Pablo Oliva wrote:
I have read that in order to account for browsers/users who do not have
cookies enabled, that you should append the session id to the url (query
string).
Yes, there are basically three ways that the Web client can pass a
unique identifier to the server:
1. Cookie
2. URL
You have session_start() on the second page, too, right??
-Original Message-
From: Erwin [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 20, 2002 5:45 AM
To: [EMAIL PROTECTED]
Subject: [PHP] Sessions
Hi all,
I'm having a problem with sessions. I use PHP version 4.2.2.
The
John Holmes wrote:
You have session_start() on the second page, too, right??
Yes...the session_start() statement is in a global include file, which is
included in all files which require it
Grtz Erwin
-Original Message-
From: Erwin [mailto:[EMAIL PROTECTED]]
Sent: Friday,
I've had the same problem, and I resolved it by using html tags instead of
headers, and the problem was resolved. there are some issues I still
haven't been able to work out though (I want it to use cookies instead of
SID's).
John Holmes [EMAIL PROTECTED] wrote in message
Domains are specific, and so you do not get the same sesion variables. here's are
ways around this, but you need control of the content of both servers.
Cheers,
Rob.
David Buerer wrote:
Are sessions domain specific?
What I mean is this.
Suppose I have two websites:
secure.web.com
Yeah,
I believe so, but you could reinitialize them when you jump to the other
webserver, or you use one
mysql database for sessionmanagement for both webservers.
Ciao
Sascha
- Original Message -
From: David Buerer [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, September
My first assumption would be yes they are domain specific, but it might be
possible to cross domains if both domains were run from the same web server
and you were to pass the session id between pages manually rather than it
being stored in a cookie..
What does everyone else think?
- Jacob
PROTECTED]]
Sent: Wednesday, September 18, 2002 11:06 AM
To: David Buerer
Cc: '[EMAIL PROTECTED]'
Subject: Re: [PHP] Sessions /Cross Domain
Domains are specific, and so you do not get the same sesion variables.
here's are
ways around this, but you need control of the content of both servers.
Cheers,
Rob
Sascha Braun wrote:
Yeah,
I believe so, but you could reinitialize them when you jump to the other
webserver, or you use one
mysql database for sessionmanagement for both webservers.
Not exactly true, since if they jump to another server, you can make the
assumption they have a session
(Server1 Server2)
Am I wrong are would this work out?
Sascha
- Original Message -
From: David Buerer [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, September 18, 2002 7:48 PM
Subject: RE: [PHP] Sessions /Cross Domain
I do have control over the content of both domains...in fact
: [PHP] Sessions /Cross Domain
Sascha Braun wrote:
Yeah,
I believe so, but you could reinitialize them when you jump to the other
webserver, or you use one
mysql database for sessionmanagement for both webservers.
Not exactly true, since if they jump to another server, you can make
Have a look at this php.ini setting, I think it will help you!
; The domain for which the cookie is valid.
session.cookie_domain =
James
-Original Message-
From: David Buerer [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 18, 2002 1:39 PM
To: '[EMAIL PROTECTED]'
Subject: [PHP]
James's answer is likely what you are looking for. As there are many
different ways to maintain sessions, you're going to get many different
answers.
However, the default behavior for PHP sessions is to assign the unique
identifier to a cookie. If this cookie has a domain of .web.com (see
I can't see anything sticking out...but why have you done this...
$test2Url = test2.php?PHPSESSID= . session_id( );
You don't need to do this. Try doing this
$test2Url = test2.php;
Your server might be set up to use a different name for sessions
John Wards
SportNetwork.net
- Original
: Friday, September 06, 2002 2:11 PM
Subject: Re: [PHP] Sessions with register_globals = off
Here you go
http://www.zend.com/manual/function.session-is-registered.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Here you go
http://www.zend.com/manual/function.session-is-registered.php
--- Mauricio Cuenca [EMAIL PROTECTED] wrote:
Hello,
I'm working with register_globals turned off. I'm
setting this session
cookie:
if ($nresult) {
if (mysql_numrows($nresult)) {
session_start();
Hi,
Friday, August 16, 2002, 4:13:39 AM, you wrote:
KSM Am I mistaken to assume that a Session is automatically
KSM destroyed if a Window Browser is closed?
