[PHP] Re: sessions
try this (I think you have register_globals turned off) Page 2: ? print $_SESSION['test_var'].!; ? Alexander Ross wrote: I'm trying to understand sessions so I can set session variables. I set up 2 very simple pages: Page 1: ? session_start(); $test_var = froggy; session_register('test_var'); ? a href=page2.phpClick here/a Page 2: ? print $test_var.!; ? This doesn't seem to work though. $test_var doesn't seem to have a value when I go the second page. What am I missing. Thanks for helping a newbie. Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions : see also Tracking file downloads
This really is like life, PHP Sessions aren't particularly secure, just make a form to post PHPSESSID of a true session to one of ya pages and you can steal a session! Its possible to check IPs and so on, PHP's sessions use text files (by default), and pre-populate $_SESSION/$HTTP_SESSION_VARS. They use cookies, if no cookies are allowed, they append to forms and a hrefs. This makes them very easy to integrate into a website because they do it seemlessly. Phpcoder [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... HI While waiting for responses on my first question, I've done some reading on sessions, and came up with the following questions: First, I have been coding with PHP for a while without knowing about sessions, and have completed a couple of rather large projects without using sessions as such, yet, much of what I have read on sessions, I have done manually already by creating my own unique id's and passing them on via url to the subsequent pages. So, here is my question. Is sessions basically just that, made easier , or are there fundamental differences/advantages. I know (now after reading a bit) about the use of cookies etc if availale when using sessions, and that you cannot overwrite a session variable by passing it via url, but are those the only differences? So, basically, do you really HAVE to use sessions, or is it like most other things in life; there are more than one way to skin a cat. Are there set rules or guidelines to when one would definately absolutely have to use sessions? Thanks Hope I make sense... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: SESSIONS
Javascript cannot interact with PHP. You have to realise that the PHP code has been already executed long before the javascript gets a chance to. Mike Morten Nielsen wrote: Hi, I got a php and a javascript page. In the PHP page I register a SESSION call 'info'. I would then like to put a value into 'info' in my javascript page. Is that possible? I have tried the following: ?php $INFO[value]=2; ? And that works fine. But when I have an IF statement like: if(x==1) { $INFO[value]=1; } else { $INFO[value]=2; } My INFO always gets the value 2 even though x is 1. Can anyone help? Thanks, Morten -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions not staying a session...
You should use session_start(); on every page that u want to pass session information.. Craig Jeff Lewis [EMAIL PROTECTED] wrote in message 00d601c1ec72$072a63d0$76a1a8c0@LEWISJCIT">news:00d601c1ec72$072a63d0$76a1a8c0@LEWISJCIT... I am storing session information by using $_SESSION[privs] and it works for the first screen but when I click on the next link it doesn't seem to carry over. Do I need to declare session start with this method? Do I need to make it global? Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Sessions not staying a session...
Curious, does anyone know if the $_SESSION[privs] technique bypasses important session management features implemented in session_register(variable) ?? Warren Vail Tools, Metrics Quality Processes (415) 667-7814 Pager (877) 774-9891 215 Fremont 02-658 -Original Message- From: Craig Donnelly [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 9:05 AM To: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions not staying a session... You should use session_start(); on every page that u want to pass session information.. Craig Jeff Lewis [EMAIL PROTECTED] wrote in message 00d601c1ec72$072a63d0$76a1a8c0@LEWISJCIT">news:00d601c1ec72$072a63d0$76a1a8c0@LEWISJCIT... I am storing session information by using $_SESSION[privs] and it works for the first screen but when I click on the next link it doesn't seem to carry over. Do I need to declare session start with this method? Do I need to make it global? Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions not staying a session...
