Quoting Rob Barreca <rob@electronicinsight.com>:
Oh harro,
So an anonymous user hits http://example.com/start-building and we want them to be a full-fledged logged in user at the end of the page with no redirect to make the session stick. Yes that's right ladies and gentlemen, no drupal_goto()!
Cool idea.
The issue is, the session doesn't really stick until the next page hit, requiring a drupal_goto(). I've been doing some dumping of $_COOKIE to watchdog() and noticed that they have a different sess ID on that first hit. Then after doing a drupal_goto() they have another sess ID that ends up sticking throughout their session.
The session changes because of <code> // Even though session_write_close() is registered as a shutdown function, we // need all session data written to the database before redirecting. session_write_close(); </code> from drupal_goto().
*My question:* How would I give this anonymous user his/her legit session all in this same page hit so any AJAX calls they make from this same page (remember, no redirect!) will pass the good cookie, not this anonymous cookie (mmm, chocolate).
Does http://api.drupal.org/api/file/includes/session.inc/5 help?
Also, this triggered something in my brain about Drupal giving anonymous user's first hit a different cookie for some reason or another, but I forget exactly why. Is that related to my issue? If not, would someone mind explaining that anyways or pointing me in the right direction?
Since cookies are session driven, probably. Earnie -- http://for-my-kids.com/ -- http://give-me-an-offer.com/