The session as such is not destroyed only the cookie used to id it if you are using
cookies. If The SID is being passed in the url and
I think you'll need to use header (Location: url?.print SID);
Adam
On Wed, 14 Aug 2002, apollo wrote:
hi,
after submit i use:
if (isset($submit))
header (Location: url?.sid);
i want continue my session in next page, but SID (my session's unique id) is
lost in
The main reason to store it in a database is to allow you to share that
session data across multiple web servers. In a load-balanced
architecture, this is essential.
-Rasmus
On Tue, 13 Aug 2002, Randy Johnson wrote:
When i started to learn php there was talk of storing session information in
So, I've been using my own implementation of session handling which is
mainly storing the userinfo in a cookie (an array, serialised and signed)
but I'm starting to come around to the idea of storing this info on the
server and just passing a session key about - but I have a couple of
Comments inline
- Original Message -
From: Rasmus Lerdorf [EMAIL PROTECTED]
To: Danny Shepherd [EMAIL PROTECTED]
Cc: PHP-General [EMAIL PROTECTED]
Sent: Tuesday, July 30, 2002 11:24 AM
Subject: Re: [PHP] Sessions - Informed Opinions
Assuming that sessions are stored
3 How can I get a count of currently active (I.e non expired)
sessions?
Count the number of session files.
Can I be sure that the count will only include active sessions though?
By definition, if the session file is there, it is an active session.
There is no such thing as counting
- Original Message -
From: Rasmus Lerdorf [EMAIL PROTECTED]
To: Danny Shepherd [EMAIL PROTECTED]
Cc: PHP-General [EMAIL PROTECTED]
Sent: Tuesday, July 30, 2002 11:52 AM
Subject: Re: [PHP] Sessions - Informed Opinions
3 How can I get a count of currently active (I.e non expired
- Original Message -
From: Tech Support [EMAIL PROTECTED]
To: Danny Shepherd [EMAIL PROTECTED]
Sent: Tuesday, July 30, 2002 6:44 PM
Subject: Re: [PHP] Sessions - Informed Opinions
If you're on a shared system it's very easy for other users on your
machine
to read session data. All
Mike,
I have used them with https, and they work fine. Make sure you are calling
session_start(); on every page you need your session vars.
Oscar.-
- Original Message -
From: Mike Mannakee [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, July 28, 2002 9:21 PM
Subject: [PHP]
Hi,
Monday, July 29, 2002, 11:21:34 AM, you wrote:
MM Do sessions not work when using an https connection? It seems I'm losing my
MM data between pages.
MM Mike
If you are changing domain names when going to https you will lose the
session info if relying on cookies. You will have to hard
Thank you. This has been driving me up the wall like you wouldn't believe.
Mike
Tom Rogers [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi,
Monday, July 29, 2002, 11:21:34 AM, you wrote:
MM Do sessions not work when using an https connection? It seems
function. see more on this by looking up
register_globals and _Get in the php manual at php.net
hth
matt
- Original Message -
From: Tyler Durdin [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, July 26, 2002 2:00 PM
Subject: Re: [PHP] sessions
I don't know. Tell me where I would find
Try removing the quotes in sessio_register ie. (valid_user2)
Here is the code that starts and registers the session. It is login page
that logs in to itself so the form that produces $_POST[username] is
actually on the same page, but nothing happens until the user logs in. It
there is
Here is the code that starts and registers the session. It is login page
that logs in to itself so the form that produces $_POST[username] is
actually on the same page, but nothing happens until the user logs in. It
there is something in this code that is not correct or making the other code
yes they are off. I did just recently discover this whole form thing, but i
did not know about the session variables. I put the session registration
code up in another post, if you would not mind looking at that and
recommending changes. in the mean time I'll try and get up to speed on the
I don't know. Tell me where I would find it and I'll look : -)
Sorry, pretty new to all of this.
Do you have register globals off?
Jim Grill
Support
Web-1 Hosting
http://www.web-1hosting.net
- Original Message -
From: Tyler Durdin [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday,
]
To: [EMAIL PROTECTED]
Sent: Friday, July 26, 2002 1:35 PM
Subject: Re: [PHP] sessions
Here is the code that starts and registers the session. It is login page
that logs in to itself so the form that produces $_POST[username] is
actually on the same page, but nothing happens until the user logs
Hi Matt,
The user's browser will retain the session cookie as long as it is open
unless session.cookie_lifetime is set to something other than zero in the
php.ini or you can also set it in your script like this:
// set session cookie to expire in 30 minutes.
