[PHP] Re: Sessions VS MySQL
Matt Fielding wrote: I've recently begun work on a web-based RPG game with some friends, and have recently been thinking about the best solution for loading and saving persistent variables like player life/stats and other information. I am both familiar with sessions and mysql for saving and loading variables, and that's not my question, but I am instead interested in which method would be more efficient to use. If the data is getting reloaded on each individual page, would it be more efficient on the system hosting the game to save certain numbers and variables in a session, or to reaccess the database each time it needs those numbers. My biggest concern with using sessions, is if someone were to exit the browser mid saves to the database, all information would be lost. Since it is web-based, there is no real way for me to be able to expect everyone to follow certain procedures to load/save, and I would really like to stay away from that as well, as it's not as user-friendly and intuitive as an auto-save feature. I guess my main question here is, are there ways to auto-save and guarantee data wouldn't be lost without having to load, read, write, and close a connection to mysql on each page load? Seems as you don't know if the user will close the browser between page loads, AND to be user friendly so that they don't have to click a save button, the ONLY way would be to save the game every time the page loads. So save all data to the database each page run. This will also help in that other players will beble use that data. Say if you needed the top scoring 10 players for example, the data is already saved in the database so it will be easy to find that out, with the most up-to date player data. Darren I appreciate any tips, insight, thoughts, stories, or help in absolutely any fashion that I can get. Even a tip of a nature outside my question related to my project would be great. it's my first project of this kind, and I'd like to avoid any problems I can, so I'm putting a lot of forethought into it all. Also, I'm the only coder, so to have to go back and rewrite a ton of code from one save method to another is just way too much work. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions vs domain problem
Reinhart Viane wrote: I have the folowing problem : Hosting of my site is at http://www.groep6049.ksjnet.be http://www.groep6049.ksjnet.be/ My domainname is www.ksachiropoelkapelle.be http://www.ksachiropoelkapelle.be/ I have forwarded www.ksachiropoelkapelle.be http://www.ksachiropoelkapelle.be/ towards http://www.groep6049.ksjnet.be/index.php I think this is because the browser thinks it is working with the domain name www.ksachiropoelkapelle.be and the server thinks it is working with the domain name www.groep6049.ksjnet.be. I also assume that the forwarding is based on Apache mod_rewrite rather than a simple frame. If you don't ever really want to access the uglier domain directly (e.g. you are doing this to get free/cheap hosting) then you should be able to tell PHP to use the correct domain for cookie paths using: http://uk2.php.net/manual/en/function.session-set-cookie-params.php Something like: ?php session_set_cookie_params(0, '/', 'ksachiropoelkapelle.be'); session_start(); ... Hope that works for you. Col. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: sessions vs domain problem
Something like: ?php session_set_cookie_params(0, '/', 'ksachiropoelkapelle.be'); session_start(); ... I inserted this code at the top: session_set_cookie_params(0, '/', '.ksachiropoelkapelle.be'); It did not solve the problem, still after logging in on www.ksachiropoelkapelle.be the session is not recognized. I know the line of code works cause when I surf directly to http://www.groep6049.ksjnet.be/ it does not work anymore (appearently the cookie domain is not recognized anymore). Any other ideas? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions Issue
did you check the output of phpinfo()? if you did not made modifications or manual configurations, the session support should be on in defalt. ~viraj. On 8/1/05, Burhan Khalid [EMAIL PROTECTED] wrote: On Jul 29, 2005, at 8:07 PM, Tom Ray [Lists] wrote: We built a box about 7 months or so ago using the SuSE 9.1 cd's, straight install from the CDs. While I've read that sessions are turned on by default, when we try to call on the sessions functions (like with phpOpenChat or start_session()) we get calls to undefined function errors. This is leading me to belive that sessions are disabled for some reason. I need to enable the sessions so I have a few questions 1) Can I do this without recompiling? 2) If I can't, how do I recompile this since I used the SuSE cds? It's SuSE 9.1 running Php 4.3.4 with APache 2.0.49 I don't *think* there is a separate module/rpm for sessions, so you are off to a recompile job. While you are it, upgrade your PHP to the latest stable version. 4.3.4 is quite old. Maybe there is a new package for SuSE that does it? (not really familiar with SuSE). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions - going back in browser
* Craig Donnelly [EMAIL PROTECTED]: I had an issue that I needed to be able to go back in the browser while in a session without getting page has expired, I was reading through the manual and came across a comment about adding the following to the sessions page to allow users to traverse back: header(Cache-control: private); (http://www.php.net/manual/en/function.session-start.php) This works fine on a Win32 dev box running Apache 1.3.x and PHP 5.0.3, but then I loaded the pages onto a RedHat box running PHP 5.0.3 on Apache 1.3.27. This box is running these pages through SSl (https) Anyone any ideas? This is a standard issue with browsers and the HTTP protocol. POST operations are supposed to contain dynamic data, and thus, by their very nature, pages returned from such a request are supposed to contain content that should rightfully expire. Of course, in many situations, this expiring is not desired. Basically, you have to fool the browser into thinking that the way you got to the page was NOT via a POST operation. One standard way of doing this is to have a middle page that processes the POST request, stores some relevant information, and redirects to the final page that displays the results. Hitting the back button in this scenario takes you back to the first page. Chris Shifflet has a great tutorial on this; google for his name and 'page expired'. -- Matthew Weier O'Phinney | WEBSITES: Webmaster and IT Specialist | http://www.garden.org National Gardening Association| http://www.kidsgardening.com 802-863-5251 x156 | http://nationalgardenmonth.org mailto:[EMAIL PROTECTED] | http://vermontbotanical.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions not being stored
Change permissions for /tmp/sess. The PHP user needs read and write perms for this directory. PHP user might also need execute perms for /tmp. -- Teach a man to fish... NEW? | http://www.catb.org/~esr/faqs/smart-questions.html STFA | http://marc.theaimsgroup.com/?l=php-generalw=2 STFM | http://php.net/manual/en/index.php STFW | http://www.google.com/search?q=php LAZY | http://mycroft.mozdev.org/download.html?name=PHPsubmitform=Find+search+plugins signature.asc Description: OpenPGP digital signature
[PHP] Re: Sessions
Db wrote: Hi all I'm writing a C++ CGI lib and I want to support php(5) sessions. Is there some API I should use or can I just create/delete/read/write the sess_ files in /tmp? You are probably best off searching the PHP source for session_set_save_handler. It will be something like PHP_FUNCTION('session_set_save_handler', ... ) -- Teach a man to fish... NEW? | http://www.catb.org/~esr/faqs/smart-questions.html STFA | http://marc.theaimsgroup.com/?l=php-generalw=2 STFM | http://php.net/manual/en/index.php STFW | http://www.google.com/search?q=php LAZY | http://mycroft.mozdev.org/download.html?name=PHPsubmitform=Find+search+plugins signature.asc Description: OpenPGP digital signature
Re: [PHP] Re: Sessions
On Monday 07 March 2005 21:36, Jason Barnett wrote: You are probably best off searching the PHP source for session_set_save_handler. It will be something like PHP_FUNCTION('session_set_save_handler', ... ) Found it and some other functions in php-5.0.3/ext/session/session.c I could however not find any documentation of the code, so I think I'll have to contact Sascha and/or Andrei. Thanks for the reply! br db -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions in Frames...confused
Do not use frames :) It creates problems for the searchengines. /Peter Ryan A [EMAIL PROTECTED] skrev i meddelandet news:[EMAIL PROTECTED] Hi, Reading the different articles on phpbuilder/devshed/phpfreaks etc has left me a bit confused.. will start from the beginning so you guys(and girls) can give me some advise and show me the right path again ;-) I have a normal user/pass login screen, after which I start a session for the client and the client should be presented with the control panel for his software. The control panel is in frames and is split in 2 (sideFrame, mainFrame) sideFrame is for the navigation. Do I have to start a session in index.php which is calling the sideFrame and mainFrame or just in mainFrame or just in sideFrame or in all?? AGH! going nuts! The idea is if the session expires he should be present with the login page again...I am not doing anything special or complicated, just need to make sure he is who he says he is and give him access as long as his sesssion is good. Thanks, Ryan -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.289 / Virus Database: 265.4.5 - Release Date: 12/3/2004 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions and subdomains issues
I had a similar problem before. I had my admin at admin.mydomain.com, and the cookies did not transfer. I changed it to www.mydomain.com/admin instead... In my host my subdomain admin.mydomain.com is located in www.mydomain.com/admin, I assume similar structure for you? /Peter Nick Wilson [EMAIL PROTECTED] skrev i meddelandet news:[EMAIL PROTECTED] Goodmorning all, My application (a third party customized cms) shares sessions across the main site and the two subdomains - or at least it should I have 'php_value session.cookie_domain .mysite.com and'php_value session.cookie_path / all set in htaccess The sesions are stored in a db and are not functioning correctly across the subdomains - example: if i log in at the main www domain then go the subdom1.mysite.com i am not logged in there. The subdomains have their own db's but share tables for sessions and some other stuff with the main site. As it's a third party app i can be no more specific unless someone would be kind enough to tell me what to look for or what info to provide. So, here is my question: * Are there any common pitfalls you can think of that i should look at? * Have I set the domain and path correctly for this to work? any help in regard to what direction to take to track down the problem would be really appreciated, much thanks for you time... -- Nick W -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions: Basic Information
Thanks alot. Lordo Peter Lauri [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Sessions will make you life easier if you are using cookies to control a web session. http://th.php.net/manual/en/ref.session.php will give you most information regarding this, together with some examples. Play around with simple own examples and you will learn to work with sessions relativly fast. /Peter Lordo [EMAIL PROTECTED] skrev i meddelandet news:[EMAIL PROTECTED] I have not yet worked with sessions and I don't know why I DO NOT WANT to understand it!! :)) I am a traditional ASPer and I am addicted to cookies. But I want to use sessions if they will make life easier for me. Can someone please direct me to an easy to understand resource with working samples? Thanks. Lordo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions: Basic Information
Sessions will make you life easier if you are using cookies to control a web session. http://th.php.net/manual/en/ref.session.php will give you most information regarding this, together with some examples. Play around with simple own examples and you will learn to work with sessions relativly fast. /Peter Lordo [EMAIL PROTECTED] skrev i meddelandet news:[EMAIL PROTECTED] I have not yet worked with sessions and I don't know why I DO NOT WANT to understand it!! :)) I am a traditional ASPer and I am addicted to cookies. But I want to use sessions if they will make life easier for me. Can someone please direct me to an easy to understand resource with working samples? Thanks. Lordo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions problem bug
Are you using cookie-based sessions? Thus sayeth the manual: Note: When using session cookies, specifying an id for session_id() will always send a new cookie when session_start() is called, regardless if the current session id is identical to the one being set. Thanks google. Reinhart Viane wrote: Some days ago I asked some questions concerning php and sessions Apparently it seems to be a bug: 'When you use a session name that has only numbers, each call to session_start seems to regenerate a new session id, so the session does not persist.' http://bugs.php.net/search.php?search_for=sessionboolean=0limit=10ord er_by=direction=ASCcmd=displaystatus=Openbug_type%5B%5D=Session+rela tedphp_os=phpver=assign=author_email=bug_age=0 And there you pick bug with ID 27688 Just to let everyone know. Greetz, Reinhart Viane Reinhart Viane [EMAIL PROTECTED] Domos || D-Studio Graaf Van Egmontstraat 15/3 -- B 2800 Mechelen -- tel +32 15 44 89 01 -- fax +32 15 43 25 26 STRICTLY PERSONAL AND CONFIDENTIAL This message may contain confidential and proprietary material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Sessions problem bug
On the server i use: Session.auto_start is off Session.use_cookie is on Session.use_trans_sid is 1 I do not set the session id myself All pages that requite the sessions have session_start() at the very first line -Original Message- From: Jason Barnett [mailto:[EMAIL PROTECTED] Sent: woensdag 27 oktober 2004 11:41 To: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions problem bug Are you using cookie-based sessions? Thus sayeth the manual: Note: When using session cookies, specifying an id for session_id() will always send a new cookie when session_start() is called, regardless if the current session id is identical to the one being set. Thanks google. Reinhart Viane wrote: Some days ago I asked some questions concerning php and sessions Apparently it seems to be a bug: 'When you use a session name that has only numbers, each call to session_start seems to regenerate a new session id, so the session does not persist.' http://bugs.php.net/search.php?search_for=sessionboolean=0limit=10o rd er_by=direction=ASCcmd=displaystatus=Openbug_type%5B%5D=Session+rela tedphp_os=phpver=assign=author_email=bug_age=0 And there you pick bug with ID 27688 Just to let everyone know. Greetz, Reinhart Viane Reinhart Viane [EMAIL PROTECTED] Domos || D-Studio Graaf Van Egmontstraat 15/3 -- B 2800 Mechelen -- tel +32 15 44 89 01 -- fax +32 15 43 25 26 STRICTLY PERSONAL AND CONFIDENTIAL This message may contain confidential and proprietary material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions and Mozilla (Firefox)
