Using Session Cookie?

Using Session Cookie?

by Wayne Lee -
Number of replies: 4

Ive written a php web site that is acessed through moodle. Its designed for the students to use to view their details we have stored against them. We have our moodle site using LDAP. and from this I'm assuming a session cookie is created?

I want to call and use this session cookie to use on my added site as again i'm assuming the session cookie is storing the students username etc, which I can then hopefully use to query the database.

Does anybody know what the cookie is called and what the variables within the cookie are called? so I can use it like the following:-

<?php #call for cookies
 $auth = $_COOKIE['auth'];
 $student_id = $_COOKIE['student_id'];
 header("Cache-Control:no-cache");
 if(!$auth == "ok")
 { header("Location:../index.php");
 exit();
 }
?>

Failing that does anybody know how I can carry the parameters from moodle and use them in a new cookie that I create?

Many Thanks

Average of ratings: -
In reply to Wayne Lee

Re: Using Session Cookie?

by Wayne Lee -

Sorry need to make how can I carry the parameters from moodle and use them in a new cookie that I create? a little clearer.

If you set the parameters to be passed to another page from the edit resource, its going to pass them across through the url. I dont want this, I want the data to be passed without the knowledge of the user. The reason? because if you send data like username across the url it opens itself to hacking.

Its being sent via "GET" is there anyway it can be changed to "POST"?

Many thanks

Average of ratings: -
In reply to Wayne Lee

Re: Using Session Cookie?

by David Hicks -
Hello,

I assume you've written some code that's completly seperate from Moodle and that queries your MIS for information about a given student. Might this functionality do better as a Moodle block (a Moodle extension)? That way, you know the user is already authenticated, you have their username ready in a PHP variable, all you have to do is send some queries to your MIS and display the results. This, of course, assumes that you have admin access to your Moodle install and can install new blocks. If you don't have direct access to install new blocks, can you develope on a test server and ask whoever runs your system nicly to install your new block?

--
David Hicks
Average of ratings: -
In reply to David Hicks

Re: Using Session Cookie?

by Wayne Lee -

I have written the code seperately from moodle, I considered the block option but, we want it to carry out alot of functions and to look and act a little differently to moodle, we just want it accessable from inside moodle (as moodle will also force login if they try to access it). I think I may have solved the problem I was having, I have used a script that accepts the variables via the get method within the address bar places them into a cookie and then redirects to the index page of my new site, which calls for the cookie (which all happens instantly and no deatils are ever seen in the url). If the user tries to access my index page directly(typing path into url) the cookie will not be present and it will then direct them to the moodle login page where they will be asked to login.

cheers

Average of ratings: -
In reply to Wayne Lee

Re: Using Session Cookie?

by David Hicks -
Okay, sounds like you're sorted out with a solution. In the past, I've programmed extensions as "a block" for Moodle, but with the block display code just containing a link to a seperate PHP page in the block's directory. This page then includes the standard Moodle library files but doesn't call the print_header / print_footer functions, it simply does all page output itself. You might find this a handy way of having access to Moodle's facilities whilest basically producing a seperate piece of code. Sounds like your solution works alright, though!

--
David Hicks
Average of ratings: -