You need to start the session before any html. So:
?php session_start(); ?
html
Cheers!
Rick
Too much caution is bad for you. By avoiding things you fear, you may let
yourself in for unhappy consequences. It is usually wiser to stand up to a
scary-seeming experience and walk right into it,
When I try to pass a variable from one page to another the variable is
completely inaccessible IF I have a session going. The data has to be
passed from one page to the next through the link, as the link tells
which
product the user hit. Any thoughts?
Is there a variable by the same name
No,
The strange thing is there isn't. I have a test page that links to the
order form, having this html:
form action=order_form.php method=post
input type=hidden name=prod_ids[] value=9
input type=hidden name=prod_ids[] value=8
input type=hidden name=prod_qtys[] value=1
input type=hidden
: Re: [PHP] Sessions vs passing variables
No,
The strange thing is there isn't. I have a test page that links to
the
order form, having this html:
form action=order_form.php method=post
input type=hidden name=prod_ids[] value=9
input type=hidden name=prod_ids[] value=8
input type=hidden
---John Holmes...
-Original Message-
From: Mike Mannakee [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 21, 2002 10:57 PM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] Sessions vs passing variables
No,
The strange thing is there isn't. I have a test page that links to
the
or
I'm on a server with php version 4.2.1 with register globals on. The
main
test has been can I access the variables in the script? Oddly enough,
if
I
didn't use an array they are there for me. Turns out it's only when
I'm
trying to pass an array. Single variables works fine. I'm
Right, I understand I should be able to access them. That's the whole
problem. They're not there.
I can do one of two things and they magically become available:
1. Don't start the session.
2. Use single variables, not arrays.
#2, however, would create a problem in that I intend to set it
Taken straigh from the manual:
(http://www.php.net/manual/en/ref.session.php)
[quote]
There are two methods to propagate a session id:
- Cookies
- URL parameter
The session module supports both methods. Cookies are optimal, but since
they are not reliable (clients are not bound to accept
On Thursday 18 July 2002 17:39, [EMAIL PROTECTED] wrote:
Joakim, please don't take offence, I know you're being helpful but ...
Taken straigh from the manual:
(http://www.php.net/manual/en/ref.session.php)
[quote]
There are two methods to propagate a session id:
[snip]
... do we really
From: Jason Wong [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 18, 2002 11:46 AM
Joakim, please don't take offence, I know you're being helpful but ...
None taken.
... do we really need quotes from the manual? You've already
given the pointer
which is sufficient in itself for any
Thanks
OK, I have checked my phpinfo(); and the *session.use_trans_sid* = 1 ;
*session.use_cookies =* On, so I'm not sure if I need to turn the
cookies bit off, but I would think it not to be necessary. ; So, I can't
see why the URL's aren't changed on my pages...
Now, something to
on 18/07/02 7:39 PM, [EMAIL PROTECTED]
([EMAIL PROTECTED]) wrote:
PHP is capable of doing this transparently when compiled with
--enable-trans-sid. If you enable this option, relative URIs will be changed
to contain the session id automatically.
It's worth pointing out that enable-trans-sid
- Original Message -
From: PHPCoder [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: php-general [EMAIL PROTECTED]
Sent: Thursday, July 18, 2002 6:18 AM
Subject: Re: [PHP] Sessions: watertight?
Thanks
OK, I have checked my phpinfo(); and the *session.use_trans_sid* = 1
Sure, why not? Users can't create session variables (unless you're
on a
virtual server...)
... and I am -- A shared host server that is.
Now I'm not sure on this, I haven't tested it. Has anyone?
If we're on a virtual server, why can't I just open the
session.save_path with PHP and read
on 17/07/02 6:51 PM, John Holmes ([EMAIL PROTECTED]) wrote:
... and I am -- A shared host server that is.
Now I'm not sure on this, I haven't tested it. Has anyone?
Is this particular vulnerability only in existence when the server is pretty
open? I mean, on my particular host, I can't FTP
... and I am -- A shared host server that is.
Now I'm not sure on this, I haven't tested it. Has anyone?
