[PHP] Cookies.

2005-08-30 Thread Nancy Ferracutti Kincaide 

Hi,

I am trying to install a web application that tests if cookies are enabled 
the following way:


 $this-usesCookies =
   (isset($_COOKIE[session_name()]) 
@strlen($_COOKIE[session_name()])
== 32);

As it gives as a result, that cookies are NOT ENABLED, I can't go on with 
the SETUP phase.


The responsible of the FALSE result, in the sentence above, is the LENGTH of 
the string $_COOKIE[session_name()]. Its actual value is 26 instead of 32, 
as expected. ¿Could anyone tell me if that LENGTH should be 32? ¿Is this 
value mandatory to admit that cookies are enabled?


Thanks!

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Cookies.

2005-08-30 Thread Nancy Ferracutti Kincaide 

Dear Jasper,

I think the session hash function is set to 32, and MD5 is selected, as the 
following lines of code show:

--
function Session($sessionName=SESSID) {
   $this-sendNoCacheHeader();

   //  Session-Namen setzen, Session initialisieren
   session_name(isset($sessionName)
   ? $sessionName
   : session_name());

   @session_start();

   //  Prüen ob die Session-ID die Standardlänge
   //  von 32 Zeichen hat,
   //  ansonsten Session-ID neu setzen
   if (strlen(session_id()) != 32)
   {
   mt_srand ((double)microtime()*100);
   session_id(md5(uniqid(mt_rand(;
   }
--

The sentence die($_COOKIE[session_name()]), when executed, shows this value: 
211b78tfl8umggkdh1ak7jrbf3 (a string of 26 characters long).


Thank you very much, again!
Nancy.

- Original Message - 
From: Jasper Bryant-Greene [EMAIL PROTECTED]

To: php php-general@lists.php.net
Sent: Tuesday, August 30, 2005 8:48 AM
Subject: Re: [PHP] Cookies.



Nancy Ferracutti Kincaide wrote:
I am trying to install a web application that tests if cookies are 
enabled the following way:


 $this-usesCookies =
   (isset($_COOKIE[session_name()]) 
@strlen($_COOKIE[session_name()])
== 32);

As it gives as a result, that cookies are NOT ENABLED, I can't go on with 
the SETUP phase.


The responsible of the FALSE result, in the sentence above, is the LENGTH 
of the string $_COOKIE[session_name()]. Its actual value is 26 instead of 
32, as expected. ¿Could anyone tell me if that LENGTH should be 32? ¿Is 
this value mandatory to admit that cookies are enabled?


That would depend on what the session hash function was set to. Normally 
it should be 32 or 40 depending on whether MD5 or SHA1 was selected.


Just the fact that $_COOKIE[session_name()] is set would indicate that 
cookies are enabled, but the application may be performing some sort of 
sanity check, which is obviously failing...


Put a die($_COOKIE[session_name()]); just before that line, and tell us 
what it shows.


--
Jasper Bryant-Greene
Freelance web developer
http://jasper.bryant-greene.name/

If you find my advice useful, please consider donating to a poor
student! You can choose whatever amount you think my advice was
worth to you. http://tinyurl.com/7oa5s

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php