php-general Digest 31 Jul 2011 17:46:15 -0000 Issue 7422
Topics (messages 314249 through 314251):
Re: PHP runs but apache says its a faulting module every so often
314249 by: Negin Nickparsa
Session treating
314250 by: Andre Polykanine
314251 by: Ashley Sheridan
Administrivia:
To subscribe to the digest, e-mail:
[email protected]
To unsubscribe from the digest, e-mail:
[email protected]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
did you run phpinfo()?
--- End Message ---
--- Begin Message ---
Hi guys and girls,
I'm completely stuck at a really stupid thing.
For some reason my session id doesn't pass through the links.
Here is the code:
index.php:
<?php
// Checking if the admin was ever authorized
if ($_SESSION['PSS']!=session_id()) $auth=0; else $auth=1;
if ($_SESSION['Editor']!="Voice of Istanor") $auth=0; else $auth=1;
if ($auth==0) {
if (!@$_POST) {
// If there's no POST values, including the login form
include "login.php";
// For debugging only, outputs: "Session name: PHPSESSID, session id: ";
printf("Session name: %s, Session Id: %s", session_name(), session_id());
} else {
// Here go real values
if (($_POST['uname']!="Tralala") || (sha1($_POST['upass'])!="abcdeftralala")) {
echo "<h3>Invalid login or password!</h3>";
include "login.php";
} else {
// Attention!
session_name("PalantirSessId");
session_start();
// Everything goes Ok here
printf("Session name: %s, Session Id: %s", session_name(), session_id());
$_SESSION['PSS']=session_id();
$_SESSION['Editor']=$_POST['uname'];
$auth=1;
}
}
}
if ($auth==1) {
echo "<!DOCTYPE HTML><html>
<head>
<meta charset=\"utf-8\">
</head>
<body bgcolor=#CCBBFF>";
include "header.html";
// Still ok! the same name, the same Id
printf("Session name: %s, Session Id: %s", session_name(), session_id());
end of code.
But now go the links such as
<a href="articles.php">Articles management</a>
And there, in the articles.php, I write the following:
<?php
session_name("PalantirSessId");
session_start();
printf("Session name: %s, Session Id: %s", session_name(), session_id());
And here (!) the session name is correct, but the session id is changed.
My question is: why?
Thanks!
--
With best regards from Ukraine,
Andre
Skype: Francophile
Twitter: http://twitter.com/m_elensule
Facebook: http://facebook.com/menelion
--- End Message ---
--- Begin Message ---
Andre Polykanine <[email protected]> wrote:
>Hi guys and girls,
>I'm completely stuck at a really stupid thing.
>For some reason my session id doesn't pass through the links.
>
>Here is the code:
>
>index.php:
>
><?php
>// Checking if the admin was ever authorized
>if ($_SESSION['PSS']!=session_id()) $auth=0; else $auth=1;
>if ($_SESSION['Editor']!="Voice of Istanor") $auth=0; else $auth=1;
>
>if ($auth==0) {
>if (!@$_POST) {
>// If there's no POST values, including the login form
>include "login.php";
>// For debugging only, outputs: "Session name: PHPSESSID, session id:
>";
>printf("Session name: %s, Session Id: %s", session_name(),
>session_id());
>} else {
>// Here go real values
>if (($_POST['uname']!="Tralala") ||
>(sha1($_POST['upass'])!="abcdeftralala")) {
>echo "<h3>Invalid login or password!</h3>";
>include "login.php";
>} else {
>// Attention!
>session_name("PalantirSessId");
>session_start();
>// Everything goes Ok here
>printf("Session name: %s, Session Id: %s", session_name(),
>session_id());
>$_SESSION['PSS']=session_id();
>$_SESSION['Editor']=$_POST['uname'];
>$auth=1;
>}
>}
>}
>
>if ($auth==1) {
>echo "<!DOCTYPE HTML><html>
><head>
><meta charset=\"utf-8\">
></head>
><body bgcolor=#CCBBFF>";
>include "header.html";
>// Still ok! the same name, the same Id
>printf("Session name: %s, Session Id: %s", session_name(),
>session_id());
>
> end of code.
>
>But now go the links such as
><a href="articles.php">Articles management</a>
>
>And there, in the articles.php, I write the following:
>
><?php
>session_name("PalantirSessId");
>session_start();
>printf("Session name: %s, Session Id: %s", session_name(),
>session_id());
>
>And here (!) the session name is correct, but the session id is
>changed.
>My question is: why?
>Thanks!
>
>--
>With best regards from Ukraine,
>Andre
>Skype: Francophile
>Twitter: http://twitter.com/m_elensule
>Facebook: http://facebook.com/menelion
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, visit: http://www.php.net/unsub.php
One thing sticks out a little bit to me. In your index.php file, you're
accessing an element of the $_SESSION array, but without calling
session_start() first. I believe this may be causing the issue you are seeing.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--
Sent from my Android phone with K-9 Mail. Please excuse my brevity.
--- End Message ---