I was under the assumption that it did...I have aded session_start and it still doesn't work. Jeff - Original Message - From: Vail, Warren [EMAIL PROTECTED] To: 'Craig Donnelly' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, April 25, 2002 12:04 PM Subject: RE: [PHP] Re: Sessions not staying a session... Curious, does anyone know if the $_SESSION[privs] technique bypasses important session management features implemented in session_register(variable) ?? Warren Vail Tools, Metrics Quality Processes (415) 667-7814 Pager (877) 774-9891 215 Fremont 02-658 -Original Message- From: Craig Donnelly [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 9:05 AM To: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions not staying a session... You should use session_start(); on every page that u want to pass session information.. Craig Jeff Lewis [EMAIL PROTECTED] wrote in message 00d601c1ec72$072a63d0$76a1a8c0@LEWISJCIT">news:00d601c1ec72$072a63d0$76a1a8c0@LEWISJCIT... I am storing session information by using $_SESSION[privs] and it works for the first screen but when I click on the next link it doesn't seem to carry over. Do I need to declare session start with this method? Do I need to make it global? Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions / Serialized Data
That would be easier. fopen the session file and store the information on a database. Later you just fwrite the contents to a new file. -- Julio Nobrega. Um dia eu chego lá: http://sourceforge.net/projects/toca Ajudei? Salvei? Que tal um presentinho? http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884 Devin Atencio [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If i have a session going with PHP4 and I want to basically pull the entire serialized data and then insert it into the database is there a variable that contains the serialized data or would I have to just basically read the /tmp/sess_sessid file and then save that into the database? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions / Serialized Data
Julio Nobrega Trabalhando wrote: That would be easier. fopen the session file and store the information on a database. Later you just fwrite the contents to a new file. I don't use PHP4 sessions since I cook my own, but I think the above won't work. My guess is that if you read the file, then save to DB that part will work fine. However, when you try to restore the session, the session has already loaded, you grab your data from the DB, and write over the file, your page finishes and writes the current session over what you think you just made the current session. Strikes me you'd need to unserialize into the current session structure... which I think can be found somewhere in the GLOBALS hash. Cheers Rob. -- .-. | Robert Cummings | :-`. | Webdeployer - Chief PHP and Java Programmer | :--: | Mail : mailto:[EMAIL PROTECTED] | | Phone : (613) 731-4046 x.109 | :--: | Website : http://www.webmotion.com | | Fax : (613) 260-9545 | `--' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions and Opera
Cookies disabled? Or cache? Have you tried a 'fresh' Opera install or a newer version? -- Julio Nobrega. Um dia eu chego lá: http://sourceforge.net/projects/toca Ajudei? Salvei? Que tal um presentinho? http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884 Steve Fitzgerald [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... While testing a login page with different browsers I noticed that Opera (vers5.02) didn't allow me access to the site despite using the correct input, so I wrote the following pages to test Opera's performance. It seems that Opera doesn't pass registered variables to the new page. IE NS both print the output as expected, but in Opera all variables are empty. Has anyone got any thoughts/solutions/experiences? regards Steve -- ## login page ?php $password = letmein; if (isset($input)){ if ($input == $password){ $auth = 1; session_start(); session_register(enter,input,password,auth); header(Location: 2.php); exit; } } ? body form action=?php echo $PHP_SELF ? method=POST Enter password: input type=text name=input brinput type=submit /form ?php print The value of \$enter is \$enter\br; print The value of \$input is \$input\br; print The value of \$password is \$password\br; print The value of \$auth is \$auth\br; ? -- ## 2.php ?php session_start(); print The value of \$enter is \$enter\br; // empty print The value of \$input is \$input\br; // should print 'letmein' print The value of \$password is \$password\br; // should print 'letmein' print The value of \$auth is \$auth\br; // should print '1' ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions and Opera
Cookies it was. Thanks Julio Nobrega Trabalhando wrote: Cookies disabled? Or cache? Have you tried a 'fresh' Opera install or a newer version? -- Julio Nobrega. Um dia eu chego lá: http://sourceforge.net/projects/toca Ajudei? Salvei? Que tal um presentinho? http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884 Steve Fitzgerald [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... While testing a login page with different browsers I noticed that Opera (vers5.02) didn't allow me access to the site despite using the correct input, so I wrote the following pages to test Opera's performance. It seems that Opera doesn't pass registered variables to the new page. IE NS both print the output as expected, but in Opera all variables are empty. Has anyone got any thoughts/solutions/experiences? regards Steve -- ## login page ?php $password = letmein; if (isset($input)){ if ($input == $password){ $auth = 1; session_start(); session_register(enter,input,password,auth); header(Location: 2.php); exit; } } ? body form action=?php echo $PHP_SELF ? method=POST Enter password: input type=text name=input brinput type=submit /form ?php print The value of \$enter is \$enter\br; print The value of \$input is \$input\br; print The value of \$password is \$password\br; print The value of \$auth is \$auth\br; ? -- ## 2.php ?php session_start(); print The value of \$enter is \$enter\br; // empty print The value of \$input is \$input\br; // should print 'letmein' print The value of \$password is \$password\br; // should print 'letmein' print The value of \$auth is \$auth\br; // should print '1' ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions and Opera
