Re: [PHP] sessions/cookies
others have given good advice, but let's learn to walk before we run shall we.
1. session_start() should be called once per request.
2. checkValidUser() does a select on all the users in the database, this is
*wrong* -
do a select with a suitable WHERE clause the retrieves the one user that
matches the
given user name and password.
3. GetAccessLevel() uses an undefined property.
4. all the properties ($UserID, $AdminLevel, etc) are only set during the
request where
the user's login credentials are checked. subsequent requests will not have
that info.
5. use php5?
6. go back and read the other replies regarding seperation of responsibilities
and encapsulation.
nihilism machine schreef:
I wrote an authentication class in php4. The sessions dont seem to be
working with internet explorer, just with FF. here is the code below, a
cookies notice pops up when you try and login:
?php
class auth {
var $UserID;
var $AdminLevel;
var $FirstName;
var $LastName;
var $DateAdded;
var $MobileTelephone;
var $LandLineTelephone;
// Connect to the database
function auth() {
mysql_connect('','','') or die('ERROR: Could not connect to
database');
mysql_select_db('') or die('ERROR: Could not select database');
}
// Attempt to login a user
function CheckValidUser($Email,$Password) {
$result = mysql_query('SELECT * FROM Users');
$Password = $this-encode($Password);
if (mysql_num_rows($result) != 0) {
while($row = mysql_fetch_assoc($result)) {
if (!strcmp($row['Email'],$Email)) {
if (!strcmp($row['Password'],$Password)) {
// User info stored in Globals
$this-UserID = $row['ID'];
$this-AdminLevel = $row['Admin_Level'];
$this-FirstName = $row['First_Name'];
$this-LastName = $row['Last_Name'];
$this-DateAdded = $row['Date_Added'];
$this-MobileTelephone = $row['Telephone_Mobile'];
$this-LandLineTelephone =
$row['Telephone_Land_Line'];
// User info stored in Sessions
session_start();
$_SESSION['Status'] = loggedIn;
$_SESSION['Email'] = $row['Email'];
$_SESSION['AdminLevel'] = $row['Admin_Level'];
$_SESSION['LandLine'] =
$row['Telephone_Land_Line'];
$_SESSION['MobileTelephone'] =
$row['Telephone_Mobile'];
$_SESSION['FirstName'] = $row['First_Name'];
$_SESSION['LastName'] = $row['Last_Name'];
return true;
}
}
}
header(Location: index.php?error=invalidLogin);
} else {
die('ERROR: No Users in the database!');
}
}
// Create a new user account
function CreateUser($Email, $Password, $AdminLevel,
$LandLineTelephone, $MobileTelephone, $FirstName, $LastName) {
$Password = $this-encode($Password);
$this-AccessLevel = $AdminLevel;
$DateAdded = date(Y-m-d H:i:s);
mysql_query(INSERT INTO Users (Email, Password, Admin_Level,
Date_Added, First_Name, Last_Name, Telephone_Land_Line,
Telephone_Mobile) VALUES ('$Email','$Password','$AdminLevel',
'$DateAdded', '$FirstName', '$LastName', '$LandLineTelephone',
'$MobileTelephone')) or die(mysql_error());
return $this-UserID = mysql_insert_id();
}
// Update a users access level
function UpdateAccessLevel($ID,$AdminLevel) {
mysql_query(UPDATE Users SET Admin_Level='$AdminLevel' WHERE
ID=$ID) or die(mysql_error());
return true;
}
// Delete a user
function DeleteUser($ID) {
mysql_query(DELETE FROM Users WHERE ID=$ID) or
die(mysql_error());
return true;
}
// Get a users access level
function GetAccessLevel() {
return $this-AccessLevel;
}
// Get a users ID
function GetUserID() {
return $this-UserID;
}
// Log user out
function LogOut() {
session_start();
session_unset();
session_destroy();
header(Location: index.php);
}
// Check users access level to see if they have clearance for a
certain page
function CheckUserLevel($RequiredLevel) {
if ($_SESSION['AdminLevel'] $RequiredLevel) {
if ($_SESSION['AdminLevel'] == 2) {
header(Location: financial.php);
} else if ($_SESSION['AdminLevel'] == 1) {
header(Location: user.php);
} else {
header(Location: index.php);
}
}
}
// Check to see if a user is logged in
function CheckLoggedIn() {
session_start();
if ($_SESSION['Status'] !=
[PHP] sessions/cookies
I wrote an authentication class in php4. The sessions dont seem to be
working with internet explorer, just with FF. here is the code below,
a cookies notice pops up when you try and login:
?php
class auth {
var $UserID;
var $AdminLevel;
var $FirstName;
var $LastName;
var $DateAdded;
var $MobileTelephone;
var $LandLineTelephone;
// Connect to the database
function auth() {
mysql_connect('','','') or die('ERROR: Could not connect to
database');
mysql_select_db('') or die('ERROR: Could not select database');
}
// Attempt to login a user
function CheckValidUser($Email,$Password) {
$result = mysql_query('SELECT * FROM Users');
$Password = $this-encode($Password);
if (mysql_num_rows($result) != 0) {
while($row = mysql_fetch_assoc($result)) {
if (!strcmp($row['Email'],$Email)) {
if
(!strcmp($row['Password'],$Password)) {