Is this particular vulnerability only in existence when the server is
pretty
open? I mean, on my particular host, I can't FTP to anything outside
my
docroot, and I can't use SSH,
snip
What I'm looking to do is when a user logs in, I start up the session.. I
then have the registered session var to verify they are authenticated as
they move throughout the site.
/snip
This solution is no garantuee that the authenticated user is in control
during that session. The only
Anyone? Can someone at least point me to some web article for
recommendations? I saw some examples where a password variable was stored,
but is that really safe (as long as I MD5 it first?)
Chad
-Original Message-
From: Chad Day [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002
What I'm looking to do is when a user logs in, I start up the
session.. I
then have the registered session var to verify they are
authenticated as
they move throughout the site.
Now, when they close the browser and come back, I want them
to still be authenticated.
I don't think this
based on any of the user data.
www.php.net/uniqid
---John Holmes...
- Original Message -
From: Chad Day [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, July 16, 2002 3:30 PM
Subject: RE: [PHP] Sessions / logins / cookies / security
Anyone? Can someone at least point me to some web
Well, perhaps stepping away from the problem for a few minutes actually helps
clear the mind. Found that one of my mysql_query() statements wasn't completing
and everything after that didn't finish. Once I fixed that, all the session
variables work. Go fig. Let that be a lesson to me :-)
Chad Day wrote:
What I'm looking to do is when a user logs in, I start up the session.. I
then have the registered session var to verify they are authenticated as
they move throughout the site.
Now, when they close the browser and come back, I want them to still be
authenticated. Obviously, I
On my sites, I have a check box next to the login form which says remember
me. If they tick this box, and they userid/password is valid, I set a
cookie on their system which remembers them, which is just their username
and an md5() of their pasword (the same data I add to the session).
When
So, if there is no uid and pwd in $_SESSION, I check in $_COOKIE. If
there's nothing there, they aren't logged in as far as I can tell. On
every
page I validate the uid and pwd against the database, so the only way
you
could fake being another user is to know the uid AND md5()'d pwd.
Or
On Wed, Jul 17, 2002 at 10:43:24AM +1000, Justin French wrote:
I set a
cookie on their system which remembers them, which is just their username
and an md5() of their pasword (the same data I add to the session).
OUCH! Sending the password back out to the net is a scarry prospect.
--Dan
--
on 17/07/02 11:11 AM, Analysis Solutions
([EMAIL PROTECTED]) wrote:
On Wed, Jul 17, 2002 at 10:43:24AM +1000, Justin French wrote:
I set a
cookie on their system which remembers them, which is just their username
and an md5() of their pasword (the same data I add to the session).
OUCH!
on 17/07/02 11:11 AM, John Holmes ([EMAIL PROTECTED]) wrote:
Or steal it. :)
I hope you have checked your site for any cross-site scripting
vulnerabilities. This is exactly where vulnerabilities like this come
into play...
Interesting -- I'm only a few days away from launching this...
Or steal it. :)
I hope you have checked your site for any cross-site scripting
vulnerabilities. This is exactly where vulnerabilities like this
come
into play...
Interesting -- I'm only a few days away from launching this... could
you
elaborate on the potential risk, or point me to
Thanks heaps John,
So as a basic rule, having a uid and pwd stored as session variables is NOT
the problem, but storing the uid and/or pwd in a cookie on the browser is
just plain asking for it :)
So, how do you implement a remember me safely?
Setting JUST the uid in a cookie prevents people
So as a basic rule, having a uid and pwd stored as session variables
is
NOT
the problem, but storing the uid and/or pwd in a cookie on the browser
is
just plain asking for it :)
You shouldn't even have to do this. Just set a $_SESSION['logged_on']
variable to true and check for that. Why
on 17/07/02 12:35 PM, John Holmes ([EMAIL PROTECTED]) wrote:
You shouldn't even have to do this. Just set a $_SESSION['logged_on']
variable to true and check for that. Why carry around the username and
password??
Well, I guess it's because I started with someone else's script, and built
my
You shouldn't even have to do this. Just set a
$_SESSION['logged_on']
variable to true and check for that. Why carry around the username
and
password??
Well, I guess it's because I started with someone else's script, and
built
my own from there. Not being a security expert, I assumed
on 17/07/02 1:05 PM, John Holmes ([EMAIL PROTECTED]) wrote:
Sure, why not? Users can't create session variables (unless you're on a
virtual server...)