and btw the browsers dont save the registered vars they are stored on the server side... :) the browser only stores a cookie containing the session id ... Tomy Wagner - Original Message - From: Steve Fitzgerald [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, April 10, 2002 2:38 PM Subject: [PHP] Re: Sessions and Opera Cookies it was. Thanks Julio Nobrega Trabalhando wrote: Cookies disabled? Or cache? Have you tried a 'fresh' Opera install or a newer version? -- Julio Nobrega. Um dia eu chego lá: http://sourceforge.net/projects/toca Ajudei? Salvei? Que tal um presentinho? http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884 Steve Fitzgerald [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... While testing a login page with different browsers I noticed that Opera (vers5.02) didn't allow me access to the site despite using the correct input, so I wrote the following pages to test Opera's performance. It seems that Opera doesn't pass registered variables to the new page. IE NS both print the output as expected, but in Opera all variables are empty. Has anyone got any thoughts/solutions/experiences? regards Steve -- ## login page ?php $password = letmein; if (isset($input)){ if ($input == $password){ $auth = 1; session_start(); session_register(enter,input,password,auth); header(Location: 2.php); exit; } } ? body form action=?php echo $PHP_SELF ? method=POST Enter password: input type=text name=input brinput type=submit /form ?php print The value of \$enter is \$enter\br; print The value of \$input is \$input\br; print The value of \$password is \$password\br; print The value of \$auth is \$auth\br; ? -- ## 2.php ?php session_start(); print The value of \$enter is \$enter\br; // empty print The value of \$input is \$input\br; // should print 'letmein' print The value of \$password is \$password\br; // should print 'letmein' print The value of \$auth is \$auth\br; // should print '1' ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions and passing variables
sure. if all users should have access to this instance of your object, then you could store the serialized object in a file, everyone has access to and unserialize it if needed.But don't forget to include your object-surcecode before unserializing the object, or you'll lose your methods. If users should also have write access to the object, you also have to make sure, that only one user can access the file for writing at one time, or your data gets probably screwed. The easiest way would be storing the object not in a file but in a database, so you don't have to care about locking. But do you really need the same instance of the object? why not simply perform a $obj = new Class(); -- Code for Storing: ?php $strData = serialize($data); $fp = fopen(globalObjectData.inc, w); fwrite($fp, $strData); fclose($fp); ? Code for accessing: ?php // include object source before unserializing include myObjectSrc.php; $fp = fopen(globalObjectData.inc, w); $strData = fread($fp, filesize(globalObjectData.inc)); fclose($fp); // so we have our object back $obj = unserialize($strData); Rarmin [EMAIL PROTECTED] schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Is there a way to pass variables (objects) across the different sessions. I thought of sharing one object for all users that access my web site (it's an object that does some operations with files common to all users, like reading and writing). Any ideas? Tnx in advance. Armin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions and passing variables
Michael Virnstein wrote: you also have to make sure, that only one user can access the file for writing at one time, or your data gets probably screwed. The easiest way would be storing the object not in a file but in a database, so you don't have to care about locking. Tnx for the help, and one more question. If I would serialize object and store it in a file, I would need some way to implement object waiting at the locked file untill it's unlocked (some kind of semaphore or monitor). I can lock the file with flock, but I don't know how to put object on hold while the file it's requesting is locked. As for the database, I don't use database (it's an assignment that needs to be done using XML, so all data is in XML files) and I don't see much sence in using db for storing only one serialized object. But do you really need the same instance of the object? why not simply perform a $obj = new Class(); If I figure out how to put on hold object while some other object performs it's operations on locked file, I wouldn't need to use the same instance. -- Code for Storing: ?php $strData = serialize($data); $fp = fopen(globalObjectData.inc, w); fwrite($fp, $strData); fclose($fp); ? Code for accessing: ?php // include object source before unserializing include myObjectSrc.php; $fp = fopen(globalObjectData.inc, w); $strData = fread($fp, filesize(globalObjectData.inc)); fclose($fp); // so we have our object back $obj = unserialize($strData); Does anyone know how to implement monitor or semaphore or waiting queue on file resource? I'm using PHP 4.1.2 and Apache 1.2.23 on Windows platform. Armin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions
okay i'll explain a bit i want my sessions to store some values but instead of storing them their doing nothing at all here's some code // beginning of registering of values session_start(); session_register(fu); session_register(bar); $fu=fu; $bar =bar; // end of registering values //getting values $fu = $HTTP_SESSION_VARS[fu]; echo $fu; //end of getting values R. Lindeman [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... i have a problem with PHP sessions and maybe some of you could help what do i need in my php.ini to get them to work !!! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
On Thursday 04 April 2002 01:04, R. Lindeman wrote: okay i'll explain a bit i want my sessions to store some values but instead of storing them their doing nothing at all here's some code // beginning of registering of values session_start(); session_register(fu); session_register(bar); $fu=fu; $bar =bar; // end of registering values //getting values $fu = $HTTP_SESSION_VARS[fu]; echo $fu; //end of getting values If you are using PHP 4.06 then try: $fu = $_COOKIE[fu]; -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* What I want to find out is -- do parrots know much about Astro-Turf? */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
On Wednesday 03 April 2002 04:19, Jason Wong wrote: On Thursday 04 April 2002 01:04, R. Lindeman wrote: okay i'll explain a bit i want my sessions to store some values but instead of storing them their doing nothing at all here's some code // beginning of registering of values session_start(); session_register(fu); session_register(bar); $fu=fu; $bar =bar; // end of registering values //getting values $fu = $HTTP_SESSION_VARS[fu]; echo $fu; //end of getting values If you are using PHP 4.06 then try: $fu = $_COOKIE[fu]; Hmm, are you setting and reading the cookie on the same page? If so, it can't be done. You need to either set it on one page then read on another, or set it then refresh the page. -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* It doesn't much signify whom one marries, for one is sure to find out next morning it was someone else. -- Will Rogers */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions/Cookies and HTTP Auth
Just as a note, recent builds of Mozilla have a cookie manager that is the best for seeing exactly what's going on with your cookies. You can list by name or host and see all the properties of each. Know when your session cookies are sent/deleted, know if PHP is allowing use of the same SESSID in a new session.. BTW the rest of the browser is tops as well. As for David's post, keep in mind PHP won't generate an error if a cookie isn't accepted. I bet when cookies are turned off in some browsers, the browser may accept it but throw it away. Like junk mail. Could be wrong about this though.. Steve Wednesday, March 27, 2002, 10:10:19 PM, David wrote: DM 3. I am thinking that I should get an error because I presume that DM session_start() will attempt to set a cookie (which it appears to do). DM (I tried setcookie() too and the cookie was accepted.) -- [EMAIL PROTECTED] ** http://mrclay.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sessions not so secure..solution?
Steve Clay wrote: Hello, I'm building an e-commerce site which uses sessions to hold my $cart object. This works great but I've two worries: 1) When the user connects through our secure hostname, can I ensure the browser will send the server the cookie (w/ SESSID)? The user will shop through domain.com and checkout via https:secure.domain.com. (haven't got cert yet) If your cookie domain is .domain.com, it will send the cookie to both, however, you don't really WANT to use the same cookie in both places. 2) While the user shops the SESSID is thrown around insecurely (no big deal, just a cart). But when I move the user to a secure server to get sensitive info a resourceful hacker could also go to the checkout script using this SESSID and 'confirm' the real user's personal details (kept in another registered session object). Yes, and so this is inappropriate. Allocate a cookie for all pages (ssl and not). When they transition to SSL for checkout, then give them an SSL cookie as well, and associate it with the old cookie. You could store them in a session -- I do it in a database table. Store the time you allocated the SSL cookie. Mandate that when someone views a secure page, to be considered authenticated, they must hand you the SSL-only cookie. You can use its association to retrieve the cart, but not to let someone else interrupt the ordering process, or use its authentication properties to view personal details, cancel an order, etc. Since you set the cookie to be SSL-ONLY (there's a flag for that in setcookie()), it won't be passed in the clear. Associate the assignment time of the cookie with it, and each pageview, reset it to some reasonable number, say 5-30 min. After that time expires, the cookie is no good and you reassign one. In my own scheme, that's when a user re-enters their password. Anyhow, the dual-cookie approach will allow you to maintain reasonable security. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] RE: Sessions and switching between php and htm documents