// User info stored in Globals
$this-UserID = $row['ID'];
$this-AdminLevel =
$row['Admin_Level'];
$this-FirstName =
$row['First_Name'];
$this-LastName =
$row['Last_Name'];
$this-DateAdded =
$row['Date_Added'];
$this-MobileTelephone =
$row['Telephone_Mobile'];
$this-LandLineTelephone =
$row['Telephone_Land_Line'];
// User info stored in Sessions
session_start();
$_SESSION['Status'] =
loggedIn;
$_SESSION['Email'] =
$row['Email'];
$_SESSION['AdminLevel'] =
$row['Admin_Level'];
$_SESSION['LandLine'] =
$row['Telephone_Land_Line'];
$_SESSION['MobileTelephone'] =
$row['Telephone_Mobile'];
$_SESSION['FirstName'] =
$row['First_Name'];
$_SESSION['LastName'] =
$row['Last_Name'];
return true;
}
}
}
header(Location: index.php?error=invalidLogin);
} else {
die('ERROR: No Users in the database!');
}
}
// Create a new user account
function CreateUser($Email, $Password, $AdminLevel,
$LandLineTelephone, $MobileTelephone, $FirstName, $LastName) {
$Password = $this-encode($Password);
$this-AccessLevel = $AdminLevel;
$DateAdded = date(Y-m-d H:i:s);
mysql_query(INSERT INTO Users (Email, Password, Admin_Level,
Date_Added, First_Name, Last_Name, Telephone_Land_Line,
Telephone_Mobile) VALUES ('$Email','$Password','$AdminLevel',
'$DateAdded', '$FirstName', '$LastName', '$LandLineTelephone',
'$MobileTelephone')) or die(mysql_error());
return $this-UserID = mysql_insert_id();
}
// Update a users access level
function UpdateAccessLevel($ID,$AdminLevel) {
mysql_query(UPDATE Users SET Admin_Level='$AdminLevel' WHERE ID=
$ID) or die(mysql_error());
return true;
}
// Delete a user
function DeleteUser($ID) {
mysql_query(DELETE FROM Users WHERE ID=$ID) or
die(mysql_error());
return true;
}
// Get a users access level
function GetAccessLevel() {
return $this-AccessLevel;
}
// Get a users ID
function GetUserID() {
return $this-UserID;
}
// Log user out
function LogOut() {
session_start();
session_unset();
session_destroy();
header(Location: index.php);
}
// Check users access level to see if they have clearance for a
certain page
function CheckUserLevel($RequiredLevel) {
if ($_SESSION['AdminLevel'] $RequiredLevel) {
if ($_SESSION['AdminLevel'] == 2) {
header(Location: financial.php);
} else if ($_SESSION['AdminLevel'] == 1) {
header(Location: user.php);
} else {
Re: [PHP] sessions/cookies
On Jan 22, 2008 9:15 PM, nihilism machine [EMAIL PROTECTED] wrote: I wrote an authentication class in php4. The sessions dont seem to be working with internet explorer, just with FF. here is the code below, a cookies notice pops up when you try and login: Hi, I took a quick look at your code. I haven't pin-pointed exactly what the issue is because there is really way too much going on there. I'd suggest you look at your error log and see if there are any warnings. Here is some advice: - Having a class named auth is a bad idea. Is auth authentication or authorization? - The auth class itself really shouldn't be directly accessing the session or database. You should write drivers and interfaces that implement this functionality for you. - Hard coding header redirects (That aren't absolute by the way) means you have to modify your authorization class instead of behavior based on if you log in or not. That isn't a good idea. By separating out concerns it will make your class a lot smaller and easier to work with. I realize this link I'm posting is called auth too, but that wasn't my choice. You can see that they have drivers so that authentication itself is a generic idea and you implement it against a specific thing such as a mysql users table or htpassword. http://solarphp.com/package/Solar_Auth -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] sessions/cookies
On Jan 22, 2008 9:54 PM, Eric Butera [EMAIL PROTECTED] wrote: I realize this link I'm posting is called auth too, but that wasn't my choice. that was kind of funny after your initial criticizm above, but to solars credit, its the auth 'package' so really the name isnt too bad, id say. You can see that they have drivers so that authentication itself is a generic idea and you implement it against a specific thing such as a mysql users table or htpassword. eric is totally right here; at a quick look at you code, i saw auth, ... create user,.. database.. cookie; im thinking what exactly is going on here. the general idea behind a class is to 'encapsulate' things that change into a little self-contained unit. ideally the class doent know how the insides of other classes work, nor do other classes know how it works on the inside. in order to realize this, you should strive for classes with a high degree of cohesion. http://en.wikipedia.org/wiki/Cohesion_(computer_science) although there is no real metric for this concept, most people can grasp the concept and have an idea when code has either a low or high degree of cohesion. if you want some advice on your class, i would start by breaking out the CheckUserLevel(), and CreateUser() methods into a User class, you might also consider a Session class. if you want some advice on how to solve your problem here is my suggestion; you need to isolate the behavior that is not working correctly. this feat becomes difficult when you have lots of variable behaviors in one place. break your class into pieces and test the pieces individually; once they all work individually, then they should work as a group without too much effort. if that isnt working (when you get there) then the code that glues it all together is to blame. -nathan
