Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PHP Session won't authenticate link in Outlook email 1

Status
Not open for further replies.
badcoder7

badcoder7

Programmer
Aug 9, 2012
5
US
I have a PHP script that sends an email to a user. The email contains a link back to the PHP application (a custom web-based office management suite).

The office manager app requires a valid PHP session before it'll serve up the page that the email linked to (or indeed, any page).

With an active session in the office manager app, I can click the email link in my Outlook email and my default browser (Chrome 21.0.xxxx) takes me straight to the page without requiring authentication.

When my client clicks the same link (also Outlook/Chrome), his active session refuses to serve the page and dumps him back at the login page. His original session is still active, i.e. other windows on the app continue to function.

The session code looks pretty dead simple, though I don't work with a lot of session code:

<?php
ini_set( "session.bug_compat_warn", "off" );
session_start();

if ($_SESSION['user_id'])
{
header("Location: index.php?error=$error_code");
}
?>

I have verified that Outlook is passing the correct URL to Chrome by dumping $_SERVER["REQUEST_URI"] to a logfile at the top of the session handler.

Any thoughts?
 
Sort by date Sort by votes
unless you have specified transid, the session management will be done by cookies. outlook won't be using the same cookie store as a browser. so you won't have an authenticated session.

and you cannot guarantee that a link clicked in outlook will open in the same browser that the user had created a session with.

so you will have to encode the session ID into the url.
Code: 
$url = "[URL unfurl="true"]http://www.example.com?"[/URL] . SID;
 
Upvote 0 Downvote
This turned out to be a cookie issue. I always accessed the site with and that's how the link in the email reads. Turns out my client always logs into sitename.com (no www) and his valid session cookie for sitename.com wsn't valid for the emailed URL Once I had the client update his bookmark and start logging in to it worked perfectly.
 
Upvote 0 Downvote
Or generate the cookie from the domain name without the www. Why make the client do something that a developer can remedy?
 
Upvote 0 Downvote
Good point, but don't know how to do that... never had to dig very deeply into sessions.
 
Upvote 0 Downvote
php session reference
setting cookie parameters

you can change the cookie domain in php.ini or in code. A sample code snip would be as below. this must be included on every script instance before the cookie is set.

Code: 
if(session_id() == ''):
 $params = session_get_cookie_params();
 $params['domain'] = ".mydomain.com"; //note the prepended dot.
 session_set_cookie_params($params['lifetime'],  $params['path'],$params['domain'],$params['secure'],$params['httponly']);
 session_start();
endif;
 
Upvote 0 Downvote
It took me awhile to get back on this issue but I wanted to thank you for the session code. It worked perfectly!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

cdlvj
  • Question
PHP Debugging
Replies
0
Views
99
cdlvj
cdlvj
EdLentz
  • Locked
  • Question
Partial link in email
Replies
1
Views
202
spamjim
spamjim
R
  • Question
How Can I Use MySQL To Send Data To An Email
Replies
1
Views
236
Chris Miller
Chris Miller
SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
365
SashaBuilder3
SashaBuilder3
PeDa
  • Locked
  • Question
Unwanted spaces in php HTML mail 1
Replies
4
Views
306
PeDa
PeDa

Part and Inventory Search

Sponsor

Back
Top