I haven't experienced this myself, but I'd have thought that if you're propagating the session via the URL rather than a cookie then it won't get added if the page isn't parsed. If it's not passed on just once it's lost. Tim Ward Internet chess www.chessish.com http://www.chessish.com -- From: Dave [SMTP:[EMAIL PROTECTED]] Sent: 27 February 2002 04:37 To: [EMAIL PROTECTED] Subject: Sessions and switching between php and htm documents login.htm form submits information login.php session_start(); $HTTP_SESSION_VARS[username]=$formUserName; header(Location: displaypage.htm); displaypage.htm show some static stuff links to formpage.htm formpage.htm form submits information to form.php form.php session_start(); echo $HTTP_SESSION_VARS[username]; - has no value Does the chain of pages have to be continually PHP pages to allow the transition of the session variables? if not, any ideas on why we are losing session variables? Dave -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] RE: Sessions and switching between php and htm documents
Not passing via URL currently... using track_vars Dave -Original Message- From: Tim Ward [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 4:16 AM To: [EMAIL PROTECTED]; Dave Subject: [PHP] RE: Sessions and switching between php and htm documents I haven't experienced this myself, but I'd have thought that if you're propagating the session via the URL rather than a cookie then it won't get added if the page isn't parsed. If it's not passed on just once it's lost. Tim Ward Internet chess www.chessish.com http://www.chessish.com -- From: Dave [SMTP:[EMAIL PROTECTED]] Sent: 27 February 2002 04:37 To: [EMAIL PROTECTED] Subject: Sessions and switching between php and htm documents login.htm form submits information login.php session_start(); $HTTP_SESSION_VARS[username]=$formUserName; header(Location: displaypage.htm); displaypage.htm show some static stuff links to formpage.htm formpage.htm form submits information to form.php form.php session_start(); echo $HTTP_SESSION_VARS[username]; - has no value Does the chain of pages have to be continually PHP pages to allow the transition of the session variables? if not, any ideas on why we are losing session variables? Dave -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] RE: Sessions not working between documents (was: Sessions and switching between php and htm documents)
When you check your info page, do sessions automatically start? If not, make sure you do a session_start(); in there somewhere before you start checking things. Not sure why (lost in the annuls of time) but I always manually start/stop my sessions. =C= * * Cal Evans * Journeyman Programmer * Techno-Mage * http://www.calevans.com * -Original Message- From: Dave [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 8:10 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Sessions not working between documents (was: Sessions and switching between php and htm documents) further to this... --enable-track-vars --enable-trans-sid are both set in the build... using mod_php register globals is on -Original Message- From: Dave [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 8:47 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [PHP] Sessions and switching between php and htm documents tested the $HTTP_SESSION_VARS prior to sending, set just fine. changed the next page to php and tested for the session var... nothing. [in login.php] ? session_start(); # database check in here if(match){ $HTTP_SESSION_VARS[UserID_session]=$txtUserID; #from form field for user $HTTP_SESSION_VARS[UserNum_session]=$databaseresult; # from database result for user number header(Location: successlogin.php); # or .htm - changed this to test if var was being passed exit; }else{ header(Location: wrongpassword.htm); exit; } ? [in successlogin.php] ? echo $HTTP_SESSION_VARS[SellerID_session]; ? if I check session_id() - it is the same in both pages. Variables just aren't getting stored/retrieved. ideas? as an aside, how do you destroy/start a new session with new session id? or do you just destroy the variables then use the same session id for the new session? Dave Did you test and make sure the variable is set? login.php session_start(); $HTTP_SESSION_VARS[username]=$formUserName; echo $HTTP_SESSION_VARS[username] header(Location: displaypage.htm); Also, for grins ang giggles, make the middle page in the chain a HP, start the session and test for the variable. If it does not work then the problem is not the middle page being html. Subject: [PHP] Sessions and switching between php and htm documents login.htm form submits information login.php session_start(); $HTTP_SESSION_VARS[username]=$formUserName; header(Location: displaypage.htm); displaypage.htm show some static stuff links to formpage.htm formpage.htm form submits information to form.php form.php session_start(); echo $HTTP_SESSION_VARS[username]; - has no value -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] RE: Sessions that last for ever
I think changing a setting in php.ini will do it, I'm just not sure which one. session.cache_expire seems like it might do something, or maybe session.gc_maxlifetime. Look them up in the manual -Original Message- From: Nigel Gilbert [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 16, 2002 7:44 AM To: [EMAIL PROTECTED] Subject: Sessions that last for ever By default, a session (created with session_register) seems to last just as long as the user has their browser open. If a user quits the browser, the session is automatically destroyed. I want a session to last indefinitely (or until my program destroys it). There are some hints about how this could be done with cookies in the documentation, but not a clear recipe. What sequence of PHP statements should I use to achieve this? Thanks for any help, Nigel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions and templating help
