I am trying to use the session data in xoops_session from another application which doesn't create instances of the XOOPS classes or framework.

I notice that the sess_data is serialized, but only to a point. It seems to be missing the initial data about the first level of items in the array. It works within xoops, but obviously I cannot easily unserialize it.

Can anyone offer insight as to why it is stored this way, and how to read it in other apps. I have been reading through the classes, but am not seeing anything obvious towars this.

--
Wicked

It looks like the content of sess_data is created by the PHP session handling functionality, not by Xoops.

Xoops sets up the handlers using the PHP function session_set_save_handler() in include/common.php, referencing the class methods defined in kernel/session.php. Then XOOPS gets/sets the session variables through $_SESSION.

If you don't want to manually parse the data, you might be able to make use of PHP's session handling in a similar way to extract the variables.

Seems to be the case. I tried what you suggested and it did work, but it does a pose a problem, because now I need to reset the session handlers again, not a big deal if your using custom handlers anyway.

The below was a quick fix for me at the moment:
$sd = someFunctionToGetSessionData();
//returns the field from the db

function read($id){global $sd; return $sd;}
function open($save_path, $session_name){return(true);}
function close(){return(true);}
function write($id, $sess_data){return true;}
function destroy($id){return true;}
function gc($maxlifetime){return true;}
session_set_save_handler("open", "close", "read", "write", "destroy", "gc");
session_start();
$data = $_SESSION;
session_destroy();

The difference between the two for those interested is that php seems to save:
xoopsUserId|s:1:"2";xoopsUserGroups|a:5:{i:0;s:1:"2";i:1;s:1:"4";i:2;s:1:"5";i:3;s:1:"6";i:4;s:1:"7";}xoopsUserTheme|s:11:"7dana-clean";

Where a true serialize saves something like :
a:3:{s:11:"xoopsUserID";s:1:"2";s:15:"xoopsUserGroups";a:4:{i:0;s:1:"2";i:1;s:1:"4";i:2;s:1:"5";i:3;s:1:"7";}s:14:"xoopsUserTheme";s:11:"7dana-clean";}

I wonder why the session handler isn't using serialize for saving inside php... I'll post with them.

Thanks for the followup. You gave me an excuse to learn a bit more about Xoops' session handling, which was something I had to do sooner or later anyway.

If you find out why the session data is saved in that manner, please post the answer here. My guess is "backward compatibility".

I've started a thread over at zend. I found another way around it, but not a clean solution. It seems php serializes each item in the $_SESSION, instead of $_SESSION as a whole.

You can decode strings directly into $_SESSION via session_decode, but I have not found a clean way of putting it into an array, short of creating my own php function in the php src.

Thread at zend:
[https://www.zend.com/phorum/read.php?num=3&id=30971&loc=0&thread=30971]

I'll post again if anything else comes about.