr.inc');

$alternate_path = "../../../";
$alternate_url = ALTERNATE_URL;
require_once '../../../includes/bootstrap2.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);

global $PHP_SELF,$user;
$connect_url = $db_url;
$conn=db_connect($connect_url);

if(!$user->uid)
{
echo "Please login first.";
return;
}

Note that my popup php file is 3 level down from the root.
I did not check in detail but with this code i can share the sessions as well as global variables.

Thanks

mudassarahmad’s picture

mudassarahmad commented

Hi,

I got a similar problem with my project based on drupal 6.3, where i was worried how to secure my applicqtion pages which are not drupal modules.
I am working on drupal and my other application is separate in difference directory structure.I can not access my session variable in druapl and warning show header output start
already.I see you code and add on my directory but i am unable to fine the solution.

please help me fine solution.

Thanks,

Mudassar Ahmad