Hi Justin, are you using ?php session_start(); ? at the top of every page you want to keep the session? Cheers, Joe :) Justin Deutsch [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, I am running Apache with PHP4 as a module. I have also written a script (template.php) that sets up the default envrionment, like the CSS and navigation etc. The script also reads in a file, as defined by the ?path= of the URL. The file it reads in must have the sections (includes, header and body, as defined by /*** ***/ and /*** end ***/ pairs). The file is the split into these sections and along with the templated bits of the page compile into a single string which is the executed using the eval(). Now this all works fine, but I also want to use sessions. The first session from the index.html file, which is first acessed as a login page, stores the player class fine, but when I go to the next page (player_login.html) I seem to loose the session. You might ask why I don't just use an existing templating system, well it's because I think that you should only have to write the template once and not have to touch it again. The templating systems I have come across force you to include a file at the top and bottom of the code you are writing. The one down side to the way I am doing it is that I have had to force the other file into a include, header and body section, but this is a trivial formatting issue. Is there something I'm missing? I have included the code for the three scripts below. template.php ?PHP /* * This script is the basis for a templaing engine. The engine uses the * rewrite feature of the web server to capture the Virtual URL that the * user wants and maps it to this script with a paraeter. This script * then sets up the template and includes the content from the file * indicated by the user. * * A directory structure containing tall of the content is required, and * with Apache a directory to map from. */ /* Put setup here */ require_once(site-config.php); require_once(html_header.php); require_once(html_footer.php); require_once(misc_function.php); /* Set up some defaults */ $title = ; $body = ; $page = ; $file_read = false; $file_content = ; unset($content_header); /* Read the contents of a file into a string */ function read_file($filename) { global $file_read; global $file_content; $file_content = ; $file_read = false; //print $filename\n\nbrbr; if(file_exists($filename)) { $page_code = file($filename); foreach ($page_code as $line) { $file_content .= $line; } //print $file_content; $file_read = true; } else { $file_content = ' h1File Not Found/h1 pCould not find ?=$filename?, please let the Web Administrator know/p '; } } /* Get the index information */ read_file($NAV_COLUMN); $navigation = $file_content; /* * garentee that if the user gives no file name then they will get the * index file */ if(strcmp(basename($path), ) == 0) { if(!preg_match(/\/$/, $path)) { $path .= /; } $path .= index.html; } /* Get the Header information and the content of the body */ $file_name = $CONTENT_PATH/$path; read_file($file_name); if($file_read) { //print $file_name; /* Grab the HTTP header stuff from the file. This includes any * session information. * * The header section is defined by * *** header *** and *** end header *** at the start of the * file. */ $section = preg_split(/\s*\*{3}\s*end\s*header\s*\*{3}\s*/im, $file_content, 2 ); if(count($section) == 2) { $content_header = $section[0]; $content_header = preg_replace(/\*{3}\s*header\s*\*{3}/im, , $content_header, 1 ); $body = $section[1]; /* get the includes section */ $section = preg_split(/\s*\*{3}\s*end\s*includes\s*\*{3}\s*/im, $content_header, 2 ); if(count($section) == 2) { $include_files = $section[0]; $include_files = preg_replace(/\*{3}\s*includes\s*\*{3}/im, , $include_files, 1 ); $content_header = $section[1]; } } else { $body = $section[0]; } } else { $body = $file_content; } if(isset($include_files)) { $page .= $include_files.\n; } $page .= '?PHP /* * Start of Template code */ /* include state management here in an if to see if it is wanted */ if(defined($KEEP_STATE) $KEEP_STATE) { session_start(); } /* Set up the headers and footers */ header(Expires: Mon, 26 Jul 1997 05:00:00 GMT); header(Last-Modified: . gmdate(D, d M Y H:i:s) . GMT); header(Cache-Control: no-store, no-cache, must-revalidate); header(Cache-Control: post-check=0, pre-check=0, false); header(Pragma: no-cache); /* keep state = '.$KEEP_STATE.' */ ? '; if(isset($content_header)) { $page .= $content_header.\n; } $page .= ' ?PHP /* * Start of Template code section */ $header = new html_header($title); $footer = new html_footer(); $header-display() ?'.\n; //$header-display(); //print h1:$title/h1; /* print
[PHP] Re: Sessions that last for ever
Hi Nigel, you could set a cookie once they enter your site, and check at the top of each page you want accessible with this variable to see if they have it or not. Joe :) Nigel Gilbert [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... By default, a session (created with session_register) seems to last just as long as the user has their browser open. If a user quits the browser, the session is automatically destroyed. I want a session to last indefinitely (or until my program destroys it). There are some hints about how this could be done with cookies in the documentation, but not a clear recipe. What sequence of PHP statements should I use to achieve this? Thanks for any help, Nigel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions just not working...