[PHP] Sessions /cookies issue
Hi all. I am building a web app which uses sessions to retain user data between pages and finally enter that data into mysql - I have noticed that out of 100 entries in the database, 10% are blank. I tested this by setting a cookie on the home page and when the user navigated to the form pages, tested whether that cookie was set and if not issuing a warning with some cookie tutorial info for the user. Before I used the simple test cookie, obviously the only cookie that was being set was PHPSESSID. All the users who entered blank records were using IE. When I test using IE this end, the session cookie is set with no problems and my IE security settings are set to medium. I know IE will accept certain third-party cookies at this setting, but what's the criteria and has anyone else encountered this problem? -- http://www.web-buddha.co.uk
Re: [PHP] Sessions /cookies issue
Dave Goodchild wrote: Hi all. I am building a web app which uses sessions to retain user data between pages and finally enter that data into mysql - I have noticed that out of 100 entries in the database, 10% are blank. I tested this by setting a cookie on the home page and when the user navigated to the form pages, tested whether that cookie was set and if not issuing a warning with some cookie tutorial info for the user. Before I used the simple test cookie, obviously the only cookie that was being set was PHPSESSID. All the users who entered blank records were using IE. When I test using IE this end, the session cookie is set with no problems and my IE security settings are set to medium. I know IE will accept certain third-party cookies at this setting, but what's the criteria and has anyone else encountered this problem? 3rd party cookies are tough. You'll need to look at p3p headers a p3p policy to get them through IE. -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] sessions cookies
How exactly do sessions work? I've heard that if cookies are disabled that a session will then pass it's variables in the url (through GET). Yet when I manually disable cookies none of my pages work (because the $_SESSION variables do not seem to be working). Any ideas? Best Regards, Scott Taylor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] sessions cookies
Scott Taylor wrote: How exactly do sessions work? I've heard that if cookies are disabled that a session will then pass it's variables in the url (through GET). Yet when I manually disable cookies none of my pages work (because the $_SESSION variables do not seem to be working). The variables themselves aren't passed, only a session ID, and that is only passed through GET/POST if transparent SID support is enabled (it is disabled by default). You can change the session.use_trans_sid setting in your php.ini file or if your server supports .htaccess you can create one and add php_flag session.use_trans_sid on to it. For more information see the manual: http://www.php.net/manual/en/ref.session.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions - Cookies Not Saving
On 05 March 2004 03:33, Paul Higgins wrote: When I do: print_r($_COOKIE); I get the following: Array ( [PHPSESSID] = 11781ce29c68ca7ef563110f37e43f38 ) Does that mean its setting the Cookie? Yes. Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
On Friday 05 March 2004 13:05, Paul Higgins wrote: When I thought about what the compay really told me...it didn't make sense. All I know is that that cookie will not save on my WinXP box, but it will save on my Linux box. As sending cookies is pretty much a generic procedure which is not platform dependent it would suggest that your WinXP box is broken (needless to say I'm assuming that you have already ensured that your browser is configured to accept cookies). Have you tried any other browsers/platforms? -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* All vacations and holidays create problems, except for one's own -- Murphy's Laws on Work n34 */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions - Cookies Not Saving