* Pablo Gosse [EMAIL PROTECTED]: I just noticed that if I open up a Mozilla window, log into my CMS, then open another Mozilla window (not by ctrl-n, but by selecting it from my programs menu) and bring up the login page in that new window, then it detects the session from the other window and redirects right to the CMS control panel. In IE, this will happen if I ctrl-n a new window, but not if I start a new instance of the browser from the program list. Is the correct behavior for sessions in Mozilla? I've searched the lists but I couldn't find anything which seemed to answer this. My understanding is that if you have a session of Mozilla open, if you run the executable again, it searches for a running session and, if one is found, uses it to spawn a new window without actually running another copy. -- Matthew Weier O'Phinney | mailto:[EMAIL PROTECTED] Webmaster and IT Specialist | http://www.garden.org National Gardening Association| http://www.kidsgardening.com 802-863-5251 x156 | http://nationalgardenmonth.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions and Mozilla (Firefox)
On Wed, 2004-10-13 at 01:26 +, Matthew Weier O'Phinney wrote: * Pablo Gosse [EMAIL PROTECTED]: I just noticed that if I open up a Mozilla window, log into my CMS, then open another Mozilla window (not by ctrl-n, but by selecting it from my programs menu) and bring up the login page in that new window, then it detects the session from the other window and redirects right to the CMS control panel. In IE, this will happen if I ctrl-n a new window, but not if I start a new instance of the browser from the program list. Is the correct behavior for sessions in Mozilla? I've searched the lists but I couldn't find anything which seemed to answer this. My understanding is that if you have a session of Mozilla open, if you run the executable again, it searches for a running session and, if one is found, uses it to spawn a new window without actually running another copy. The way around this is to use profiles in mozilla. -- /*** * Robby Russell | Owner.Developer.Geek * PLANET ARGON | www.planetargon.com * Portland, OR | [EMAIL PROTECTED] * 503.351.4730 | blog.planetargon.com * PHP/PostgreSQL Hosting Development / signature.asc Description: This is a digitally signed message part
[PHP] Re: Sessions not destroyed
are you using the default PHP sessions? or are you using a custom session handler? Hendrik Schmieder wrote: Hello, we have a severe problem with seesions. We use Apache 1.3.31 with PHP 4.3.9 as Apache module in Windows 2000 In our php.ini we have session.gc_probability = 100 session.gc_dividend= 100 session.gc_maxlifetime = 120 But even after 20 minutes the session file is still there. And the session file ist also not deleted if we then stop the apache service. Has anybody an idea ? TIA Hendrik Schmieder -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions not destroyed
M. Sokolewicz schrieb: are you using the default PHP sessions? or are you using a custom session handler? Hendrik Schmieder wrote: Hello, we have a severe problem with seesions. We use Apache 1.3.31 with PHP 4.3.9 as Apache module in Windows 2000 In our php.ini we have session.gc_probability = 100 session.gc_dividend= 100 session.gc_maxlifetime = 120 But even after 20 minutes the session file is still there. And the session file ist also not deleted if we then stop the apache service. Has anybody an idea ? TIA Hendrik Schmieder We are using the default php sessions , This are all of our session settings; [Session] session.save_handler = files session.save_path = D:\Worksheet-Server\apache\sessiondata session.use_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = / session.cookie_domain = session.serialize_handler = php session.gc_probability = 100 session.gc_dividend= 100 session.gc_maxlifetime = 120 session.bug_compat_42 = 1 session.bug_compat_warn = 1 session.referer_check = session.entropy_length = 0 session.entropy_file = session.cache_limiter = nocache session.cache_expire = 180 session.use_trans_sid = 1 url_rewriter.tags = a=href,area=href,frame=src,input=src,form=,fieldset= with best regards Hendrik Schmieder -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions not destroyed
Patrick Blousson schrieb: Hi, What about your hard disk partitions? Sessions only works on NTFS partitions. FAT don 't have a last accessed flag on file. Patrick. - Original Message - From: Hendrik Schmieder [EMAIL PROTECTED] Newsgroups: php.general To: [EMAIL PROTECTED] Sent: Friday, October 08, 2004 7:23 AM Subject: Sessions not destroyed Hello, we have a severe problem with seesions. We use Apache 1.3.31 with PHP 4.3.9 as Apache module in Windows 2000 In our php.ini we have session.gc_probability = 100 session.gc_dividend= 100 session.gc_maxlifetime = 120 But even after 20 minutes the session file is still there. And the session file ist also not deleted if we then stop the apache service. Has anybody an idea ? TIA Hendrik Schmieder NTFS but you claim about FAT is wrong for PHP = 4.2.3 : Since PHP 4.2.3 it has used mtime (modified date) instead of atime. So, you won't have problems with filesystems where atime tracking is not available. http://www.php.net/manual/en/ref.session.php Hendrik -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions and Logins
Hi Dennis, see below Dennis Gearon [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Please CC me - I am designing my own 'usr' class that takes care of logins. I need to know the following to finish it. --- A/ Does anybody use sessions for users who are not logged into the site, and why? This might make sense when you have a protected area on your web site. Having the session run all the time would allow the user to naviagte the whole site *after* login without losing his authentication. When he is logged in, just store some kind of value or object in the session. On the protected pages check for this value. If it's not in the session redirect to a login page. B/ If a user goes from unlogged in, unidentified user to a logged in, identified user, is the first session canceled and new session started? You can control this yourself - usually you don't have to start a new session after login. But applying session_regenerate_id() adds a bit of security because it changes the session id (which might have been public before login). See: http://de3.php.net/manual/en/function.session-regenerate-id.php C/ (The reverse), if a user goes from logged in, identified user to a unlogged in, unidentified user, is the first session canceled and new session started? Use session_destroy() and redirect to the start/login page with a clean: header('location: http://www.yoursite.com'); exit; This will start a new session. You might also need to unset a cookie before session_destroy() if you are using cookies. D/ How is it possible, using PHP4+ sessions, to cancel a session a page is opened with, and starting a new session? Again, use a header redirect. thanks all of you. I **LOVE** using this PHP 'thang' :-) Dennis Regards, Torsten Roehr -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions session_start() my problem
that was a bit confusing, but it looks like you call session_start() more than once in a script. You only need to call it once, and you need to call it before any headers get sent, at the top of the script is a good place. If you're scripts are already setup like that just ignore me. Oh, also, if you include a file that has session_start() in it you'll get that warning too. -- -- Jasper Howard :: Database Administration Velocity7 1.530.470.9292 http://www.Velocity7.com/ -- Pahlevanzadeh Mohsen [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Dears,I have 3 files. k.php : ? session_start(); $S_userk=$HTTP_POST_VARS['u']; $S_pass=$HTTP_POST_VARS['p']; //echo $S_pass; session_register('S_userk'); session_register('S_passk'); include 'http://1.1.1.1/membership/login.php?g=0'; ? login.php: define(HOST,localhost); define(USER,root); define(PASS, ); define(DB,mem); /// session_start(); if ($HTTP_GET_VARS['g']==1) { $username=$S_username; $password=$S_password; //print $username; } else if ($HTTP_GET_VARS['g']==0) { $password=$S_passk; $username=$S_userk; } $S_username=$username; $S_password=$password; if(empty($S_username) empty($S_password) ) { mysql_connect(HOST,USER) or die(connect); mysql_select_db(DB) or die(db); $result=mysql_query(SELECT count(*) as numfound FROM usernames where user='$username' and pass='$password') or die(jjjgar); $result_ar=mysql_fetch_array($result); if($result_ar['numfound'] 1 ) { //echo ffdsfsfsdvfdsfdssc; //curl_exec(curl_init('http://1.1.1.1/membership/index.html')); header('Location: index.html'); exit; } session_register('S_username'); session_register('S_password'); echo Logged in successfully!; But when i loggin in my site,I recv following warnings: Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /var/www/html/membership/k.php:2) in /var/www/html/membership/k.php on line 3 Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /var/www/html/membership/k.php:2) in /var/www/html/membership/k.php on line 3 Please explaine me on my warnings. Yours,Mohsen. = -DIGITAL SIGNATURE--- ///Mohsen Pahlevanzadeh Network administrator programmer My work phone is : +98216054096-7 My home phone is: +98213810146 My emails is [EMAIL PROTECTED] My website is: http://webnegar.net __ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions session_start() my problem
I have deleted session_start() at login.php Thus i have 1 session_start() But i receive them yet. Yours,Mohsen --- Jasper Howard [EMAIL PROTECTED] wrote: that was a bit confusing, but it looks like you call session_start() more than once in a script. You only need to call it once, and you need to call it before any headers get sent, at the top of the script is a good place. If you're scripts are already setup like that just ignore me. Oh, also, if you include a file that has session_start() in it you'll get that warning too. -- -- Jasper Howard :: Database Administration Velocity7 1.530.470.9292 http://www.Velocity7.com/ -- Pahlevanzadeh Mohsen [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Dears,I have 3 files. k.php : ? session_start(); $S_userk=$HTTP_POST_VARS['u']; $S_pass=$HTTP_POST_VARS['p']; //echo $S_pass; session_register('S_userk'); session_register('S_passk'); include 'http://1.1.1.1/membership/login.php?g=0'; ? login.php: define(HOST,localhost); define(USER,root); define(PASS, ); define(DB,mem); /// session_start(); if ($HTTP_GET_VARS['g']==1) { $username=$S_username; $password=$S_password; //print $username; } else if ($HTTP_GET_VARS['g']==0) { $password=$S_passk; $username=$S_userk; } $S_username=$username; $S_password=$password; if(empty($S_username) empty($S_password) ) { mysql_connect(HOST,USER) or die(connect); mysql_select_db(DB) or die(db); $result=mysql_query(SELECT count(*) as numfound FROM usernames where user='$username' and pass='$password') or die(jjjgar); $result_ar=mysql_fetch_array($result); if($result_ar['numfound'] 1 ) { //echo ffdsfsfsdvfdsfdssc; //curl_exec(curl_init('http://1.1.1.1/membership/index.html')); header('Location: index.html'); exit; } session_register('S_username'); session_register('S_password'); echo Logged in successfully!; But when i loggin in my site,I recv following warnings: Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /var/www/html/membership/k.php:2) in /var/www/html/membership/k.php on line 3 Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /var/www/html/membership/k.php:2) in /var/www/html/membership/k.php on line 3 Please explaine me on my warnings. Yours,Mohsen. = -DIGITAL SIGNATURE--- ///Mohsen Pahlevanzadeh Network administrator programmer My work phone is : +98216054096-7 My home phone is: +98213810146 My emails is [EMAIL PROTECTED] My website is: http://webnegar.net __ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php = -DIGITAL SIGNATURE--- ///Mohsen Pahlevanzadeh Network administrator programmer My home phone is: +98213810146 My email address is m_pahlevanzadeh at yahoo dot com My website is: http://webnegar.net __ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions session_start() my problem
is this php script at the top of the page, there is nothing before it? -- -- Jasper Howard :: Database Administration Velocity7 1.530.470.9292 http://www.Velocity7.com/ -- Pahlevanzadeh Mohsen [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I have deleted session_start() at login.php Thus i have 1 session_start() But i receive them yet. Yours,Mohsen --- Jasper Howard [EMAIL PROTECTED] wrote: that was a bit confusing, but it looks like you call session_start() more than once in a script. You only need to call it once, and you need to call it before any headers get sent, at the top of the script is a good place. If you're scripts are already setup like that just ignore me. Oh, also, if you include a file that has session_start() in it you'll get that warning too. -- -- Jasper Howard :: Database Administration Velocity7 1.530.470.9292 http://www.Velocity7.com/ -- Pahlevanzadeh Mohsen [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Dears,I have 3 files. k.php : ? session_start(); $S_userk=$HTTP_POST_VARS['u']; $S_pass=$HTTP_POST_VARS['p']; //echo $S_pass; session_register('S_userk'); session_register('S_passk'); include 'http://1.1.1.1/membership/login.php?g=0'; ? login.php: define(HOST,localhost); define(USER,root); define(PASS, ); define(DB,mem); /// session_start(); if ($HTTP_GET_VARS['g']==1) { $username=$S_username; $password=$S_password; //print $username; } else if ($HTTP_GET_VARS['g']==0) { $password=$S_passk; $username=$S_userk; } $S_username=$username; $S_password=$password; if(empty($S_username) empty($S_password) ) { mysql_connect(HOST,USER) or die(connect); mysql_select_db(DB) or die(db); $result=mysql_query(SELECT count(*) as numfound FROM usernames where user='$username' and pass='$password') or die(jjjgar); $result_ar=mysql_fetch_array($result); if($result_ar['numfound'] 1 ) { //echo ffdsfsfsdvfdsfdssc; //curl_exec(curl_init('http://1.1.1.1/membership/index.html')); header('Location: index.html'); exit; } session_register('S_username'); session_register('S_password'); echo Logged in successfully!; But when i loggin in my site,I recv following warnings: Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /var/www/html/membership/k.php:2) in /var/www/html/membership/k.php on line 3 Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /var/www/html/membership/k.php:2) in /var/www/html/membership/k.php on line 3 Please explaine me on my warnings. Yours,Mohsen. = -DIGITAL SIGNATURE--- ///Mohsen Pahlevanzadeh Network administrator programmer My work phone is : +98216054096-7 My home phone is: +98213810146 My emails is [EMAIL PROTECTED] My website is: http://webnegar.net __ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php = -DIGITAL SIGNATURE--- ///Mohsen Pahlevanzadeh Network administrator programmer My home phone is: +98213810146 My email address is m_pahlevanzadeh at yahoo dot com My website is: http://webnegar.net __ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions nightmare continue...