Norman Cates wrote: I cannot get session information to work under any circumstances SNIP But even reading the comments on the above page, nothing will work. It will not persist with the session variable... Am I doing something wrong? If you are using recent PHP, track vars are always on. Anyway, try E_ALL for error reporting, you might see some error messages from sessoin module. -- Yasuo Ohgaki -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Sessions in URL not being recognized!
Try to enable output bufffering to see if it helps. -- Yasuo Ohgaki Please CC me when you reply to news/list messages. Do not reply only to me :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: [Kopia] [PHP] Re: Sessions problem with FreeBSD 4.3
From my understanding, as long as you have a session_start() function above the html tag, you can work with variables in the form $_SESSION['variableName'] rather than having to use session_register(). In fact, using session_register() is no longer needed at all. Use $_SESSION['variableName'] the way you would any other variable. Erik PS: I'm not speaking definitively, just my own interpretation of the manual. On Wednesday, January 23, 2002, at 07:18 PM, Yasuo Ohgaki wrote: Jeff Sheltren wrote: What happens if you set register_globals=Off and use $_SESSION? Thanks for the reply. I will try changing register_globals to Off. I am not quite sure I know what you mean by using $_SESSION though, could someone please explain how that is uesd? Session manaul pages are updated. There is enough explanation how to use $HTTP_SESSION_VARS/$_SESSION now :) -- Yasuo Ohgaki -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: [Kopia] [PHP] Re: Sessions problem with FreeBSD 4.3
Jeff Sheltren wrote: What happens if you set register_globals=Off and use $_SESSION? Thanks for the reply. I will try changing register_globals to Off. I am not quite sure I know what you mean by using $_SESSION though, could someone please explain how that is uesd? Session manaul pages are updated. There is enough explanation how to use $HTTP_SESSION_VARS/$_SESSION now :) -- Yasuo Ohgaki -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Sessions
By design. Try accessing $HTTP_SESSION_VARS instead. That should work. In other words, if you were accessing a session variable by $session_var, now use $HTTP_SESSION_VARS['session_var']. -- Gaylen [EMAIL PROTECTED] Home http://www.gaylenandmargie.com/ PHP KISGB v2.6 Guest Book http://www.gaylenandmargie.com/phpwebsite/ Philip Maciver [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Since turning of register_globals in the php.ini file, sessions don't seem to be working any more, does anyone know why? == Philip MacIver -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Re: Sessions
Thanks, that worked fined! On Mon, 24 Dec 2001 09:31:31 -0600 Gaylen Fraley [EMAIL PROTECTED] wrote: By design. Try accessing $HTTP_SESSION_VARS instead. That should work. In other words, if you were accessing a session variable by $session_var, now use $HTTP_SESSION_VARS['session_var']. -- Gaylen [EMAIL PROTECTED] Home http://www.gaylenandmargie.com/ PHP KISGB v2.6 Guest Book http://www.gaylenandmargie.com/phpwebsite/ Philip Maciver [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Since turning of register_globals in the php.ini file, sessions don't seem to be working any more, does anyone know why? == Philip MacIver -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] == Philip MacIver -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: sessions and authentication
insted of if ( $isloggedin ) user logged in do if ( $HTTP_SESSION_VARS['isloggedin'] ) user is logged in -- Chris Lee [EMAIL PROTECTED] Steve Maroney [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey guys, I know this has been brought up several times but can't find it in the archives of this list. I have some PHP 4 scripts that check the value of a logged in variable. if the user authenticates him/her self, then the logged in variable gets set and registered with the session. How can I stop some evil person from passing that variable to my script using GET or POST methods ? I tried: $HTTP_POST_VARS[user_authenticated] = ; $HTTP_GET_VARS[user_authenticated] = ; and: unset($HTTP_POST_VARS[user_authenticated]); unset($HTTP_GET_VARS[user_authenticated]); but that didn't do me any good. Please advise. Thank you, Steve Maroney -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: sessions
