I'm having an issue with AJAX + PHP session ID where a new ID is getting generated by the script getting grabbed via GET. I've created 2 test scripts that expose the problem:
script 1 (commented out the AJAX, but both XMLHttpRequest and $.get() yield the same result):
<?php
session_start();
ob_start();
echo('test: '.session_id());
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
</head>
<body>
<div id="test"></div>
<script type='text/javascript' src='../node_modules/jquery/dist/jquery.js?<?echo($time)?>'></script>
<script type="text/javascript">
$(document).ready(function() {
var xhr = new XMLHttpRequest()
xhr.onreadystatechange = function () {
if(xhr.readyState === 4 && xhr.status === 200) {
document.getElementById('test').innerHTML=this.responseText;
resolve('page loaded');
}
}
xhr.open("GET",'http://10.1.1.101/testLinks/test2.php');
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhr.send();
// $.get('test2.php').done(function(val) {
// document.getElementById('test').innerHTML=val;
// })
});
</script>
</body>
</html>
Script 2:
<?php
session_start();
ob_start();
echo('test2: '.session_id());
?>
Output:
test: 4occu9mq6o3c16au254grf0s56
test2: 6bk1fdbs3v2bcl9iko31s5nqp4
Looking at other threads, I've verified the php setting for cookies enabled, as well as the lifetime:
I've verified that when I include 'test2.php';
a new session ID is not generated. Only when using AJAX.
I'm not sure what else to look at here. Any suggestions appreciated.
EDIT: for clarity, I'm using JQuery 3.4.0, however, after switching to XMLHttpRequest, I don't believe it's a JQuery error, and has more to do with some configuration of PHP, but I'm not sure what.