Why are you testing if $_POST['submit'] is set are you posting something to the page?? In the two scripts you posted the code block wont be executed because there is no post variable being set. Try this: a1.php == ?php session_start(); header(Cache-control: private); // IE 6 Fix. $_SESSION[login]=inside; session_write_close(); header(Location: a2.php); exit(); ? pre ?php print_r($_SESSION); ? /pre == AND a2.php == ?php session_start(); header(Cache-control: private); // IE 6 Fix. if(!isset($_SESSION[login])){ echo(brsession variable NOT set); }else{ echo(brsession variable set); } echo(brsession ID: . session_id()); echo(brsession value: . $_SESSION[login]); ? pre ?php print_r($_SESSION); ? /pre == Works fine now. HTH Craig Angelo Zanetti [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi all, Still no luck with sessions. I have installed an older version: 4.3.1 and have register_globals=Off I have 2 test pages a1.php and a2.php All I want to do is register a session variable, set a value for it and then in a2.php check that it is still registered and view the session's value. a1.php: ? session_start(); header(Cache-control: private); // IE 6 Fix. if(isset($_POST['Submit'])) { $_SESSION[login]=inside; session_write_close(); header(Location: a2.php); exit(); } ? I can successfully register the session variable and set the value of it on page a1.php but when I go to page a2.php the session variable is not set and the value isnt set either. a2.php: ? session_start(); header(Cache-control: private); // IE 6 Fix. if(!isset($_SESSION[login])) echo(brsession variable NOT set); else echo(brsession variable set); echo(brsession ID: . session_id()); echo(brsession value: . $_SESSION[login]); ? I have been trying to get this to work for ages with no luck. I have been reading the manual and have googled and cant seem to find the problem. if anyone can help that would be great. thanks in advance Angelo Disclaimer This e-mail transmission contains confidential information, which is the property of the sender. The information in this e-mail or attachments thereto is intended for the attention and use only of the addressee. Should you have received this e-mail in error, please delete and destroy it and any attachments thereto immediately. Under no circumstances will the Cape Technikon or the sender of this e-mail be liable to any party for any direct, indirect, special or other consequential damages for any use of this e-mail. For the detailed e-mail disclaimer please refer to http://www.ctech.ac.za/polic or call +27 (0)21 460 3911 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions nightmare continue...SOLVED
Thanks to all that responded, I have finally found the problem: When I installed PHP again, I kept on modifying the PHP.ini in the WINNT directory (as specified in the manual) but the PHP.ini that was being looked up was the 1 in the c:\php directory so I kept on trying all new things and nothing worked. Thanks again. Please remeber so that you dont make the same mistake as me Angelo Craig Donnelly [EMAIL PROTECTED] 8/17/2004 12:04:42 PM Why are you testing if $_POST['submit'] is set are you posting something to the page?? In the two scripts you posted the code block wont be executed because there is no post variable being set. Try this: a1.php == ?php session_start(); header(Cache-control: private); // IE 6 Fix. $_SESSION[login]=inside; session_write_close(); header(Location: a2.php); exit(); ? pre ?php print_r($_SESSION); ? /pre == AND a2.php == ?php session_start(); header(Cache-control: private); // IE 6 Fix. if(!isset($_SESSION[login])){ echo(brsession variable NOT set); }else{ echo(brsession variable set); } echo(brsession ID: . session_id()); echo(brsession value: . $_SESSION[login]); ? pre ?php print_r($_SESSION); ? /pre == Works fine now. HTH Craig Angelo Zanetti [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi all, Still no luck with sessions. I have installed an older version: 4.3.1 and have register_globals=Off I have 2 test pages a1.php and a2.php All I want to do is register a session variable, set a value for it and then in a2.php check that it is still registered and view the session's value. a1.php: ? session_start(); header(Cache-control: private); // IE 6 Fix. if(isset($_POST['Submit'])) { $_SESSION[login]=inside; session_write_close(); header(Location: a2.php); exit(); } ? I can successfully register the session variable and set the value of it on page a1.php but when I go to page a2.php the session variable is not set and the value isnt set either. a2.php: ? session_start(); header(Cache-control: private); // IE 6 Fix. if(!isset($_SESSION[login])) echo(brsession variable NOT set); else echo(brsession variable set); echo(brsession ID: . session_id()); echo(brsession value: . $_SESSION[login]); ? I have been trying to get this to work for ages with no luck. I have been reading the manual and have googled and cant seem to find the problem. if anyone can help that would be great. thanks in advance Angelo Disclaimer This e-mail transmission contains confidential information, which is the property of the sender. The information in this e-mail or attachments thereto is intended for the attention and use only of the addressee. Should you have received this e-mail in error, please delete and destroy it and any attachments thereto immediately. Under no circumstances will the Cape Technikon or the sender of this e-mail be liable to any party for any direct, indirect, special or other consequential damages for any use of this e-mail. For the detailed e-mail disclaimer please refer to http://www.ctech.ac.za/polic or call +27 (0)21 460 3911 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Disclaimer This e-mail transmission contains confidential information, which is the property of the sender. The information in this e-mail or attachments thereto is intended for the attention and use only of the addressee. Should you have received this e-mail in error, please delete and destroy it and any attachments thereto immediately. Under no circumstances will the Cape Technikon or the sender of this e-mail be liable to any party for any direct, indirect, special or other consequential damages for any use of this e-mail. For the detailed e-mail disclaimer please refer to http://www.ctech.ac.za/polic or call +27 (0)21 460 3911 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions not working when page redirects
u need to start the session at the top of each page sesion_start(); Angelo Zanetti wrote: Hi all, Im having a slightly weird problem with my session variables. when on a certain page call it A, I register a session variable and assign it a value. I then test if it is registered successfully and has the correct value on the same page, that works no problem. After that page A redirects to page B: header(Location: ../admin/include/B.php); After this I do the exact same test on page B to test for successful registration and value and I get that the session variable is not registered. on page B I do have session_start(); at the top. I even do 2 tests to on the session variable: if (session_is_registered(myvar)) and if (isset($_SESSION[myvar])) and they both tell me that the session variable is not registered. what could be causing the sesssion variable not to be remembered from page to page. I am using register_globals=on; any ideas/comments? Thanks Angelo Disclaimer This e-mail transmission contains confidential information, which is the property of the sender. The information in this e-mail or attachments thereto is intended for the attention and use only of the addressee. Should you have received this e-mail in error, please delete and destroy it and any attachments thereto immediately. Under no circumstances will the Cape Technikon or the sender of this e-mail be liable to any party for any direct, indirect, special or other consequential damages for any use of this e-mail. For the detailed e-mail disclaimer please refer to http://www.ctech.ac.za/polic or call +27 (0)21 460 3911 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions not working when page redirects
I do do that on all pages... pete M [EMAIL PROTECTED] 8/10/2004 2:15:21 PM u need to start the session at the top of each page sesion_start(); Angelo Zanetti wrote: Hi all, Im having a slightly weird problem with my session variables. when on a certain page call it A, I register a session variable and assign it a value. I then test if it is registered successfully and has the correct value on the same page, that works no problem. After that page A redirects to page B: header(Location: ../admin/include/B.php); After this I do the exact same test on page B to test for successful registration and value and I get that the session variable is not registered. on page B I do have session_start(); at the top. I even do 2 tests to on the session variable: if (session_is_registered(myvar)) and if (isset($_SESSION[myvar])) and they both tell me that the session variable is not registered. what could be causing the sesssion variable not to be remembered from page to page. I am using register_globals=on; any ideas/comments? Thanks Angelo Disclaimer This e-mail transmission contains confidential information, which is the property of the sender. The information in this e-mail or attachments thereto is intended for the attention and use only of the addressee. Should you have received this e-mail in error, please delete and destroy it and any attachments thereto immediately. Under no circumstances will the Cape Technikon or the sender of this e-mail be liable to any party for any direct, indirect, special or other consequential damages for any use of this e-mail. For the detailed e-mail disclaimer please refer to http://www.ctech.ac.za/polic or call +27 (0)21 460 3911 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Disclaimer This e-mail transmission contains confidential information, which is the property of the sender. The information in this e-mail or attachments thereto is intended for the attention and use only of the addressee. Should you have received this e-mail in error, please delete and destroy it and any attachments thereto immediately. Under no circumstances will the Cape Technikon or the sender of this e-mail be liable to any party for any direct, indirect, special or other consequential damages for any use of this e-mail. For the detailed e-mail disclaimer please refer to http://www.ctech.ac.za/polic or call +27 (0)21 460 3911 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions Problem !!
Dre wrote: the exact error messages are == Warning: session_start(): open(/tmp\sess_000c30790862f64268e755546b6fcbb2, O_RDWR) failed: No such file or directory (2) in C:\Program Files\Apache Group\Apache2\htdocs\maillist\maillist\admin.php on line 1 First, if you want to store session data on win32, you'll need to change the session.savepath in your php.ini. open it and search for: session.save_path and change it from session.save_path = /tmp to session.save_path = C:\WINDOWS\Temp (Or wherever your temp folder is if you're not on XP) Warning: session_start(): Cannot send session cookie - headers already sent by (output started at C:\Program Files\Apache Group\Apache2\htdocs\maillist\maillist\admin.php:1) in C:\Program Files\Apache Group\Apache2\htdocs\maillist\maillist\admin.php on line 1 This error tells you that the output was started at line 1 of your admin.php file. (maybe a blank line at the top of the script?) As Miles suggested: You have to call session_start() before any output to the page, even a single space. -- Chris Martin Web Developer Open Source Web Standards Advocate http://www.chriscodes.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions Problem !!
This one time, at band camp, Chris Martin [EMAIL PROTECTED] wrote: Warning: session_start(): Cannot send session cookie - headers already sent by (output started at C:\Program Files\Apache Group\Apache2\htdocs\maillist\maillist\admin.php:1) in C:\Program Files\Apache Group\Apache2\htdocs\maillist\maillist\admin.php on line 1 This error tells you that the output was started at line 1 of your admin.php file. (maybe a blank line at the top of the script?) As Miles suggested: You have to call session_start() before any output to the page, even a single space. This error is more likely generated as the headers are being sent from the error message. Kevin -- __ (_ \ _) ) | / / _ ) / _ | / ___) / _ ) | | ( (/ / ( ( | |( (___ ( (/ / |_| \) \_||_| \) \) Kevin Waterson Port Macquarie, Australia -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions Problem !!
Thanks Chris ... problem solved, I'm sorry but these configuration details is a bit new for me Originally I'm a C++ programmer and web development is not my major kind of work Thanks again Chris Martin [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Dre wrote: the exact error messages are == Warning: session_start(): open(/tmp\sess_000c30790862f64268e755546b6fcbb2, O_RDWR) failed: No such file or directory (2) in C:\Program Files\Apache Group\Apache2\htdocs\maillist\maillist\admin.php on line 1 First, if you want to store session data on win32, you'll need to change the session.savepath in your php.ini. open it and search for: session.save_path and change it from session.save_path = /tmp to session.save_path = C:\WINDOWS\Temp (Or wherever your temp folder is if you're not on XP) Warning: session_start(): Cannot send session cookie - headers already sent by (output started at C:\Program Files\Apache Group\Apache2\htdocs\maillist\maillist\admin.php:1) in C:\Program Files\Apache Group\Apache2\htdocs\maillist\maillist\admin.php on line 1 This error tells you that the output was started at line 1 of your admin.php file. (maybe a blank line at the top of the script?) As Miles suggested: You have to call session_start() before any output to the page, even a single space. -- Chris Martin Web Developer Open Source Web Standards Advocate http://www.chriscodes.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions Problem !!
Dre wrote: Thanks Chris ... problem solved, I'm sorry but these configuration details is a bit new for me Originally I'm a C++ programmer and web development is not my major kind of work Thanks again Good. I think that little tidbit was actually left out of the windows install notes, but I could've just overlooked it. -- Chris Martin Web Developer Open Source Web Standards Advocate http://www.chriscodes.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions handling
Dmitry Ruban wrote: Hi folks, We have two instances of apache/mod_php running on 80 and 443 ports accordingly. For both mod_php we have the same dir (/tmp) to store session information. Is it possible to mix sessions data up if user switches between 80 and 443 ports? I mean what if when user surfs over 80 port and has already sessionID in this mod_php context(PHPSESSID stores in cookie), then he jumps to 443 instance, would that mod_php correctly find proper session file? Is it possible that PHPSESSID in 443 context hasn't been initialized and mod_php won't get proper file? Regards, Dima Ruban Check your COOKIE root settings, and make sure the root domain name for the cookie is common to both the 443 and 80 connections. -Fred -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
On Sun, May 23, 2004 at 09:00:41PM +0200, Maarten Weyn wrote: It worked for 5 minutes after a reboot, but now i get the same problem what happens is that on every session_start(); a new sessid is created how comes it doesn't use the old one I am starting to believe that session support is badly broken in PHP. I've been trying to solve a similar situation (sessions never work for me, even after an apache restart) and the list seems baffled. /\/\ \/\/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions
it works back after a reboot but does anybody know how it could have happened? Maarten Weyn [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi, All my session_start() calls were working fine. But since yesterday the vars i use does not keep there value i use $_SESSION['varname'] Nothing has been changed to the server normally, but on all my sites it does work anymore i think the problem is that when i use session_start() and then for example $_SESSION[username] = 'test'; on at an other page: session_start() then echo $_SESSION[username] gives blanco. How can this be? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions
It worked for 5 minutes after a reboot, but now i get the same problem what happens is that on every session_start(); a new sessid is created how comes it doesn't use the old one Maarten Weyn [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi, All my session_start() calls were working fine. But since yesterday the vars i use does not keep there value i use $_SESSION['varname'] Nothing has been changed to the server normally, but on all my sites it does work anymore i think the problem is that when i use session_start() and then for example $_SESSION[username] = 'test'; on at an other page: session_start() then echo $_SESSION[username] gives blanco. How can this be? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions
Maarten Weyn [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] It worked for 5 minutes after a reboot, but now i get the same problem what happens is that on every session_start(); a new sessid is created how comes it doesn't use the old one Haven't followed this thread yet. Are you using cookies or passing the session id via GET? Regards, Torsten Roehr -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions still do not persist
Michael R. Wayne [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I've posted several times mentioning that I am completely unable to cause sessions to persist. Over the intervening time, I have replicated this problem to a different machine, with the same results. Here's a recap of the problem. I am not using cookies. Sessions are automatically created (and changing that makes no difference) The relevant session variables (copied from phpinfo) are: Session Support enabled session.auto_start On - hence no session_start session.name PHPSESSID session.use_cookies Off - no cookies session.use_trans_sidOn Environment is FreeBSD4.8. phpinfo for apache says: Apache/1.3.29 (Unix) mod_perl/1.28 PHP/4.3.4 mod_ssl/2.8.16 OpenSSL/0.9.6d Here is a cut/paste of the borwser screen for the code below: Stage:0 SessionID: 04ace04b1fe0bc81d2cd678c9bab1619 _ [Submit] Stage:1 SessionID: 04ace04b1fe0bc81d2cd678c9bab1619 Request: Array ( ) So I type foo into the box and hit submit. And the session variable is NOT preserved: Stage:0 SessionID: 55c70989b7279d6a18edfd81b28d67a6 foo___ [Submit] Stage:1 SessionID: 55c70989b7279d6a18edfd81b28d67a6 Request: Array [PHPSESSID] = 04ace04b1fe0bc81d2cd678c9bab1619 [field] = foo ) The session directory IS writable and I see the expected information being written there: -rw--- 1 nobody wheel 10 May 21 13:35 sess_04ace04b1fe0bc81d2cd678c9bab1619 -rw--- 1 nobody wheel 10 May 21 13:38 sess_55c70989b7279d6a18edfd81b28d67a6 Apache runs as user nobody on this server. Both session files contain: stage|i:1; but the files never seem to be being read back! Help!? Here's the entire php code I'm testing with: ? if (!isset($_SESSION['stage'])) { $_SESSION['stage'] = 0; } if (!isset($_POST['field'])) { $_POST['field'] = ; } ? html headtitlePHP Test page/title/head body ? echo Stage:; echo $_SESSION['stage']; echo SessionID: ; echo session_id(); $_SESSION['stage'] = 1; ? form method=post action=xxx.php input type=text maxlength=7 size=7 name=field value=?echo $_POST['field']? input type=submit value=Submit /form ? echo Stage:; echo $_SESSION['stage']; echo ; echo SessionID: ; echo session_id(); echo ; echo Request: ; print_r($_REQUEST); ? /body /html As far as I remember session.use_trans_sid does NOT work with forms (action attribute). Have you tried appending it manually to the action?: form method=post action=xxx.php?= SID; ? Regards, Torsten -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
On Fri, May 21, 2004 at 08:04:00PM +0200, Torsten Roehr wrote: As far as I remember session.use_trans_sid does NOT work with forms (action attribute). Have you tried appending it manually to the action?: Well, this certainly seems to be progress in the correct direction. So session.use_trans_sid used to work with forms in 4.1.2 (I'm suffering from an upgrade here) but no longer does? This really helps. form method=post action=xxx.php?= SID; ? This ALMOST works. Looks like a seperator is needed. I get: POST /xxx.phpPHPSESSID=3a2c0413ec84a00e36ea0317c193ccb2 HTTP/1.1 Do I want ?=PHPSESSID=sessionID or just ?=sessionID or what? Thanx! /\/\ \/\/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
Michael R. Wayne [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] On Fri, May 21, 2004 at 08:04:00PM +0200, Torsten Roehr wrote: As far as I remember session.use_trans_sid does NOT work with forms (action attribute). Have you tried appending it manually to the action?: Well, this certainly seems to be progress in the correct direction. So session.use_trans_sid used to work with forms in 4.1.2 (I'm suffering from an upgrade here) but no longer does? This really helps. form method=post action=xxx.php?= SID; ? This ALMOST works. Looks like a seperator is needed. I get: POST /xxx.phpPHPSESSID=3a2c0413ec84a00e36ea0317c193ccb2 HTTP/1.1 Do I want ?=PHPSESSID=sessionID or just ?=sessionID or what? Sorry, I'm an idiot! The ? was missing: form method=post action=xxx.php??= SID; ? This should work. As far as I have seen trans_sid is not used very often - obviously because of problems like yours. The best way is always to pass the session ID yourself. Either with a cookie or via GET. I prefer GET because with cookies you are reliant on the client supporting/allowing cookies. Regards, Torsten -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
On Fri, May 21, 2004 at 08:35:37PM +0200, Torsten Roehr wrote: Sorry, I'm an idiot! The ? was missing: form method=post action=xxx.php??= SID; ? Thank you, thank you. This does indeed seem to work in my test script. Now to go work on the real version. This should work. As far as I have seen trans_sid is not used very often - obviously because of problems like yours. The best way is always to pass the session ID yourself. Either with a cookie or via GET. I prefer GET because with cookies you are reliant on the client supporting/allowing cookies. Oddly, this all worked properly under 4.1.2. When we upgraded, things broke. And I have a strong personal bias against cookies. One again, thank you for the solution! /\/\ \/\/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
On Fri, May 21, 2004 at 08:35:37PM +0200, Torsten Roehr wrote: Sorry, I'm an idiot! The ? was missing: form method=post action=xxx.php??= SID; ? Well, I spoke too soon. It does work, but only the SECOND time the script is run! Stage:0 SessionID: 6c9a1819fe95fa6f08f385ee2afa71ca __ [Submit] Stage:1 SessionID: 6c9a1819fe95fa6f08f385ee2afa71ca Request: Array ( ) Type foo into the form, hit submit and the session variable is not being preserved: Stage:0 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 foo___ [Submit] Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 Request: Array ( [PHPSESSID] = 6c9a1819fe95fa6f08f385ee2afa71ca [field] = foo ) Type bar into the form, hit submit and the session variable IS being preserved: Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 bar___ [Submit] Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 Request: Array ( [PHPSESSID] = ac429ad0086eb5b4d1130eb2e2fddcb9 [field] = bar ) So, what am I missing here? Code, for reference: ? if (!isset($_SESSION['stage'])) { $_SESSION['stage'] = 0; } if (!isset($_POST['field'])) { $_POST['field'] = ; } ? html headtitlePHP Test page/title/head body ? echo Stage:; echo $_SESSION['stage']; echo SessionID: ; echo session_id(); $_SESSION['stage'] = 1; ? form method=post action=xxx.php??= SID; ? input type=text maxlength=7 size=7 name=field value=?echo $_POST['field']? input type=submit value=Submit /form ? echo Stage:; echo $_SESSION['stage']; echo ; echo SessionID: ; echo session_id(); echo ; echo Request: ; print_r($_REQUEST); ? /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
Michael R. Wayne [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] On Fri, May 21, 2004 at 08:35:37PM +0200, Torsten Roehr wrote: Sorry, I'm an idiot! The ? was missing: form method=post action=xxx.php??= SID; ? Well, I spoke too soon. It does work, but only the SECOND time the script is run! Stage:0 SessionID: 6c9a1819fe95fa6f08f385ee2afa71ca __ [Submit] Stage:1 SessionID: 6c9a1819fe95fa6f08f385ee2afa71ca Request: Array ( ) Type foo into the form, hit submit and the session variable is not being preserved: Stage:0 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 foo___ [Submit] Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 Request: Array [PHPSESSID] = 6c9a1819fe95fa6f08f385ee2afa71ca [field] = foo ) Type bar into the form, hit submit and the session variable IS being preserved: Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 bar___ [Submit] Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 Request: Array [PHPSESSID] = ac429ad0086eb5b4d1130eb2e2fddcb9 [field] = bar ) So, what am I missing here? You could try it without session.auto_start. Turn it off and put session_start() at the top of the script (in all pages). Regards, Torsten -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
On Fri, May 21, 2004 at 09:12:02PM +0200, Torsten Roehr wrote: So, what am I missing here? You could try it without session.auto_start. Turn it off and put session_start() at the top of the script (in all pages). Tried that - makes no difference. Still works properly on the second call but not the first. /\/\ \/\/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions pls help
Take a look at PEAR:Auth Walter Robi [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I need some info about sessions in php, to clarify my knowledge and usage. So lets imagine that I am building a web site where I can log in and log off, it is without db. How do I use sessions, am I right use the start_session() and its a value to PHPSID as cookie, so if make link to another page I will check against phpsesid which is cookie against the id what I have in link?right? pls help troby -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions pls help
Well, What you need to do is start all pages with the session_start(); variable, like this : ?php session_start(); ? This would make you ready for handling logins and such further down the page. What you also need to do is two things, 1. Create a login which registers a new session. 2. Create a validation function which validates the logged user on each page. Example, login page : ?php session_start(); if(($_GET[username]==thename) ($_GET[password]==thepass)){ $u-username=$_GET[username]; $u-password=$_GET[password]; session_register(u); } ? The above code would mean that a) You enable the session for the page. b) If the username and passord is valid, you se the sessionobject, in the example u to the username and passord. Further you need the page to validate if you have a valid login, a simple way would be to just validate if the u object is something at all, since if you havnt logged in there isnt any value here. Example : // check if user logged in if(!$u-username){ // Not logged in, lets throw a header or something to send the user to login page } The best should be to look up the username from $u-username against your database to be sure that the username infact is valid. Final script page would be : ?php // start session session_start(); // Login, register session object if(($_GET[username]==thename) ($_GET[password]==thepass)){ $u-username=$_GET[username]; $u-password=$_GET[password]; session_register(u); } // check if user logged in if(!$u-username){ // Not logged in, lets throw a header or something to send the user to login page header(location: login.php); exit; } // The rest of page comes here ? This is a brief explernation which should give you what you need to get going on your session handling. You also might want to add more variables into the prosess, like IP, browseragent and such to prevent session hijacking from proxy servers, just to be on the secure side. -- -- Kim Steinhaug -- There are 10 types of people when it comes to binary numbers: those who understand them, and those who don't. -- www.steinhaug.com - www.easywebshop.no - www.webkitpro.com -- Robi [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I need some info about sessions in php, to clarify my knowledge and usage. So lets imagine that I am building a web site where I can log in and log off, it is without db. How do I use sessions, am I right use the start_session() and its a value to PHPSID as cookie, so if make link to another page I will check against phpsesid which is cookie against the id what I have in link?right? pls help troby -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions and PHP
THis does the same http://0x00.org/php/phpApplication/ pete Patrik Fomin wrote: Hi,, is there anyway to get the number of people connected to the site? in asp you just use Application and session_terminate to accomplish this is there anyway to do this in PHP ? regards patrick -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions, sessions and... sessions
Hi Puiu, I've been having the same problem too. My code that worked up until recently just stopped working. I did change from using: session_register(user_id); if (!(user_id)){ to using: session_start(); if (!$_SESSION['user_id']){ Now it works with my computer Win98 and MS-IE5.5 but not on my client's computer Win98 and MS-IE6. I think there's something seriously wrong somewhere (either PHP or MS). I'll keep you posted if I find a solution. Pance. Puiu Hrenciuc [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I am a little desperate right now since I have tried to solve this problem for 3-4 days now. I have developed a site that uses sessions for user authentication and data storage between page access. The development server is Apache1.3.24/MySQL4.1.0/PHP4.3.3/Win XP Pro The release server is Apache1.3.27/MySQ3.2.25/PHP4.3.1/Linux 2.4.25 The site is working just fine on the development server, but when uploading on release server it keeps losing session data and the users are logged out of their account in a randomly manner. I can't reproduce the behaviour since it is all randomly, for eg. the session may expire immediately but it can also last 30-40 min. It does not expire on same page every time. I have tried to see if it is a browser related issue so I have loaded the page into IE6, NN7, OPERA7 but the problem persisted. Next step I thought that it could be a process on the release server that deletes files on /tmp so I have changed the session_save_path to another dir, same problem. Now I have made some functions and keep the sessions in a MySQL database. It works fine on the development server, but... , BUT... , it has the same behaviour on the release server. Using MySQL storage I have discovered the PHP changes SIDs randomly ( at least so it seems ) so the session's data is not lost ( the MySQL record is there, and the data field is ok, all variables are there kindly waiting to be read by PHP :) ), but new sessions are created for same connection so I think this is PHP or Cookies related. If you would like to see the phpinfo() snapshots: Development server : http://www.pur.ro/devphpinfo.htm Release server : http://www.pur.ro/relphpinfo.htm Can someone please help me, coz' my hair is turning white and I'm too young to die :) Thanks, Puiu Hrenciuc. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions, sessions and... sessions
Hi Puiu, I've been having the same problem too. My code that worked up until recently just stopped working. I did change from using: session_register(user_id); if (!(user_id)){ to using: session_start(); if (!$_SESSION['user_id']){ Now it works with my computer Win98 and MS-IE5.5 but not on my client's computer Win98 and MS-IE6. I think there's something seriously wrong somewhere (either PHP or MS). I'll keep you posted if I find a solution. Pance. Puiu Hrenciuc [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I am a little desperate right now since I have tried to solve this problem for 3-4 days now. I have developed a site that uses sessions for user authentication and data storage between page access. The development server is Apache1.3.24/MySQL4.1.0/PHP4.3.3/Win XP Pro The release server is Apache1.3.27/MySQ3.2.25/PHP4.3.1/Linux 2.4.25 The site is working just fine on the development server, but when uploading on release server it keeps losing session data and the users are logged out of their account in a randomly manner. I can't reproduce the behaviour since it is all randomly, for eg. the session may expire immediately but it can also last 30-40 min. It does not expire on same page every time. I have tried to see if it is a browser related issue so I have loaded the page into IE6, NN7, OPERA7 but the problem persisted. Next step I thought that it could be a process on the release server that deletes files on /tmp so I have changed the session_save_path to another dir, same problem. Now I have made some functions and keep the sessions in a MySQL database. It works fine on the development server, but... , BUT... , it has the same behaviour on the release server. Using MySQL storage I have discovered the PHP changes SIDs randomly ( at least so it seems ) so the session's data is not lost ( the MySQL record is there, and the data field is ok, all variables are there kindly waiting to be read by PHP :) ), but new sessions are created for same connection so I think this is PHP or Cookies related. If you would like to see the phpinfo() snapshots: Development server : http://www.pur.ro/devphpinfo.htm Release server : http://www.pur.ro/relphpinfo.htm Can someone please help me, coz' my hair is turning white and I'm too young to die :) Thanks, Puiu Hrenciuc. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions, sessions and... sessions