but it will save on my Linux box. As sending cookies is pretty much a generic procedure which is not platform dependent it would suggest that your WinXP box is broken (needless to say I'm assuming that you have already ensured that your browser is configured to accept cookies). Have you tried any other browsers/platforms? The above snippet means it works on his linux box which is why i suggested to see if the session is storing in /tmp, he could prob have spyware running on his machine, i advice check out adaware. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP Sessions - Cookies Not Saving
Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( ' a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( ' a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
When I do: print_r($_COOKIE); I get the following: Array ( [PHPSESSID] = 11781ce29c68ca7ef563110f37e43f38 ) Does that mean its setting the Cookie? I can't see the cookie on my computer. I don't have cookies disabled because I'm getting cookies from other sites. The privacy setting is set to Medium. Thanks, Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( 'a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
AAAGGGH!! I asked my hosting company where they were stored...on the server...I am so mad at myself...all that time wasted. Thanks for the help though...it was much appreciated! Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( 'a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
Is it a non default /tmp ? If so it should be in php.ini or u have to set where it is with an ini_set , hope that helps. AAAGGGH!! I asked my hosting company where they were stored...on the server...I am so mad at myself...all that time wasted. Thanks for the help though...it was much appreciated! Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( 'a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
If there is something in $_COOKIE, what does that mean? That there is a cookie somewhere? Or is it appending the Session ID to the URL? Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 15:24:32 +1100 (EST) Is it a non default /tmp ? If so it should be in php.ini or u have to set where it is with an ini_set , hope that helps. AAAGGGH!! I asked my hosting company where they were stored...on the server...I am so mad at myself...all that time wasted. Thanks for the help though...it was much appreciated! Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( ' a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Get a FREE online computer virus scan from McAfee when you click here. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
Ahh is it showing in the url ? Usually it stores as a cookie, or via url, i think that is also set in php.ini, someone want to ellaborate here ? If there is something in $_COOKIE, what does that mean? That there is a cookie somewhere? Or is it appending the Session ID to the URL? Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 15:24:32 +1100 (EST) Is it a non default /tmp ? If so it should be in php.ini or u have to set where it is with an ini_set , hope that helps. AAAGGGH!! I asked my hosting company where they were stored...on the server...I am so mad at myself...all that time wasted. Thanks for the help though...it was much appreciated! Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( ' a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Get a FREE online computer virus scan from McAfee when you click here. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
When I thought about what the compay really told me...it didn't make sense. All I know is that that cookie will not save on my WinXP box, but it will save on my Linux box. Are there any special headers that I could use? Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 15:24:32 +1100 (EST) Is it a non default /tmp ? If so it should be in php.ini or u have to set where it is with an ini_set , hope that helps. AAAGGGH!! I asked my hosting company where they were stored...on the server...I am so mad at myself...all that time wasted. Thanks for the help though...it was much appreciated! Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( ' a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Get business advice and resources to improve your work life, from bCentral. http://special.msn.com/bcentral/loudclear.armx -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sessions, Cookies, and Subdomains
