04302005 1810 GMT-6
Im using php5 and the server does have 4.2 or greater. Actually i
believe its 4.3.9.
Shouldnt this be handled automatically then?
I am using the if (isset ....
This is just a login page to the next interior page.
Wade
Bill Kamp wrote:
>PHP preserves sessions either by using cookies or by tokens. If you use
>cookies, and one browser supports cookies,
>and the other does not, the latter will break the site.
>
>PHP 4.2 handles this automatically. But there are a some caveats:
>1 You need to use the _SESSION variable to access session information.
>2 You check to see if a session variable is registered by using
>if (!session_is_registered
><mk:@MSITStore:C:\local\hlp\php\php_manual_en.chm::/function.session-is-regi
>stered.html> ('foo')) {
>rather than
>if ( ! isset( $foo
>The latter will mostly work, but not always.
>
>3 Non-relative URLs are assumed to point to external sites and hence don't
>append the SID, as it would be a security risk to leak the SID to a
>different server.
>
>So if you are using PHP < 4.2, or using isset to find if session variables
>are defined, or if you are using
>absolute URL's, your results may vary with browser.
>
>This from the PHP manual:
>
>Passing the Session ID
>
>
>There are two methods to propagate a session id:
>
>* Cookies
>
>* URL parameter
>
>The session module supports both methods. Cookies are optimal, but because
>they are not always available, we also provide an alternative way. The
>second method embeds the session id directly into URLs.
>
>PHP is capable of transforming links transparently. Unless you are using PHP
>4.2 or later, you need to enable it manually when building PHP. Under UNIX,
>pass --enable-trans-sid
><mk:@MSITStore:C:\local\hlp\php\php_manual_en.chm::/install.configure.html#i
>nstall.configure.enable-trans-sid> to configure. If this build option and
>the run-time option session.use_trans_sid are enabled, relative URIs will be
>changed to contain the session id automatically.
>
>Note:
>
>The arg_separator.output
><mk:@MSITStore:C:\local\hlp\php\php_manual_en.chm::/configuration.directives
>html#ini.arg-separator.output> php.ini directive allows to customize the.
>argument seperator. For full XHTML conformance, specify & there.
>
>Alternatively, you can use the constant SID which is always defined. If the
>client did not send an appropriate session cookie, it has the form
>session_name=session_id. Otherwise, it expands to an empty string. Thus, you
>can embed it unconditionally into URLs.
>
>The following example demonstrates how to register a variable, and how to
>link correctly to another page using SID.
>
>
>Example 856. Counting the number of hits of a single user
>
>copy to clipboard <javascript:void(0);>
><?php
>if (!session_is_registered
><mk:@MSITStore:C:\local\hlp\php\php_manual_en.chm::/function.session-is-regi
>stered.html> ('count')) {
> session_register
><mk:@MSITStore:C:\local\hlp\php\php_manual_en.chm::/function.session-registe
>r.html> ('count');
> $count = 1;
>}
>else {
> $count++;
>}
>?>
>
>Hello visitor, you have seen this page <?php echo
><mk:@MSITStore:C:\local\hlp\php\php_manual_en.chm::/function.echo.html>
>$count; ?> times.<p>
>
>To continue, <A HREF="nextpage.php?<?php echo
><mk:@MSITStore:C:\local\hlp\php\php_manual_en.chm::/function.echo.html>
>strip_tags
><mk:@MSITStore:C:\local\hlp\php\php_manual_en.chm::/function.strip-tags.html
>
>
>> (SID)?>">click here</A>
>>
>>
>
>The
><mk:@MSITStore:C:\local\hlp\php\php_manual_en.chm::/function.strip-tags.html
>
>
>>strip_tags() is used when printing the SID in order to prevent XSS related
>>
>>
>attacks.
>
>Printing the SID, like shown above, is not necessary if --enable-trans-sid
><mk:@MSITStore:C:\local\hlp\php\php_manual_en.chm::/install.configure.html#i
>nstall.configure.enable-trans-sid> was used to compile PHP.
>
>Note:
>
>Non-relative URLs are assumed to point to external sites and hence don't
>append the SID, as it would be a security risk to leak the SID to a
>different server.
>
>
>
>Bill Kamp
>[EMAIL PROTECTED]
>(952) 681-9947
>
>
>
>
>
>
> _____
>
>From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf
>Of Wade
>Sent: Saturday, April 30, 2005 5:29 PM
>To: [email protected]; [EMAIL PROTECTED];
>[email protected]
>Subject: [php_mysql] Session Question
>
>
>04302005 1720 GMT-6
>
>I wanted to post again my problem with sessions.
>
>I have completed my project that I have been working on but when I went
>to test it (I was testing in Mozilla browser) in IE, the sessions didnt
>work. It only does not work in IE. In opera and mozilla things are fine
>but when I try to do this in IE it fails every time.
>
>A browser is a browser so Im uncertain as to my a session wouldnt or
>couldnt work.
>
>Wade
>
>
>[Non-text portions of this message have been removed]
>
>
>
>The PHP_mySQL group is dedicated to learn more about the PHP_mySQL web
>database possibilities through group learning.
>
>
>
> _____
>
>Yahoo! Groups Links
>
>
>* To visit your group on the web, go to:
>http://groups.yahoo.com/group/php_mysql/
>
>
>* To unsubscribe from this group, send an email to:
>[EMAIL PROTECTED]
><mailto:[EMAIL PROTECTED]>
>
>
>* Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service
><http://docs.yahoo.com/info/terms/> .
>
>
>
>
>[Non-text portions of this message have been removed]
>
>
>
>The PHP_mySQL group is dedicated to learn more about the PHP_mySQL web
>database possibilities through group learning.
>Yahoo! Groups Links
>
>
>
>
>
>
>
>
>
>
>
>
[Non-text portions of this message have been removed]
The PHP_mySQL group is dedicated to learn more about the PHP_mySQL web database
possibilities through group learning.
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/php_mysql/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