... and I am -- A shared host server that is.
Justin French
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
[mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002 4:51 PM
To: Chad Day; [EMAIL PROTECTED]
Subject: Re: [PHP] Sessions / logins / cookies / security
There really isn't a good way to do this, I think.
Any time you're taking just a cookie, and using that data to assume
who
the
user
Hi Alexander :o)
You have to have session_start() at the top of EACH page that will hold session
registered variables. So just rewrite it like this:
Page 1:
?
session_start();
$test_var = froggy;
session_register('test_var');
?
a href=page2.phpClick here/a
Page 2:
?
session_start();
print
After redoing my entire site because of session let me give ya some help.
$_SESSION[test_var] = froggy;
then on page two
session_start();
print $_SESSION[test_var].!;
a few tips I have run into
SESSION needs to be all caps, otherwise php gets cranky. I am fairly sure
in forms you need POST
session_set_save_handler()
http://www.zend.com/zend/tut/session.php
-Original Message-
How can I configure my scripts to store sessions in MySQL?
This message is intended for the sole use of the individual
Do you have session_start() on each page?
---John Holmes...
- Original Message -
From: Phil Schwarzmann [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, June 26, 2002 11:31 AM
Subject: [PHP] sessions are remembered for one page, then forgotten
I'm still having a little
On Tuesday 18 June 2002 17:21, Wilbert Enserink wrote:
i have this problem:
My Q: howcome mySQL is not able to find this temporary table anymore
It seems to have destroyed this table when leaving the search.php page, but
that's a rather odd idea, cause I thought it maintained while the
, 2002 11:31 AM
Subject: Re: [PHP] sessions and temporary tables
On Tuesday 18 June 2002 17:21, Wilbert Enserink wrote:
i have this problem:
My Q: howcome mySQL is not able to find this temporary table
anymore
It seems to have destroyed this table when leaving the search.php page
unless you open a persistent connection, connections are closed automatically at the
end of execution of a script.
-Original Message-
From: W. Enserink [mailto:[EMAIL PROTECTED]]
Sent: 18 June 2002 10:41 AM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] sessions and temporary tables
Temporary tables only exist for the duration of your script, with or without
using mysql_pconnect(). If you want a MySQL table to remain, then don't make
it temporary. Make it a regular table and then create a cron script that
goes through and deletes tables that are more than X minutes/hours
You can do whatever you want, of course.
Sessions just make your code easier and portable and more people will be
able to understand what you're talking about.
Sessions are just a way to pass a variable between pages. You assign a
variable to the session, and you retrieve it on any other page
When you're dealing with session variables, it's a good idea to refer to
them using the new global variables.
? //start.php
session_start();
$_SESSION['user'] = bob; // register the session var
$_SESSION['pass'] = secret; // register the session var
header(Location: p2.php);
?
? //
Check the register_globals setting in php.ini. It looks like it is on on
the problem server. If so, then you have two choices:
1. Turn it off
2. Change your code to this style:
session_start();
$node = 10.2;
session_register('node');
echo $node;
Kirk
-Original Message-
From: Leston
Actually, I've tried it both ways (register_globals=On and
register_globals=Off).
Same result with either setting.
At 12:19 PM 6/18/2002, you wrote:
Check the register_globals setting in php.ini. It looks like it is on on
the problem server. If so, then you have two choices:
1. Turn it off
2.
I have register_globals=Off (which is what I prefer to program for).
But if I change register_globals to On, and use the session_register()
function, it works.
With register_globals Off, using $_SESSION doesn't work.
I thought that $_SESSION would work regardless of whether register_globals
: [PHP] sessions trouble
I have register_globals=Off (which is what I prefer to program for).
But if I change register_globals to On, and use the session_register()
function, it works.
With register_globals Off, using $_SESSION doesn't work.
I thought that $_SESSION would work regardless
: [EMAIL PROTECTED]
Sent: Tuesday, June 18, 2002 1:28 PM
Subject: RE: [PHP] sessions trouble
I have register_globals=Off (which is what I prefer to program for).
But if I change register_globals to On, and use the session_register()
function, it works.
With register_globals Off, using
Is your version of PHP new enough to support the new $_SESSION[] array? If
it is not, use $HTTP_SESSION_VARS[].