I don't use session_register(), just the $_SESSION global variable, so this is not it... :( Pance [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi Puiu, I've been having the same problem too. My code that worked up until recently just stopped working. I did change from using: session_register(user_id); if (!(user_id)){ to using: session_start(); if (!$_SESSION['user_id']){ Now it works with my computer Win98 and MS-IE5.5 but not on my client's computer Win98 and MS-IE6. I think there's something seriously wrong somewhere (either PHP or MS). I'll keep you posted if I find a solution. Pance. Puiu Hrenciuc [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I am a little desperate right now since I have tried to solve this problem for 3-4 days now. I have developed a site that uses sessions for user authentication and data storage between page access. The development server is Apache1.3.24/MySQL4.1.0/PHP4.3.3/Win XP Pro The release server is Apache1.3.27/MySQ3.2.25/PHP4.3.1/Linux 2.4.25 The site is working just fine on the development server, but when uploading on release server it keeps losing session data and the users are logged out of their account in a randomly manner. I can't reproduce the behaviour since it is all randomly, for eg. the session may expire immediately but it can also last 30-40 min. It does not expire on same page every time. I have tried to see if it is a browser related issue so I have loaded the page into IE6, NN7, OPERA7 but the problem persisted. Next step I thought that it could be a process on the release server that deletes files on /tmp so I have changed the session_save_path to another dir, same problem. Now I have made some functions and keep the sessions in a MySQL database. It works fine on the development server, but... , BUT... , it has the same behaviour on the release server. Using MySQL storage I have discovered the PHP changes SIDs randomly ( at least so it seems ) so the session's data is not lost ( the MySQL record is there, and the data field is ok, all variables are there kindly waiting to be read by PHP :) ), but new sessions are created for same connection so I think this is PHP or Cookies related. If you would like to see the phpinfo() snapshots: Development server : http://www.pur.ro/devphpinfo.htm Release server : http://www.pur.ro/relphpinfo.htm Can someone please help me, coz' my hair is turning white and I'm too young to die :) Thanks, Puiu Hrenciuc. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions, sessions and... sessions
I believe the PHP.INI has to be set with a Session variable temp directory. Hi Puiu, I've been having the same problem too. My code that worked up until recently just stopped working. I did change from using: session_register(user_id); if (!(user_id)){ to using: session_start(); if (!$_SESSION['user_id']){ Now it works with my computer Win98 and MS-IE5.5 but not on my client's computer Win98 and MS-IE6. I think there's something seriously wrong somewhere (either PHP or MS). I'll keep you posted if I find a solution. Pance. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions, sessions and... sessions
session.save_path string session.save_path defines the argument which is passed to the save handler. If you choose the default files handler, this is the path where the files are created. Defaults to /tmp. If session.save_path's path depth is more than 2, garbage collection will not be performed. Hi Puiu, I've been having the same problem too. My code that worked up until recently just stopped working. I did change from using: session_register(user_id); if (!(user_id)){ to using: session_start(); if (!$_SESSION['user_id']){ Now it works with my computer Win98 and MS-IE5.5 but not on my client's computer Win98 and MS-IE6. I think there's something seriously wrong somewhere (either PHP or MS). I'll keep you posted if I find a solution. Pance. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions, sessions and... sessions
I have make a workaround for my problem using MySQL for session storage and not using the PHP generated SIDs, but using some SID generated with something like this : $tsid=$_SERVER['HTTP_USER_AGENT'].'|'.$_SERVER['REMOTE_ADDR'].'|'; $tsid=md5(md5($tsid)); session_id($tsid); session_set_save_handler (mysession_open,mysession_close,mysession_read,mysession_write,myse ssion_destroy,mysession_gc); session_start(); this works just fine, it is more insecure but it works, it also shows that the problem is somewhere in PHP generating another SID for the same user before session's timeout in a randomly manner. I will try to report this in the PHP bugs database. Thanks all for help. Puiu Hrenciuc. Puiu Hrenciuc [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello, I am a little desperate right now since I have tried to solve this problem for 3-4 days now. I have developed a site that uses sessions for user authentication and data storage between page access. The development server is Apache1.3.24/MySQL4.1.0/PHP4.3.3/Win XP Pro The release server is Apache1.3.27/MySQ3.2.25/PHP4.3.1/Linux 2.4.25 The site is working just fine on the development server, but when uploading on release server it keeps losing session data and the users are logged out of their account in a randomly manner. I can't reproduce the behaviour since it is all randomly, for eg. the session may expire immediately but it can also last 30-40 min. It does not expire on same page every time. I have tried to see if it is a browser related issue so I have loaded the page into IE6, NN7, OPERA7 but the problem persisted. Next step I thought that it could be a process on the release server that deletes files on /tmp so I have changed the session_save_path to another dir, same problem. Now I have made some functions and keep the sessions in a MySQL database. It works fine on the development server, but... , BUT... , it has the same behaviour on the release server. Using MySQL storage I have discovered the PHP changes SIDs randomly ( at least so it seems ) so the session's data is not lost ( the MySQL record is there, and the data field is ok, all variables are there kindly waiting to be read by PHP :) ), but new sessions are created for same connection so I think this is PHP or Cookies related. If you would like to see the phpinfo() snapshots: Development server : http://www.pur.ro/devphpinfo.htm Release server : http://www.pur.ro/relphpinfo.htm Can someone please help me, coz' my hair is turning white and I'm too young to die :) Thanks, Puiu Hrenciuc. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions
[EMAIL PROTECTED] wrote: Have a questions about sessions. In building a simple app do I have to include the session id in the url string or in a hidden tag? or does it normally track it by cookies and so I dont have to call it on every page? thoughts on best way to do this I'm trying to learn this myself. It seems to make a difference what version you are running and what the settings are whether it wil semi-automatically update from cookies or the url. A 'hidden tag' doesn't really exist, either it's in a cookie or it's in the url in which case you need a secure connection if you don't want people to be able to hijack the session ID from the url. Here's more of my notes: http://www.php.net/session I've got PHP 4.22 with register globals off so each global variable cannot be registered as session variables. # Registering a variable with $_SESSION # session_start(); if (!isset($_SESSION['count'])) { $_SESSION['count'] = 0; } else { $_SESSION['count']++; } unset($_SESSION['count']); I need to turn on session.use_trans_sid for easy but insecure transparent transforming of links (URIs will be changed to contain the session id automatically). use session_set_save_handler() to create a set of user-level storage functions. http://us4.php.net/manual/en/function.session-set-save-handler.php session_cache_expire session_cache_limiter session_decode -- Decodes session data from a string session_destroy session_encode -- Encodes the current session data as a string session_get_cookie_params session_id -- Get and/or set the current session id registered in a session session_module_name -- Get and/or set the current session module session_name -- Get and/or set the current session name session_regenerate_id -- Update the current session id with a newly generated one current session session_save_path session_set_cookie_params session_set_save_handler -- Sets user-level session storage functions session_start -- Initialize session data session session_write_close -- Write session data and end, alias session_commit pre-4.3 versions or with register globals off don't use these: # session_unset -- Free all session variables # session_is_registered -- Find out whether a global variable is # session_register -- Register one or more global variables with the # session_unregister -- Unregister a global variable from the current -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Sessions
Paul Furman mailto:[EMAIL PROTECTED] on Tuesday, February 17, 2004 10:39 AM said: Have a questions about sessions. In building a simple app do I have to include the session id in the url string or in a hidden tag? or does it normally track it by cookies and so I dont have to call it on every page? the session id will be in the url if you have use_trans_sid turned on AND the user has not accepted your cookie. once the user accepts the cookie (either automatically or manually) the id will go away from the url because it is now being stored in a cookie on the users system. if you turn off use_trans_sid (as i have, for search engine reasons) the user will not have any session state at all until they accept your sites cookie (either automatically or manually). in answer to your question specifically, YOU personally do not have to worry about transferring the session id. it is done automatically (by default). hth, chris. p.s. hopefully someone will correct me on this issue if i am wrong. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions on Win2k
Hello Don, On 11 Feb 2004 at 11:19, Donpro wrote: I've searched the archives and note that many have probelms using session on a Win2K server. I am getting a Undefined index: sessions in D:\inetpub\mydomain\www\forms\formmail\formmail.php on line 768 error. Line 768 is: session_start(); It works Ok on Linux; is there any special Windows configuration? Are you perchance running your script on a machine with an active firewall? I had all sorts of session-related problems and spent ages trying to figure out what was wrong with my code until eventually I read somewhere that ZoneAlarm might interfere with sessions. I shut down ZA and guess what? there wasn't anything wrong with my code after all. Now whenever I need to test scripts involving sessions I disconnect from the Internet and shut down ZoneAlarm. Hope this helps, Erik -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions not working.
If your on IIS, you need to set the session.save_path option in php.ini file. Then make sure that IIS can actually write to the directory. Jeff McKeon [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Pulling my hair out here. I've got an IIS5 webserver running a php website just fine. I created another web for a dev version of the first website. Installed PHP ect... When I load up the old websites files on the new site sessions won't work on the new site. For some reason on the new site's phpinfo.php page, there is no HTTP_COOKIE variable set under the environmental section. Also, under the PHP Variables section, there is no _REQUEST[PHPSESSID] or _COOKIE[PHPSESSID] variable. What have I missed!??? Here is a section of the phpinfo() for both sites. Good Site: Environment Variable Value ALLUSERSPROFILE C:\Documents and Settings\All Users CommonProgramFiles C:\Program Files\Common Files COMPUTERNAME WS02TC07927 ComSpec C:\WINNT\system32\cmd.exe CONTENT_LENGTH 0 GATEWAY_INTERFACE CGI/1.1 HTTPS off HTTP_ACCEPT */* HTTP_ACCEPT_LANGUAGE en-us HTTP_CONNECTION Keep-Alive HTTP_HOST opsup.telaurus.net HTTP_USER_AGENT Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) HTTP_COOKIE PHPSESSID=ed09aa7b20d4032a3553c16a8f4a782f HTTP_ACCEPT_ENCODING gzip, deflate INSTANCE_ID 3 LOCAL_ADDR 10.16.1.21 NUMBER_OF_PROCESSORS 1 Os2LibPath C:\WINNT\system32\os2\dll; OS Windows_NT Path C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PATH_INFO /phpinfo.php PATH_TRANSLATED C:\Inetpub\wwwOpSup\phpinfo.php PROCESSOR_ARCHITECTURE x86 PROCESSOR_IDENTIFIER x86 Family 6 Model 8 Stepping 10, GenuineIntel PROCESSOR_LEVEL 6 PROCESSOR_REVISION 080a ProgramFiles C:\Program Files REMOTE_ADDR 10.16.2.55 REMOTE_HOST 10.16.2.55 REQUEST_METHOD GET SCRIPT_NAME /phpinfo.php SERVER_NAME opsup.telaurus.net SERVER_PORT 80 SERVER_PORT_SECURE 0 SERVER_PROTOCOL HTTP/1.1 SERVER_SOFTWARE Microsoft-IIS/5.0 SystemDrive C: SystemRoot C:\WINNT TEMP C:\WINNT\TEMP TMP C:\WINNT\TEMP USERPROFILE C:\Documents and Settings\NetShowServices windir C:\WINNT PHP Variables Variable Value _REQUEST[PHPSESSID] ed09aa7b20d4032a3553c16a8f4a782f _COOKIE[PHPSESSID] ed09aa7b20d4032a3553c16a8f4a782f _SERVER[ALLUSERSPROFILE] C:\\Documents and Settings\\All Users _SERVER[CommonProgramFiles] C:\\Program Files\\Common Files _SERVER[COMPUTERNAME] WS02TC07927 _SERVER[ComSpec] C:\\WINNT\\system32\\cmd.exe _SERVER[CONTENT_LENGTH] 0 _SERVER[GATEWAY_INTERFACE] CGI/1.1 _SERVER[HTTPS] off _SERVER[HTTP_ACCEPT] */* _SERVER[HTTP_ACCEPT_LANGUAGE] en-us _SERVER[HTTP_CONNECTION] Keep-Alive _SERVER[HTTP_HOST] opsup.telaurus.net _SERVER[HTTP_USER_AGENT] Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) _SERVER[HTTP_COOKIE] PHPSESSID=ed09aa7b20d4032a3553c16a8f4a782f _SERVER[HTTP_ACCEPT_ENCODING] gzip, deflate _SERVER[INSTANCE_ID] 3 _SERVER[LOCAL_ADDR] 10.16.1.21 _SERVER[NUMBER_OF_PROCESSORS] 1 _SERVER[Os2LibPath] C:\\WINNT\\system32\\os2\\dll; _SERVER[OS] Windows_NT _SERVER[Path] C:\\WINNT\\system32;C:\\WINNT;C:\\WINNT\\System32\\Wbem _SERVER[PATHEXT] .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH _SERVER[PATH_INFO] /phpinfo.php _SERVER[PATH_TRANSLATED] C:\\Inetpub\\wwwOpSup\\phpinfo.php _SERVER[PROCESSOR_ARCHITECTURE] x86 _SERVER[PROCESSOR_IDENTIFIER] x86 Family 6 Model 8 Stepping 10, GenuineIntel _SERVER[PROCESSOR_LEVEL] 6 _SERVER[PROCESSOR_REVISION] 080a _SERVER[ProgramFiles] C:\\Program Files _SERVER[REMOTE_ADDR] 10.16.2.55 _SERVER[REMOTE_HOST] 10.16.2.55 _SERVER[REQUEST_METHOD] GET _SERVER[SCRIPT_NAME] /phpinfo.php _SERVER[SERVER_NAME] opsup.telaurus.net _SERVER[SERVER_PORT] 80 _SERVER[SERVER_PORT_SECURE] 0 _SERVER[SERVER_PROTOCOL] HTTP/1.1 _SERVER[SERVER_SOFTWARE] Microsoft-IIS/5.0 _SERVER[SystemDrive] C: _SERVER[SystemRoot] C:\\WINNT _SERVER[TEMP] C:\\WINNT\\TEMP _SERVER[TMP] C:\\WINNT\\TEMP _SERVER[USERPROFILE] C:\\Documents and Settings\\NetShowServices _SERVER[windir] C:\\WINNT _SERVER[PHP_SELF] /phpinfo.php _SERVER[argv] Array ( ) _SERVER[argc] 0 _ENV[ALLUSERSPROFILE] C:\\Documents and Settings\\All Users _ENV[CommonProgramFiles] C:\\Program Files\\Common Files _ENV[COMPUTERNAME] WS02TC07927 _ENV[ComSpec] C:\\WINNT\\system32\\cmd.exe _ENV[CONTENT_LENGTH] 0 _ENV[GATEWAY_INTERFACE] CGI/1.1 _ENV[HTTPS] off _ENV[HTTP_ACCEPT] */* _ENV[HTTP_ACCEPT_LANGUAGE] en-us _ENV[HTTP_CONNECTION] Keep-Alive _ENV[HTTP_HOST] opsup.telaurus.net _ENV[HTTP_USER_AGENT] Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) _ENV[HTTP_COOKIE] PHPSESSID=ed09aa7b20d4032a3553c16a8f4a782f _ENV[HTTP_ACCEPT_ENCODING] gzip, deflate _ENV[INSTANCE_ID] 3 _ENV[LOCAL_ADDR] 10.16.1.21 _ENV[NUMBER_OF_PROCESSORS] 1 _ENV[Os2LibPath] C:\\WINNT\\system32\\os2\\dll; _ENV[OS] Windows_NT _ENV[Path] C:\\WINNT\\system32;C:\\WINNT;C:\\WINNT\\System32\\Wbem _ENV[PATHEXT] .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH _ENV[PATH_INFO] /phpinfo.php _ENV[PATH_TRANSLATED] C:\\Inetpub\\wwwOpSup\\phpinfo.php
[PHP] Re: Sessions
Hello, [EMAIL PROTECTED] (Webmaster) wrote Now I am getting such lines in the address bar: /pages/news.php?option=1015PHPSESSID=PHPSESSID=d117dba208d4b205cd4e521 f606b b44e#result Do you set them manual, does the server auto start a session? What are the settings for session in your ino file? Polleke -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions and frames
A little update, seems I was wrong about the session cookie being set when the page is first access. The first time the page is accessed no session cookie or /tmp file is generated. I think this may be because the site that is loading my content in a frame is also generating a cookie. Is that a probable cause for my problem? If yes (or) how can I get a session to be started (using cookies) when my content is loaded into a frame? Thanks, Jc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions and frames
After much head banging I found the answer. I had set my browser to only allow cookies from the originating site to be set. (This prevent banner ads from setting cookies). Of course the first time my frame was loaded the browser was seeing it as content not from the originating site and hence blocking the session cookie from being set ... argh. One more reason to hate frames :) Jean-Christian Imbeault -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions and frames