Hello, I've a bit of a problem and was wondering if anyone out there can help straighten it out. I have never worked with cookies or php sessions before as the need for such has never presented itself before. Up until this point I have been using a very customized version of PostNuke but things are to the point where I need a custom system from scratch. I want to use php sessions for my user system because they seem to be more transparent to the visitor, but there are a few problems that I think I am going to run into based on what I've read. I want to have my website split into several subdomains with a shared user system. That is to say that when someone logs into foo.mysite.com they'd also be logged into bar.mysite.com when they go to it. It is my understanding that php sessions will not work in this way, being that each subdomain has its own sessions. If this is the case, is there a way around this? If it is the case and there isn't a way around this, is this able to be done with regular cookies? Also, php sessions only last a certain amount of time. I'd like for users to remain logged in indefinitely if they choose to do so while logging in. Assuming this is absolutely impossible in sessions, is it feasible to use php sessions as the basis of my user system, but use cookies as a secondary to it if users choose to remain logged in? Any help at all would be really appreciated, because I'd like to get the new version of my site rolled out soon. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions, Cookies, and Subdomains
[snip] I want to have my website split into several subdomains with a shared user system. That is to say that when someone logs into foo.mysite.com they'd also be logged into bar.mysite.com when they go to it. It is my understanding that php sessions will not work in this way, being that each subdomain has its own sessions. If this is the case, is there a way around this? If it is the case and there isn't a way around this, is this able to be done with regular cookies? You'll want to implement your own session handler and store the data in a database. Then you can access and load the session variables from any domain with access to the database. Also, php sessions only last a certain amount of time. I'd like for users to remain logged in indefinitely if they choose to do so while logging in. Assuming this is absolutely impossible in sessions, is it feasible to use php sessions as the basis of my user system, but use cookies as a secondary to it if users choose to remain logged in? Any help at all would be really appreciated, because I'd like to get the new version of my site rolled out soon. If you want a remember me feature, then you'll have to implement something with cookies. Sessions will remain active as long as the user is active. If they are inactive for a certain amount of time (which you can set in php.ini) then their session file will be erased. Hope that helps. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sessions/Cookies and HTTP Auth
Here is the scenario.
1. I set my browser to block all cookies.
2. I access this script.
3. I am thinking that I should get an error because I presume that
session_start() will attempt to set a cookie (which it appears to do).
(I tried setcookie() too and the cookie was accepted.)
My question is this.
When using httpauth, does httpauth override your cookie preferences?
David
*** my code **
?php
require /home/www/common/_ini/_main.ini.php;
$auth = false; // Assume user is not authenticated
if (isset( $PHP_AUTH_USER ) isset($PHP_AUTH_PW)) {
$sql = SELECT * FROM staff WHERE
username = '$PHP_AUTH_USER' AND
password = '$PHP_AUTH_PW';
$result = mysql_query($sql, $connection)
or die ('Database Error - Could not select create data
from projects.');
// Get number of rows in $result.
$numrows = mysql_num_rows( $result );
if ( $numrows 0 ) {
// A matching row was found - the user is authenticated.
$auth = true;
}
}
if ( ! $auth ) {
header( 'WWW-Authenticate: Basic realm=Private Extranet' );
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Authorization Required.';
exit;
} else {
session_start();
echo 'PYou are authorized!/P';
phpinfo();
}
?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions/Cookies and HTTP Auth
When using cookies, if you don't set an expiration time, the cookie is only
good until the session expires. It doesn't get saved, and it disappears
when the user closes their browser.
Many browsers have different settings/preferences for session cookies, and
because they don't get saved to your disk, you may not be prompted.
This might also explain someone's question a little while back (not sure if
it got answered or not) about why they couldn't find the cookie on their
hdd.
Maxwell
- Original Message -
From: David McInnis [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, March 27, 2002 7:10 PM
Subject: [PHP] Sessions/Cookies and HTTP Auth
Here is the scenario.
1. I set my browser to block all cookies.
2. I access this script.
3. I am thinking that I should get an error because I presume that
session_start() will attempt to set a cookie (which it appears to do).
(I tried setcookie() too and the cookie was accepted.)
My question is this.
When using httpauth, does httpauth override your cookie preferences?