-Original Message-
From: Leston Drake [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 18, 2002 12:29 PM
To: Johnson, Kirk
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] sessions
$HTTP_SESSION_VARS[].
-Original Message-
From: Leston Drake [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 18, 2002 12:29 PM
To: Johnson, Kirk
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] sessions trouble
I have register_globals=Off (which is what I prefer to program for).
But if I
PROTECTED]]
Sent: Tuesday, June 18, 2002 3:30 PM
To: Johnson, Kirk
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] sessions trouble
I am using PHP 4.1.2, which I assume supports the $_SESSION
global array.
I've tried ...sigh... using $HTTP_SESSION_VARS, with the same result,
unfortunately
-Original Message-
From: Leston Drake [mailto:[EMAIL PROTECTED]]
Sent: 18 June 2002 18:48
I am unable to retrieve session variables on my local server.
[snp]
On another server
(http://www.lpsoftware.com/phptest/test5.php) it works as
expected. But I can't figure out why it
Message -
From: Lazor, Ed [EMAIL PROTECTED]
To: 'Rick Kukiela' [EMAIL PROTECTED]
Sent: Friday, June 14, 2002 4:44 PM
Subject: RE: [PHP] Sessions... wtf is wrong?!
Are there read only files in that directory that are blocking things?
-Original Message-
From: Rick Kukiela [mailto
On Thursday, June 13, 2002 at 9:46:10 PM, you wrote:
First, I load Doc 1 (to set the session variable).
Then I load Doc 2 to retrieve the variable. When doc 2 runs, I get the
following:
I just tried adding session_start() to the beginning of both files. When I
load Doc 1, I get this warning twice(!):
Warning: Cannot send session cache limiter - headers already sent (output
started at c:\program files\apache group\apache\htdocs\wan\sessions.php:7)
in c:\program files\apache
On Saturday 08 June 2002 14:39, Greg Macek wrote:
What is the best/recommended method of saving form data into session
variables? Currently only have to deal with regular text input,
checkboxes and radio buttons (no multiple selects for now). Any sample
code someone could throw up on the
Ok, I'll have to try that on my next project. Unfortunately these forms were
written by another developer and there too many variables to rename to make an
array and not enough time on the project :-) But for next time.
I've seen many examples of assigning values to session variables w/o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
* and then Greg Macek declared
Ok, I'll have to try that on my next project. Unfortunately these forms
were written by another developer and there too many variables to rename
How about something like this:
foreach($HTTP_POST_VARS as $key
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
* and then Nick Wilson declared
How about something like this:
foreach($HTTP_POST_VARS as $key = $val) {
$myFormData['$key']=$val;
}
Actually that may be a little redundent. You may well get away with:
$myFormData=$HTTP_POST_VARS;
-
Hi
Have a look at http://www.mohawksoft.com/phoenix/msession.html
I just started playing with it and seems to be ok, except when I try my own
session handler it chucks a core dump now, but if it is as good as they
reckon I wont need my own handler :)
Tom
At 03:17 PM 6/06/2002, Cameron Just
Thanks to all for their help on this. As a follow-up, and after a bunch of
playing around with this yesterday, here's what I've come to learn. Perhaps
it will be helpful to others:
With enable-trans-id compiled into PHP and the following directives in
php.ini:
session.use_cookies = 0(PHP
I'm sure this is not a definitive answer, but I would assume that since you would be
passing the information through both the URI and Cookies, it will work regardless of
cookies enabled or disabled. On the other hand, if you are passing the session id
through the URI in the first place, you
If you compile it with --enable-trans-sid, then PHP will use cookies when
they are available and if they are not, it'll append the SID to links and
forms. Basically, it's automatic.
---John Holmes...
- Original Message -
From: Jeff Field [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
* and then 1LT John W. Holmes declared
If you compile it with --enable-trans-sid, then PHP will use cookies when
they are available and if they are not, it'll append the SID to links and
forms. Basically, it's automatic.
Hmmm I've had a
Hmmm I've had a problem with this: I have --enable-trans-sid but I
see url appends on my browser when I *know* cookies are working.
Personally I cant say this is a bad thing... not all browsers enable
cookies and they can be messy and insecure at times (eg: cross domain
issues). Placing
701 - 800 of 1042 matches
Mail list logo