It has nothing to do with the other site. Browser makes a separate request for the frame content and you can set cookies without any problem. You should check if the cookie is realy set and if the cookie parameters are right (eg. in Mozilla's cookie manager). Jean-Christian IMbeault wrote: A little update, seems I was wrong about the session cookie being set when the page is first access. The first time the page is accessed no session cookie or /tmp file is generated. I think this may be because the site that is loading my content in a frame is also generating a cookie. Is that a probable cause for my problem? If yes (or) how can I get a session to be started (using cookies) when my content is loaded into a frame? Thanks, Jc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions
Thanks to all who posted. Well, I managed to track down the problem. The PHP system was set to use /tmp for its session.save_path but there was no /tmp directiory. Strange because on my test site I don't have a /tmp directory... I'm guessing my ISP has taken care of that separately. Anyway I created a tmp folder and everything seems fine. Thanks again. Dave --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.497 / Virus Database: 296 - Release Date: 04/07/2003 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions and browser back
On Wed, 25 Jun 2003 18:56:13 +0530, Bibhas Kumar Samanta [EMAIL PROTECTED] wrote: Hi, I am trying to create restricted pages for my php/mysql/apache server with sessions and passing session varibales to other pages for validation. Eventually I am doinng session_start() at the begining and checking whether logged in user is authorised to use this page by a routine. Now problem is, if filled in data in the form is incorrect, the forms gives an error. But when I press browser BACK button to get the filled in form , the form seems to get reset with _no_ data. When I try without session_start() at the begining of form , things seem to behave normally. Does session_start() reset the form and I guess browser should have returned be by fiiled in page from cache ? Please help -Bibhas This doesn't happen with every browser. Opera never forgets the previous page's form contents. -- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions and browser back
there is a setting you need to make after the session start http://ca3.php.net/manual/en/function.session-cache-expire.php check that link out I think that it will resolve alot of problems for you.. however I have noticed forms are a little trickier... usually what I do with those is create the back link as a hyperlink which allows me to add the info to the form when returned so it looks like the form hasnt lost its information. - Original Message - From: chris [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, June 27, 2003 11:22 AM Subject: [PHP] Re: sessions and browser back On Wed, 25 Jun 2003 18:56:13 +0530, Bibhas Kumar Samanta [EMAIL PROTECTED] wrote: Hi, I am trying to create restricted pages for my php/mysql/apache server with sessions and passing session varibales to other pages for validation. Eventually I am doinng session_start() at the begining and checking whether logged in user is authorised to use this page by a routine. Now problem is, if filled in data in the form is incorrect, the forms gives an error. But when I press browser BACK button to get the filled in form , the form seems to get reset with _no_ data. When I try without session_start() at the begining of form , things seem to behave normally. Does session_start() reset the form and I guess browser should have returned be by fiiled in page from cache ? Please help -Bibhas This doesn't happen with every browser. Opera never forgets the previous page's form contents. -- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions problem
It's a bit large the concept not working. The code seems OK but I can't tested or help you because I can't see what it should do. If I register the my_email by hand it will enter to the do_session_crap() ... if not I don't get anything. When you are registering the my_email and how do you get the datas ... I need more to help you . -- - Cristian MARIN InterAKT Online (www.interakt.ro) +4021 411 2610 [EMAIL PROTECTED] Ryan A [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi, Heres the code (very simple stuff) but not working: if(session_is_registered('my_email')){} else{ do_session_crap(); } function do_session_crap() { if(isset($id[0])) {$p1=$id[0]; echo $p1; $_SESSION['p1'] = $p1; } if(isset($id[1])) {$p2=$id[1]; echo $p2; $_SESSION['p2'] = $p2; } if(isset($id[2])) {$p3=$id[2]; $_SESSION['p3'] = $p3; } if(isset($id[3])) {$p4=$id[3]; $_SESSION['p4'] = $p4; } if(isset($id[4])) {$p5=$id[4]; $_SESSION['p5'] = $p5; } else {echo not working;} // header(Location: my.login.php); exit; } it always gives me not working Any idea why? -Ryan
[PHP] Re: sessions and domains
Bk wrote: Hi I've to set up a shared shopping cart to buy items from four different sites and pay them at once passing trough a single checkout. Provided that these sites are hosted on the same server (actually in the same directory), but have different names, is it possible to share php sessions across multiple domains? How? Bk, I notice your question has basically been answered i.e. you have to pass something e.g. session_id, between the sites via a GET/POST. So just a couple of related points: 1. I seem to remember that you can set sessions to use IP addresses or URL'ed session_ids as well as cookie'd session ids. Either of these techniques would solve your problem as well, (although cookies strike me as a better route if you must use sessions ;)). 2. If you are doing this kind of multi-site stuff and have Apache, it's worth checking out the php virtual() and header() commands. With these you can leave your shops to just handle their own stuff and use a master domain to do all the basket/order processing. The basic technique is to direct your order forms/buttons to a script on the master domain which does the procesing, (and can set cookies if it wants). Once it's finished, instead of generating its own page it uses a Location header to redirect the user back to an appropriate page on the shop domain. The user never knows you've done this. Similarily, the checkout button can go to the master domain to do the actual procesing, where it automatically picks up any cookies (e.g. session_ids), that you set from a master domain page. The virtual command might come into the picture if you want to show the user the status of their shopping basket while in one of the shops. Virtual allows you to run a http request behind the scenes and include the output in your page. So your page can mix output from different php scripts running on different domains. They don't even have to be scripts in domains on the same server if you set up an Apache proxy to point to the remote script. You can use this to include a basket status section on your shop pages without having to run the code to create it in your script. You can have one set of basket status code across as many shops/domains as you like i.e. code once, use often. Unfortunately, what you can't do with a virtual() is to get the foreign script to pick up any cookies set for its domain. (That's because the user's browser never sees the http request, so it doesn't know that it should send the cookies for the domain). That means you would still have to swap the session_id, (or basket key), around between sites. You can see these techniques in action at any Ishop e.g. www.levitron.co.uk. All the main procesing is done by www.ishop.co.uk, but the shop has entirely its own identity. Order buttons, searches and checkouts go to the master ishop domain and product pages include a checkout status line generated on the master domain. You'll notice that there is no use of php sessions. Basket information is stored in the database and then the database key is cookied, posted and urled. Partly that's because there's still a mix of php, C and perl coded pages. Sessions are not really appropriate for heterogeneous environments. C or Perl or any other language can easily pick up a cookied database key and query a database but how do they get hold of data in a php session? Even if it was all php, I still wouldn't use sessions. My view is that if data is to be stored on a server it should be stored properly in a structured format in a database, not in a unstructured and pretty much inaccessible session object. For example, it's hard to prove to a third party what data you have stored about users, if some of it might be in stored sessions. Ummm, I wonder if I should explicitly raise my concerns about sessions in a separate thread? I don't use sessions so it doesn't bother me, but I wonder if some people are just storing up trouble for themselves by basing their code on the use of sessions... Anyway, hope this helps, George -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions problem
I believe there's a domain limitation inherent to the way cookies work (assuming a cookies-based sessions setup), but there may be some way of circumventing that (can't some ad banner companies track visitors from site to site?). Seems like a multi-file search and replace should do the trick. If you're using UltraEdit/BBEdit/Emacs you should be able to update your links without too much effort. HTH, -Dan David Chamberlin [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hey all, Some of my users have reported a problem with my site and it's taken a while to debug it, but I think I've finally tracked it down. If they go to the site as: http://www.mysite.org/ Then it works But if they go as: http://mysite.org/ It doesn't. I believe it has to do with my use of session variables. Apparently (I didn't know this, but it's obvious from the debugging) that there are different session ID's and thus different session variables for the two. And the problem is (due to sloppy programming on my part ... sigh ...) that sometimes I set up the links as a href=/page and sometimes I do the explicit a href=http://www.mysite.org/page. So when it goes to the link as www.mysite.org, it registers the variables, but then later when it tries to access and it's just mysite.org, the variables aren't set. Lots of confusion ensues. Is there any way to unify this, or do I have to go through and fix all of the absolute links to be relative? Thanks, Dave -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions terminating randomly please help
It's possible you're being afflicted with the same problem I am. See the message just one or two above this about Sessions problem. What I found in my debugging is that it had to do with how I was mix-and-matching the way I specified links. Short version of the problem is that http://mysite.org/ has one session and http://www.mysite.org/ has another. In my code, I sometimes have the links as a href=/page and sometimes it's explicit, as a href=http://www.mysite.org/;. So if a user went to the site as http://mysite.org - the pages that used the explicit www.mysite.org would fail. So if there's anything in your pages/links that may change how the link is referred, you may be have different sessions occuring. I would imagine it should be pretty easy for you to debug whether or not this is the problem. Have each of your pages echo out the current session id (echo 'session is '.session_id().'br';) and see if it changes at any point, and especially on the pages that fail. -Dave Freaky Deaky wrote: hi i am experiencing a major problem with sessions expiring randomly in some of my apps. i will log in and start clicking around and then i will eventually arrive at a page that tells me that i'm not logged in anymore. this happens apparently randomly. i have seen it on ie6, ie for mac, netscape 4.7 for pc, and mozilla the apps are hosted on freebsd 4.7-release p2 apache 1.3.27 php version 4.2.3 compiled with --enable-trans-sid i can't go into production if there's the possibility that users will be randomly logged off. i went through all of my code over the weekend, and i don't think i can attribute this to a miscoding: when a user logs in, i create a session with session_start(); $valid_user=$_POST['username']; session_register(valid_user); i have the following code at the top of each page to check to see if the session is valid: session_start(); $valid_user=$_SESSION['valid_user']; global $valid_user; if (session_is_registered(valid_user) {...function to spit out an error message if the session is not valid...;} i have a logout page that destroys the session session_start(); session_destroy(); i also have a javascript timer in the header of every page that redirects to the logout page if the user has been inactive for 20 minutes. i have played around with session.gc_probability, setting it to 100, but that doesn't seem to have fixed the problem. this is a huge problem. if anyone can give some advice, i'd really appreciate it. thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: sessions terminating randomly please help
Assuming that php is configued to rewrite the url tags, try turning off cokkies in the browser and let the Session if carry over. This might help you debugg it. -Original Message- From: David Chamberlin [mailto:[EMAIL PROTECTED] Sent: Monday, March 10, 2003 3:41 PM To: [EMAIL PROTECTED]; Freaky Deaky Cc: [EMAIL PROTECTED] Subject: [PHP] Re: sessions terminating randomly please help Importance: Low It's possible you're being afflicted with the same problem I am. See the message just one or two above this about Sessions problem. What I found in my debugging is that it had to do with how I was mix-and-matching the way I specified links. Short version of the problem is that http://mysite.org/ has one session and http://www.mysite.org/ has another. In my code, I sometimes have the links as a href=/page and sometimes it's explicit, as a href=http://www.mysite.org/;. So if a user went to the site as http://mysite.org - the pages that used the explicit www.mysite.org would fail. So if there's anything in your pages/links that may change how the link is referred, you may be have different sessions occuring. I would imagine it should be pretty easy for you to debug whether or not this is the problem. Have each of your pages echo out the current session id (echo 'session is '.session_id().'br';) and see if it changes at any point, and especially on the pages that fail. -Dave Freaky Deaky wrote: hi i am experiencing a major problem with sessions expiring randomly in some of my apps. i will log in and start clicking around and then i will eventually arrive at a page that tells me that i'm not logged in anymore. this happens apparently randomly. i have seen it on ie6, ie for mac, netscape 4.7 for pc, and mozilla the apps are hosted on freebsd 4.7-release p2 apache 1.3.27 php version 4.2.3 compiled with --enable-trans-sid i can't go into production if there's the possibility that users will be randomly logged off. i went through all of my code over the weekend, and i don't think i can attribute this to a miscoding: when a user logs in, i create a session with session_start(); $valid_user=$_POST['username']; session_register(valid_user); i have the following code at the top of each page to check to see if the session is valid: session_start(); $valid_user=$_SESSION['valid_user']; global $valid_user; if (session_is_registered(valid_user) {...function to spit out an error message if the session is not valid...;} i have a logout page that destroys the session session_start(); session_destroy(); i also have a javascript timer in the header of every page that redirects to the logout page if the user has been inactive for 20 minutes. i have played around with session.gc_probability, setting it to 100, but that doesn't seem to have fixed the problem. this is a huge problem. if anyone can give some advice, i'd really appreciate it. thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions terminating randomly please help