David
*** my code **
?php
require /home/www/common/_ini/_main.ini.php;
$auth = false; // Assume user is not authenticated
if (isset( $PHP_AUTH_USER ) isset($PHP_AUTH_PW)) {
$sql = SELECT * FROM staff WHERE
username = '$PHP_AUTH_USER' AND
password = '$PHP_AUTH_PW';
$result = @mysql_query($sql, $connection)
or die ('Database Error - Could not select create data
from projects.');
// Get number of rows in $result.
$numrows = mysql_num_rows( $result );
if ( $numrows 0 ) {
// A matching row was found - the user is authenticated.
$auth = true;
}
}
if ( ! $auth ) {
header( 'WWW-Authenticate: Basic realm=Private Extranet' );
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Authorization Required.';
exit;
} else {
session_start();
echo 'PYou are authorized!/P';
phpinfo();
}
?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] sessions / cookies / header(Location...
I have a page that does a login... right after the login is successfull it registers a session var called 'userid'... and does a header(Location: newpage.php) which checks for the existance of this var... if it exists it will show, otherwise it goes back to the login page... the weird thing is... it always worked fine, even if I logged in and out with three different users to test it... but now it only works if I replace the header() thing with: header(Location: newpage.php?PHPSESSID=$PHPSESSID) why is this weird now? it use to work... and the weird thing is... while in newpage.php the user does some stuff which calls itself and also gets this 'userid' var... and gets it fine without any PHPSESSID stuff... any clues? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] sessions / cookies / header(Location...
yup, your browser is not accepting cookies. thats a good guess. when a browser does not accept cookies, trans-sid will kick in, trans-sid will not work on full urls, just reletive urls. no trans-sid http://www.mediawaveonline.com/index.php trans-sid /index.php header redirectect require (supposed to require) full urls. in other words its a good idea to put PHPSESSID=$PHPSESSID on all your full urls anyhow, just incase for non-cookie browsers. -- Chris Lee [EMAIL PROTECTED] Christian Dechery [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a page that does a login... right after the login is successfull it registers a session var called 'userid'... and does a header(Location: newpage.php) which checks for the existance of this var... if it exists it will show, otherwise it goes back to the login page... the weird thing is... it always worked fine, even if I logged in and out with three different users to test it... but now it only works if I replace the header() thing with: header(Location: newpage.php?PHPSESSID=$PHPSESSID) why is this weird now? it use to work... and the weird thing is... while in newpage.php the user does some stuff which calls itself and also gets this 'userid' var... and gets it fine without any PHPSESSID stuff... any clues? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] sessions / cookies / header(Location...
it does not have anything to do with my browser... that's for sure... I'm using MSIE 5.5, and never had any trouble... and as I said on the email... it used to work fine... it just stopped working... and now yet some fresh info... it's working again now... I've tried... one thing I noticed, that when I was testing and it was not working f2s.com was relly slow... sluggish really... then 1 hour later got faster... I tested it and it worked... so... does speed has anything to do with it? Maybe they were doing some maintenance or whatever... At 14:35 17/5/2001 -0500, Chris Lee wrote: yup, your browser is not accepting cookies. thats a good guess. when a browser does not accept cookies, trans-sid will kick in, trans-sid will not work on full urls, just reletive urls. no trans-sid http://www.mediawaveonline.com/index.php trans-sid /index.php header redirectect require (supposed to require) full urls. in other words its a good idea to put PHPSESSID=$PHPSESSID on all your full urls anyhow, just incase for non-cookie browsers. -- Chris Lee [EMAIL PROTECTED] Christian Dechery [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a page that does a login... right after the login is successfull it registers a session var called 'userid'... and does a header(Location: newpage.php) which checks for the existance of this var... if it exists it will show, otherwise it goes back to the login page... the weird thing is... it always worked fine, even if I logged in and out with three different users to test it... but now it only works if I replace the header() thing with: header(Location: newpage.php?PHPSESSID=$PHPSESSID) why is this weird now? it use to work... and the weird thing is... while in newpage.php the user does some stuff which calls itself and also gets this 'userid' var... and gets it fine without any PHPSESSID stuff... any clues? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] . Christian Dechery (lemming) . http://www.tanamesa.com.br . Gaita-L Owner / Web Developer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
