I'm developing flex app, with amfphp backend. There's needed a way to check whether a user making request is logined. I try to do it with help of php sessions (BTW: maybe you'll advice a better way). As flash player do not pass PHPSESSID I have to pass it myself. The trouble here that I cannot controll post params dirrectly (as I'm working through RemoteObject). Is there a simple way to pass PHPSESSID?
Thank you in advance!
Just request remote URL's with the session id as a request parameter and call session_id(); before session_start(); to set the session to the requested session.
E.g.:
<?php
session_id($_REQUEST['PHPSESSID']);
session_start();
To prevent hijacking of sessions I usually add some encryption to the session_id which is reversible and I use a non standard request parameter.