Check if your server is using files or shared memory to save the sessions... My ISP was using mm (memory), and it was buggy... when they changed back to files, all was well. Justin on 11/03/03 7:40 AM, David Chamberlin ([EMAIL PROTECTED]) wrote: It's possible you're being afflicted with the same problem I am. See the message just one or two above this about Sessions problem. What I found in my debugging is that it had to do with how I was mix-and-matching the way I specified links. Short version of the problem is that http://mysite.org/ has one session and http://www.mysite.org/ has another. In my code, I sometimes have the links as a href=/page and sometimes it's explicit, as a href=http://www.mysite.org/;. So if a user went to the site as http://mysite.org - the pages that used the explicit www.mysite.org would fail. So if there's anything in your pages/links that may change how the link is referred, you may be have different sessions occuring. I would imagine it should be pretty easy for you to debug whether or not this is the problem. Have each of your pages echo out the current session id (echo 'session is '.session_id().'br';) and see if it changes at any point, and especially on the pages that fail. -Dave Freaky Deaky wrote: hi i am experiencing a major problem with sessions expiring randomly in some of my apps. i will log in and start clicking around and then i will eventually arrive at a page that tells me that i'm not logged in anymore. this happens apparently randomly. i have seen it on ie6, ie for mac, netscape 4.7 for pc, and mozilla the apps are hosted on freebsd 4.7-release p2 apache 1.3.27 php version 4.2.3 compiled with --enable-trans-sid i can't go into production if there's the possibility that users will be randomly logged off. i went through all of my code over the weekend, and i don't think i can attribute this to a miscoding: when a user logs in, i create a session with session_start(); $valid_user=$_POST['username']; session_register(valid_user); i have the following code at the top of each page to check to see if the session is valid: session_start(); $valid_user=$_SESSION['valid_user']; global $valid_user; if (session_is_registered(valid_user) {...function to spit out an error message if the session is not valid...;} i have a logout page that destroys the session session_start(); session_destroy(); i also have a javascript timer in the header of every page that redirects to the logout page if the user has been inactive for 20 minutes. i have played around with session.gc_probability, setting it to 100, but that doesn't seem to have fixed the problem. this is a huge problem. if anyone can give some advice, i'd really appreciate it. thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions are acting strangely
Hi there, Im looking for ANY help regarding his problem - I find this interesting to say the least. I recently switched to a new hosting company - they are running php 4.1.2 - register globals is ON. the sessions automatically expire without closing the window. if you load index.php and wait past 30 seconds - the session variables are empty - Sometimes - although not reliably - if you wait another 30 seconds - the variables are back? - this is very strange? - here are the files I have setup to illustrate this problem. Im using the default php-ini file - so no weird session expires or garbage collections stuff. Do you know if your hosting company has a multi-webserver setup? If so, do they have a shared /tmp directory (where PHP stores session information), or is it unique to each server? If your hosting company has many different webservers, each reload might hit a different one, and each may or may not have your session information in its /tmp directory. A solution is to write your own session handlers, using a database, the shared portion of the filesystem, or some other method of preserving the data. Otherwise, have you checked with your hosting company to see if this is a common issue that their customers have? -- [ joel boonstra | [EMAIL PROTECTED] ] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions
Do you use globals on or off ? -- Nicos - CHAILLAN Nicolas [EMAIL PROTECTED] www.WorldAKT.com - Hébergement de sites Internet Steve Vernon [EMAIL PROTECTED] a écrit dans le message de news: 056a01c26cb2$509f2260$[EMAIL PROTECTED] Hiya, Just upgraded to 4.2.3 and I am using the attatched PHP.ini file. I use sessions on my website, and they dont seem to work now after the upgrade. Just wondering which lines do I need to alter please? After I logon, they loose the session after choosing another page. Every page runs the following code to check the session passwords etc are valid.. Thanks, Steve XX ?php session_register(ssun); session_register(sspw); if(!isset($ssun)) $ssun=; if(!isset($sspw)) $sspw=; //Attempt to logon. Set the logon form variables to the session variables. if(isset($sspass)) { $sspw=$sspass; } if(isset($ssname)) { $ssun=$ssname; } //Make sure no one breaks in, if in the param loggedin was set, unset it. if(isset($loggedin)) { unset($loggedin); } //Link and select the correct database HIDDEN FOR MY SECURITY //Check if the ssun and sspw are correct $result = mysql_query(SELECT userid FROM users WHERE userpassword=PASSWORD('$sspw') AND userid='$ssun', $db_link); $norows = mysql_num_rows($result); if($norows==1) { $loggedin=yes; } else { $loggedin=no; } if(isset($logoff)) { if($logoff==true) { $loggedin=no; $ssun=; $sspw=; } } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions
instead of using the session_register try $_SESSTION[' ssun'] Steve Vernon [EMAIL PROTECTED] wrote in message 056a01c26cb2$509f2260$a5e387d9@extreme">news:056a01c26cb2$509f2260$a5e387d9@extreme... Hiya, Just upgraded to 4.2.3 and I am using the attatched PHP.ini file. I use sessions on my website, and they dont seem to work now after the upgrade. Just wondering which lines do I need to alter please? After I logon, they loose the session after choosing another page. Every page runs the following code to check the session passwords etc are valid.. Thanks, Steve XX ?php session_register(ssun); session_register(sspw); if(!isset($ssun)) $ssun=; if(!isset($sspw)) $sspw=; //Attempt to logon. Set the logon form variables to the session variables. if(isset($sspass)) { $sspw=$sspass; } if(isset($ssname)) { $ssun=$ssname; } //Make sure no one breaks in, if in the param loggedin was set, unset it. if(isset($loggedin)) { unset($loggedin); } //Link and select the correct database HIDDEN FOR MY SECURITY //Check if the ssun and sspw are correct $result = mysql_query(SELECT userid FROM users WHERE userpassword=PASSWORD('$sspw') AND userid='$ssun', $db_link); $norows = mysql_num_rows($result); if($norows==1) { $loggedin=yes; } else { $loggedin=no; } if(isset($logoff)) { if($logoff==true) { $loggedin=no; $ssun=; $sspw=; } } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions
To clarify, and correct a few typos: Instead of: $ssun = foo; session_register(ssun); Try: $_SESSION['ssun'] = foo; HTH Justin on 06/10/02 12:11 PM, Jeff Bluemel ([EMAIL PROTECTED]) wrote: instead of using the session_register try $_SESSTION[' ssun'] Steve Vernon [EMAIL PROTECTED] wrote in message 056a01c26cb2$509f2260$a5e387d9@extreme">news:056a01c26cb2$509f2260$a5e387d9@extreme... Hiya, Just upgraded to 4.2.3 and I am using the attatched PHP.ini file. I use sessions on my website, and they dont seem to work now after the upgrade. Just wondering which lines do I need to alter please? After I logon, they loose the session after choosing another page. Every page runs the following code to check the session passwords etc are valid.. Thanks, Steve XX ?php session_register(ssun); session_register(sspw); if(!isset($ssun)) $ssun=; if(!isset($sspw)) $sspw=; //Attempt to logon. Set the logon form variables to the session variables. if(isset($sspass)) { $sspw=$sspass; } if(isset($ssname)) { $ssun=$ssname; } //Make sure no one breaks in, if in the param loggedin was set, unset it. if(isset($loggedin)) { unset($loggedin); } //Link and select the correct database HIDDEN FOR MY SECURITY //Check if the ssun and sspw are correct $result = mysql_query(SELECT userid FROM users WHERE userpassword=PASSWORD('$sspw') AND userid='$ssun', $db_link); $norows = mysql_num_rows($result); if($norows==1) { $loggedin=yes; } else { $loggedin=no; } if(isset($logoff)) { if($logoff==true) { $loggedin=no; $ssun=; $sspw=; } } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions nightmare
I use JavaScript cookie to accomplish what you're doing in your case: script function setCookie(name, value, expires, path, domain, secure) { var curCookie = name + = + escape(value) + ((expires) ? ; expires= + expires.toGMTString() : ) + ((path) ? ; path= + path : ) + ((domain) ? ; domain= + domain : ) + ((secure) ? ; secure : ); document.cookie = curCookie; } function nav(value) { setCookie('searcheditem', value); location.replace('after-search-click.php'); } /script now in my search result display i do: a href=javascript:nav('?=$search_result['itemid']?')?=$search_result['la bel']?/a . . then in whatever page I want the search result item, i access it as: $searchitem (as named in setCookie() call) good luck, Elias Chris [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Greetings, I am a new user to php and sessions and for the life of me I cannot figure this out I want to be able to have a user login (which is completed), they goto a search page (completed), and search for a particular item (completed). A page will display all the links for the items searched for (completed). What I want out of sessions is to when they click on the link for a particular item, the item number stay in a session so it can be called through out each page they goto. What I have as a base of test code is the following (this was taken from someone's example): test1.php: ?php session_start( ); session_register(SESSION); *** THE FOLLOWING VARIABLE ($retrived_itemno) WOULD NEED TO BE SET ON THE *** SEARCH PAGE *** $SESSION[item] = $retrived_itemno; $test2Url = test2.php?PHPSESSID= . session_id( ); ? a href=?=$test2Url ?Goto next page/a test2.php: ?php session_start( ); echo the retrived value equals: $SESSION[item]; ? After you click the hyperlink on test1.php, test2.php will load and the session ID is in the URL, but nothing is displayed in the echo for $SESSION[item] in test2.php. What is going on?!#!#!$# Thanks a million in advance!! - Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions nightmare
I want to be able to have a user login (which is completed), they goto a search page (completed), and search for a particular item (completed). A page will display all the links for the items searched for (completed). What I want out of sessions is to when they click on the link for a particular item, the item number stay in a session so it can be called through out each page they goto. What I have as a base of test code is the following (this was taken from someone's example): test1.php: ?php session_start( ); session_register(SESSION); *** THE FOLLOWING VARIABLE ($retrived_itemno) WOULD NEED TO BE SET ON THE *** SEARCH PAGE *** $SESSION[item] = $retrived_itemno; test2.php: ?php session_start( ); echo the retrived value equals: $SESSION[item]; ? In test2.php: Your echo line is incorrect. $SESSION[item] is not defined, $SESSION[item] probably is...but why are you storing an array in a session? Try using $_SESSION instead of session_register, e.g.: test1.php: $SESSION[item] = $retrieved_itemno; $_SESSION[SESSION] = $SESSION; test2.php: $SESSION= $_SESSION[SESSION]; echo The retrieved value equals to . $SESSION[item]; HTH Erwin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions nightmare
Your variable in session is called Item, so session_register(SESSION) is wrong. It should be session_register(Item). But, as you use directly the new syntax ($_SESSION) to affect the variable, you don't need session_register. The variable Item will be automatically registered when you write $_SESSION[Item] = $retrived_itemno; And, be careful for the typo : it is $_SESSION[Item] and not $SESSION[Item] (notice the _ and the ). Regards, Philippe A tip : display what is in your session with this code : echo 'pre'; print_r($_SESSION); echo '/pre'; Chris [EMAIL PROTECTED] a écrit dans le message news: [EMAIL PROTECTED] Greetings, I am a new user to php and sessions and for the life of me I cannot figure this out I want to be able to have a user login (which is completed), they goto a search page (completed), and search for a particular item (completed). A page will display all the links for the items searched for (completed). What I want out of sessions is to when they click on the link for a particular item, the item number stay in a session so it can be called through out each page they goto. What I have as a base of test code is the following (this was taken from someone's example): test1.php: ?php session_start( ); session_register(SESSION); *** THE FOLLOWING VARIABLE ($retrived_itemno) WOULD NEED TO BE SET ON THE *** SEARCH PAGE *** $SESSION[item] = $retrived_itemno; $test2Url = test2.php?PHPSESSID= . session_id( ); ? a href=?=$test2Url ?Goto next page/a test2.php: ?php session_start( ); echo the retrived value equals: $SESSION[item]; ? After you click the hyperlink on test1.php, test2.php will load and the session ID is in the URL, but nothing is displayed in the echo for $SESSION[item] in test2.php. What is going on?!#!#!$# Thanks a million in advance!! - Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions?
Mark Faine [EMAIL PROTECTED] a écrit dans le message de news: 8ioeq3$kg2$[EMAIL PROTECTED] Linux Mandrake 7.1 Apache/PHP4 I'm trying to implement this mysql session scheme as describe here: http://phpbuilder.com/columns/ying2602.php3 A.) my sessions are not being saved into the database, they are still being saved in the /tmp directory They are supposed to stay into /tmp B.) my session (the ones that are saved in the /tmp directory) will not persist past the first page? session persist on every page if you ask them to, you need to session_start(); in every page. The support forum on phpbuilder.com is useless. Thats why we are here. Thanks Mark Happy to help the nasa. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] RE: sessions don't work
why do you think the session isn't working? If there is a run time error in 'file' then an error would be reported and the output terminated. If you have error reporting off then you would expect to get eactly what you see. Sounds like a problem inside 'file'. Tim Ward St Ives Direct Please refer to the following disclaimer in respect of this message: http://www.stivesdirect.com/e-mail-disclaimer.html -Original Message- From: Félix García Renedo [mailto:[EMAIL PROTECTED]] Sent: 16 August 2002 08:51 To: php Subject: sessions don't work Hello, I have a problem with php sessions. I have a php file like: ? session_start(); session_register('pagina'); ? html head ... /head body ? include('file'); ? ... /html I have done diferent proofs and I have seen that the problem is that when I put include don't work sessions and if I left session it works. When I put all together it prints in the browser the code from html to body. It don't continue. If I reload the page it works properly. But I haven't found the way to do it automaticaly. Are there somebody who knows how to fix it? Thanks. Un saludo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions don't work
May be the session is diable in the php.ini Félix garcía renedo wrote: Hello, I have a problem with php sessions. I have a php file like: ? session_start(); session_register('pagina'); ? html head ... /head body ? include('file'); ? ... /html I have done diferent proofs and I have seen that the problem is that when I put include don't work sessions and if I left session it works. When I put all together it prints in the browser the code from html to body. It don't continue. If I reload the page it works properly. But I haven't found the way to do it automaticaly. Are there somebody who knows how to fix it? Thanks. Un saludo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions: what to do when browser won't accept cookies?
In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Jean-Christian Imbeault) wrote: How can I get around the problem of not having the SID in the URL of the first page to my site the user comes to? It kind of a chicken-or-the-egg problem ... I kind of hate it when sites do this, but you could have the first page reload itself if it doesn't have an SID, and add an SID to itself. This way, if they use the back button, the first first page they come to has the SID. You might then be able to use window.forward() in Javascript first, before giving them an SID. If they used the back button to get to you, window.forward() moves forward to a page that has an SID (which should look exactly like the page they thought they wanted that didn't have an SID). If they didn't use the back button to get to you, window.forward shouldn't do anything. As a fall-back, you would probably want to have a warning on the front page that says, if the front page has no SID, that if they used the back button get here, use the forward button to go back or they might lose their session data. This depends on your audience, of course. If you did that to me as a general browser, I probably wouldn't ever visit your site again :*) Note that some sites do come right out and tell you not to use your back button to get around. You might just do this, and if they use their back button anyway, they get a new session. Jerry -- http://www.hoboes.com/jerry/ Give a man a fish and you feed him for a day. Teach him to fish, and you've depleted the lake.--It Isn't Murder If They're Yankees (http://www.hoboes.com/jerry/Murder/) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: sessions: what to do when browser won't accept cookies?
