Clash of session variables - 2 windows, same or different application

(This is a bit like the recent thread "PHP Switching Sessions".)

I use session_start(). When I open my web-based application in two windows
on the same system, there's a definite clash; I can't do two independent
sessions because the session variables are shared. I solved that
the easy way, by not opening two windows. But then I went on to write
more applications, and found that if I use the same variable names
(for session variables) in different applications I get that same
clash. That I couldn't live with. Now I do this;

session_name ("name_of_application");
session_start ("");

which seems to protect the applications from each other. Questions:

1) Is this likely to really work? It seems to, but I could just be
testing it badly.

2) Is this likely to cause nasty side-effects, like giving every
user (on different computers) access to the same named session?
It looks OK so far, /var/lib/php4 still has random-looking
filenames; I was afraid the session files would be named
"name_of_application".

3) If this works, what about the case where both windows are the same
application? I can't just use "name_of_application", and I can't
just use a random session name since the various php files wouldn't
know the session name. I considered passing the session name
in the URL, but that could cause a problem if a page other than
the base page is bookmarked.

Any thoughts?

David

>I use session_start(). When I open my web-based application in two windows
>on the same system, there's a definite clash; I can't do two independent
>sessions because the session variables are shared. I solved that
>the easy way, by not opening two windows. But then I went on to write
>more applications, and found that if I use the same variable names
>(for session variables) in different applications I get that same
>clash. That I couldn't live with. Now I do this;
>
> session_name ("name_of_application");
> session_start ("");
>
>which seems to protect the applications from each other. Questions:

session_name sets the name of the cookie used for the session ID.

>1) Is this likely to really work? It seems to, but I could just be
> testing it badly.

Yes, assuming cookies are turned on. If cookies are not turned on,
(and you're using trans_sid or manual methods to pass the session id
in the URL), you won't be able to have multiple sessions for different
applications simultaneously open (Unless you somehow manage to pass
*ALL* of the session IDs in the URL). Going to pages for APP B
will lose the session ID for APP A. If cookies are on, going to pages
for APP B should not lose the session ID for APP A.

>2) Is this likely to cause nasty side-effects, like giving every
> user (on different computers) access to the same named session?

No.

> It looks OK so far, /var/lib/php4 still has random-looking
> filenames; I was afraid the session files would be named
> "name_of_application".

No, but take a look at the cookies for that site on the browser.

>3) If this works, what about the case where both windows are the same
> application?

Under what circumstances do you need multiple instances of the same
application operating independently? Data for this might better
be passed around by GET or PUT. Oh, yes, the cookie database on the
browser may not be different for different windows of the same browser.

>I can't just use "name_of_application", and I can't
> just use a random session name since the various php files wouldn't
> know the session name. I considered passing the session name
> in the URL, but that could cause a problem if a page other than
> the base page is bookmarked.

Gordon L. Burditt