Good idea but remember some people turn off javascript and cookies :) Make your site as accessible as you can, using Jerry's suggestion is a good idea and then accept some people will be bent on not being able to use your site by disabling as much functionality in their browsers as they can or they use old browsers that don't support the functionality you are using. Jason -Original Message- From: Jerry [mailto:[EMAIL PROTECTED]] Sent: Friday, August 16, 2002 10:20 AM To: [EMAIL PROTECTED] Subject: [PHP] Re: sessions: what to do when browser won't accept cookies? In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Jean-Christian Imbeault) wrote: How can I get around the problem of not having the SID in the URL of the first page to my site the user comes to? It kind of a chicken-or-the-egg problem ... I kind of hate it when sites do this, but you could have the first page reload itself if it doesn't have an SID, and add an SID to itself. This way, if they use the back button, the first first page they come to has the SID. You might then be able to use window.forward() in Javascript first, before giving them an SID. If they used the back button to get to you, window.forward() moves forward to a page that has an SID (which should look exactly like the page they thought they wanted that didn't have an SID). If they didn't use the back button to get to you, window.forward shouldn't do anything. As a fall-back, you would probably want to have a warning on the front page that says, if the front page has no SID, that if they used the back button get here, use the forward button to go back or they might lose their session data. This depends on your audience, of course. If you did that to me as a general browser, I probably wouldn't ever visit your site again :*) Note that some sites do come right out and tell you not to use your back button to get around. You might just do this, and if they use their back button anyway, they get a new session. Jerry -- http://www.hoboes.com/jerry/ Give a man a fish and you feed him for a day. Teach him to fish, and you've depleted the lake.--It Isn't Murder If They're Yankees (http://www.hoboes.com/jerry/Murder/) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions: what to do when browser won't accept cookies?
Jerry wrote: I kind of hate it when sites do this, but you could have the first page reload itself if it doesn't have an SID, and add an SID to itself. This way, if they use the back button, the first first page they come to has the SID. But if they it the back button again they would come to the real first they came to and that page would reload itself, generating a new SID no? I did some testing and found that there must be a way. I turned cookies and javascript off and then visited Amazon.com. I added an item to my cart, hit the back button all way back to the entrance and then checked my cart ... lo-and-behold the item was in my cart still. How did they do that? Maybe some use of header() on the first page to redirect itslef to page with a SID? Jc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions...
As far as I know, you're right, that the session is destroyed Kondwani Spike Mkandawire wrote: Am I mistaken to assume that a Session is automatically destroyed if a Window Browser is closed? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Sessions...
Kondwani Spike Mkandawire wrote: Am I mistaken to assume that a Session is automatically destroyed if a Window Browser is closed? *Eventually* it is destroyed, but not at the instant the browser is closed. See the session.gc_maxlifetime and session.gc_probability settings in php.ini. If the session file is not accessed for a specified period of time, then it is deleted. Kirk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions and https
Do sessions not work when using an https connection? It seems I'm losing my data between pages. You will need to pass the Session ID from page to page any time the user crosses the HTTP/HTTPS boundary. Actually, once you pass it, it will stick around on both, but you may want to be sure and synchronize by passing it on every boundary point. But Cookies sent to the HTTPS are not on the HTTP and vice versa. That ain't PHP, that's just how cookies work. -- Like Music? http://l-i-e.com/artists.htm I'm looking for a PRO QUALITY two-input sound card supported by Linux (any major distro). Need to record live events (mixed already) to stereo CD-quality. Soundcard Recommendations? Software to handle the recording? Don't need fancy mixer stuff. Zero (0) post-production time. Just raw PCM/WAV/AIFF 16+ bit, 44.1KHz, Stereo audio-to-disk. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions and https
Richard Lynch wrote: But Cookies sent to the HTTPS are not on the HTTP and vice versa. That ain't PHP, that's just how cookies work. Are you sure about this? That's definitely not how the specification reads (assuming I'm interpreting what you're trying to say correctly), and that is not what my experience has shown either. A secure cookie will only be transmitted when the request is being sent over a secure connection, but an ordinary cookie does not carry this restriction and would thus not care whether the connection was secure. As someone else suggested, if the domain name is changing, then that is the access restriction that is keeping the cookie from being sent, not whether the connection is secure. Happy hacking. Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
So doing it the new way ($_SESSION['variable']) how do you close or unregister a session? _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
Still the same message. It has been actually logging me out all along, but it will not run through that if statement. Could you trye if (!empty($HTTP_SESSION_VARS['valid_user']) use $HTTP_SESSION_VARS _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
Still getting the same message. This script used to work perfectly in an older version of php. Could it be a problem with how I am setting the sessions. Has anything changed with how we code sessions? It's because you are unregistering the valid_user variable, but, the old_user var you defined early on still exists. So, if (!empty($old_user)) will equal FALSE, giving you the result you are getting. Change it to if (!empty($valid_user)). Monty _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions, how they exist and die
My question is, if I have a user on my web site, and they leave and come back does their session still exist? the file in the /tmp folder exists until it is deleted by the OS? If the user comes back will they get assigned the same session they had before? I know the questions are pretty newbish but I have had experiences in other languages in the past where this is the case. The session cookie stayed in the users browser, so they kept getting the same session and not a new session if they left and came back a day later. Depends what you did in php.ini -- Like Music? http://l-i-e.com/artists.htm I'm looking for a PRO QUALITY two-input sound card supported by Linux (any major distro). Need to record live events (mixed already) to stereo CD-quality. Soundcard Recommendations? Software to handle the recording? Don't need fancy mixer stuff. Zero (0) post-production time. Just raw PCM/WAV/AIFF 16+ bit, 44.1KHz, Stereo audio-to-disk. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
unset($_SESSION['variavble']); Andrey - Original Message - From: Tyler Durdin [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, July 26, 2002 10:14 PM Subject: Re: [PHP] Re: sessions So doing it the new way ($_SESSION['variable']) how do you close or unregister a session? _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
do the following function a(){ var_dump('pre',$GLOBALS,'/pre'); } a(); and see what variables you have and whether your variables are set somewhere. HTH Andrey - Original Message - From: Tyler Durdin [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, July 26, 2002 9:28 PM Subject: Re: [PHP] Re: sessions Still the same message. It has been actually logging me out all along, but it will not run through that if statement. Could you trye if (!empty($HTTP_SESSION_VARS['valid_user']) use $HTTP_SESSION_VARS _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions don't work?
From the PHP docs... = ?php session_register (count); $count++; ? Hello visitor, you have seen this page ?php echo $count; ? times.p; ?php # the ?=SID? is necessary to preserve the session id # in the case that the user has disabled cookies ? To continue, A HREF=nextpage.php??=SID?click here/A -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions : overriding variable values
1) session_start() is not really required on any other pages beside the index.php because session_register take care of that for you. 2) It should work when you try session_register() on the index.php, use a makeup name, like session_register(user) then assign the data to it, like $user[username] = whatever $user['password'] = passwhatever. This is a simplier way and it does work. Petre [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi I am still battling alot with understanding how sessions work (don't work in my case). Firstly: I am trying to find a reliable method for coding with sessions that will work on basically any server and any browser; meaning no cookies and passing the SID to all url's manually. My app has the following ( amongst others) index.php = login page with form and 2 fields (username / password), session_start() On the action page, I session_start() again, and then session_register(username,password) and I don't need to give them values as the form fields are called that and PHP generates them for me (register_globals = on). This works great, on ALL subsequent pages in the app, I can simply call $username and $password, and it works. BUT, my app has alot of iterations, and now I'm battling to understand how to change these session variables on the fly in a sensible manner; in particular when it comes to forms that generate their own variables on submit. It seems like my problem comes in that I can only set a session variable once it exists , ie, on the action page, and then also, that the app goes backwards allowing you to change your options, yet, when yuou do, the variables does not contain the new variables. The fact that the app also doesn't have a specific end means I also don't know where to place the session_destroy()... I have made 4 small pages to illustrate : index.php -- -- ?php session_start(); ? form action=page2.php??=SID? method=POST enctype=multipart/form-data table tr tdUsername /td tdinput type=text name=username /td /tr tr tdPassword /td tdinput type=text name=password /td /tr tr td /td tdinput type=submit name=submit/td /tr /table /form -- -- page2.php -- -- ?php session_start(); session_register(username,password); ? This is username: ?=$username?br This is password: ?=$password?br form action=page3.php??=SID? method=POST enctype=multipart/form-data table tr tdFirst Variable/td tdinput type=text name=first /td /tr tr tdSecond Variable/td tdinput type=text name=second /td /tr tr td/td tdinput type=submit name=submit/td /tr /table /form -- -- page3.php -- -- ?php session_start(); session_register(first,second); ? This is username: ?=$username?br This is password: ?=$password?br This is first variable: ?=$first?br This is second variable: ?=$second?br a href=page2.php??=SID?To Page 2/abr a href=page4.php??=SID?To Page 4/abr -- -- page4.php -- -- ?php session_start(); ? This is username: ?=$username?br This is password: ?=$password?br This is first variable: ?=$first?br This is second variable: ?=$second?br a href=page3.php??=SID?To Page 3/a -- -- Also, not sure if it is browser related, but on mine, I sometimes get 2x SESSIONID= added to the end of the URL, even though I clearly put it in once only... Am I missing the point here? Plz help to make things clearer to me... The only way I can get above scanario to work is to add the variable manually to all the url's as I've been coding all along. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions don't work?
I'd like to post a follow-up to my previous message on this subject. Please still CC me when replying, thanks. New test code: ?php session_start(); if (!isset($HTTP_SESSION_VARS['counter'])) { $HTTP_SESSION_VARS['counter'] = 1; } else { $HTTP_SESSION_VARS['counter']++; } if (!isset($counter2)) { session_register('counter2'); $counter2 = 1; } else { $counter2++; } if (!isset($_SESSION['counter3'])) { $_SESSION['counter3'] = 1; } else { $_SESSION['counter3']++; } echo(sprintf(You have visited this page %d times!, $HTTP_SESSION_VARS['counter']) . br); echo(sprintf(You have visited this page %d times!, $counter2) . br); echo(sprintf(You have visited this page %d times!, $_SESSION['counter3']) . br); ? Tried these on PHP 4.0.6 (register_globals = On): - counter: doesn't work - counter1: works - counter2: doesn't work (to be expected) PHP 4.2.2 (register_globals = Off): None of the counters work; same when register_globals = On I'm really puzzled by this; could someone please point me in the right direction? -- Alexander Deruwe AQS-CarControl -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions don't work?
Your problem is very simple. You're beginning a new session every execution, without checking if a session is already going. So every time it comes back around it's looking for the variables in the current session, which every time just began. Check for an existing session first like: if(!(session_id())) session_start(); Mike Mannakee Alexander Deruwe [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'd like to post a follow-up to my previous message on this subject. Please still CC me when replying, thanks. New test code: ?php session_start(); if (!isset($HTTP_SESSION_VARS['counter'])) { $HTTP_SESSION_VARS['counter'] = 1; } else { $HTTP_SESSION_VARS['counter']++; } if (!isset($counter2)) { session_register('counter2'); $counter2 = 1; } else { $counter2++; } if (!isset($_SESSION['counter3'])) { $_SESSION['counter3'] = 1; } else { $_SESSION['counter3']++; } echo(sprintf(You have visited this page %d times!, $HTTP_SESSION_VARS['counter']) . br); echo(sprintf(You have visited this page %d times!, $counter2) . br); echo(sprintf(You have visited this page %d times!, $_SESSION['counter3']) . br); ? Tried these on PHP 4.0.6 (register_globals = On): - counter: doesn't work - counter1: works - counter2: doesn't work (to be expected) PHP 4.2.2 (register_globals = Off): None of the counters work; same when register_globals = On I'm really puzzled by this; could someone please point me in the right direction? -- Alexander Deruwe AQS-CarControl -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions
You forgot the session_start(); call. You will have to do that before you can tap into registered vars. Hope that helps. Jas Alexander Ross [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm trying to understand sessions so I can set session variables. I set up 2 very simple pages: Page 1: ? session_start(); $test_var = froggy; session_register('test_var'); ? a href=page2.phpClick here/a Page 2: ? print $test_var.!; ? This doesn't seem to work though. $test_var doesn't seem to have a value when I go the second page. What am I missing. Thanks for helping a newbie. Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions vs passing variables
What do you mean by pass? Using a GET method, POST, COOKIE or are you trying to do something else (other than SESSION)? Mike Mannakee [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... When I try to pass a variable from one page to another the variable is completely inaccessible IF I have a session going. The data has to be passed from one page to the next through the link, as the link tells which product the user hit. Any thoughts? Mike Mannakee -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions Vars under 4.0.4pl1
Hello All, I, having problems getting HTTP_SESSION_VARS to work the way I think they should. Shouldn't I just be able to do something like: in a file called index.php I have the following; ?php session_start(); ? html head/head body The session_id is ?php echo \.session_id().\; ? a href=index2.phpNext/a ?php $HTTP_SESSION_VARS['count']=123; Don't stuff things directly into that array. Bad Idea (tm). Use: session_register('count'); $count = 123; ? /body /html In index2.php I then have ?php session_start(); ? html head/head body The session_id is ?php echo \.session_id().\; ? ?php echo \$HTTP_SESSION_VARS['count']=.$HTTP_SESSION_VARS['count']..BR; ? /body /html Now when I go to the first one all is great and the session id is shown. But when I click on the Next link I get the next page with the same session id shown (all well and good) but no value in $HTTP_SESSION_VARS['count']!!! Where am I going wrong? Newer versions of PHP use $_SESSION not $HTTP_SESSION_VARS. In *ANY* case, the documented procedure is to use: session_register('count'); $count = /* whatever you want here */; Stuffing junk into PHP's internal arrays that PHP *happens* to be using this week to force session variables to spring into existence or altering their values directly in that internal array is just *wrong*, no matter how many 'experts' you see doing it. Use the documented session_register() function. http://php.net/session_register -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions / logins / cookies / security
There's a good article on authentication at phpbuilder.com http://www.phpbuilder.com/columns/tim2505.php3 that may provide an idea or two. - Original Message - From: Chad Day [EMAIL PROTECTED] Newsgroups: php.general To: [EMAIL PROTECTED] Sent: Tuesday, July 16, 2002 10:30 AM Subject: Sessions / logins / cookies / security I asked something similar a little while ago, but didn't do a good job clarifying. What I'm looking to do is when a user logs in, I start up the session.. I then have the registered session var to verify they are authenticated as they move throughout the site. Now, when they close the browser and come back, I want them to still be authenticated. Obviously, I have to set a cookie. But what do I set? Do I set just their user ID? The MD5 of their password? What's the most secure way, that's not easily spoofed? I don't know that much about cookies, but if I just use a user ID, couldn't someone just change that ID value and 'become' another user? Thanks for any advice, Chad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php