take a look at my session.egn file. http://www.mediawaveonline.com/examples/ -- Chris Lee [EMAIL PROTECTED] Anthony [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I need some help with sessions. I read the sections in the manual and searched for tutorials, but I still can't get a straight forward example of how sessions work. I need to pass variables to a page that will load in a new browser window. I used session_register, but when I look in the $HTTP_SESSION_VARS, it doesn't exist. I tried using start_session and still no luck. Once I get the session vars registered, how do I access them. I am able to pass the session id as a var, I'm going it like page.php?sid=$sid_var. Is there a better way, do I need to do this at all? I'm confused as hell and can't find a working example anywhere. Help! - Anthony -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Sessions Variables and refresh pages
is your web server a Microsoft one (IIS, PWS, ...) ? I'm not sure, but I think there is a known problem with them if you set a session variable and do a redirect in the same page. Can anyone confirm this ? Philippe Karina Gómez Salgado [EMAIL PROTECTED] a écrit dans le message news: [EMAIL PROTECTED] Hello, this is the fourth time i wrote expecting some answer from somebody with more experience than me. I have a protected page , i ask for user and pass and save these variables as session variables, with session_register. When the user submit this page.. this variables are registered, in the next page, i do some queries using a substr of REQUEST_URI and displaying 2 selects results and 1 update. When i remove the access-control page all works fine, but when i set the session vars, the first time i see the results, i need to refresh/reload the web page to show the correct results of the queries, otherwise the page source shows data missing... post operation... refresh... Please, how can i avoid the manual refresh ? Karina Gomez -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] RE: Sessions, sessions, sessions...
Nope. Still doesn't work. I still have to do a refresh on the page manually... Any other ideas? Thanks, Brad -Original Message- From: Wayne K [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 2 October 2001 11:38 AM To: Bradley Goldsmith Subject: Re: Sessions, sessions, sessions... register your sessions then reload the page with a header(location:stuff.here) if session is registered then omit the header() - Original Message - From: Bradley Goldsmith [EMAIL PROTECTED] Newsgroups: php.general To: [EMAIL PROTECTED] Sent: Monday, October 01, 2001 9:13 PM Subject: Sessions, sessions, sessions... | Hi, | | I am using php4 (great) under win32 apache (not so great) ... | | I am trying to regsiter two session variables. When the page is | first displayed, the variables are registered thus: | | session_register(Sheet); | $HTTP_SESSION_VARS[Sheet]=serialize($Sheet); | | //store time offset session | session_register(offset); | $HTTP_SESSION_VARS[offset]=$offset; | | I had some checking code in there before and the registers returned | true. | | The problem is that on the first time around the variables do not | seem to register. However, if the page loads and then I do a refresh by | clicking on the toolbar - it all seems to work ok. | | Any ideas on how I can get the vars to stick first time around? | | Cheers, | Brad | | -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Re: Sessions and include()...
There is no magic way for the cookies to transfer from server to server -- Cookies were specifically designed *NOT* to be transferrable, for consumer privacy reasons. You'll need to pass the cookie back and forth from your server to theirs by hand -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm - Original Message - From: Matthew Walker [EMAIL PROTECTED] To: 'Richard Lynch' [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, September 22, 2001 4:38 PM Subject: RE: [PHP] Re: Sessions and include()... Alright. If that's the case, how do you make sure a cookie gets set for the remote domain? I'm working on a project to write a hosted shopping cart, but we want people to have the ability to include pieces of the display functionality on their own pages, if their host supports PHP. But those pieces would need to use the same session as if they were on /our/ server. -Original Message- From: Richard Lynch [mailto:[EMAIL PROTECTED]] Sent: Friday, September 21, 2001 10:25 PM To: Matthew Walker Cc: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions and include()... I believe: include() gets parsed and executed on the server that is doing the include-ing, not the remote server... If that file has session_xxx() in it, you'll have started a session and whatnot on the local server. The remote server doesn't even have to have PHP on it at all, and its configuration is irrelevant, other than allowing you to read some file that happens to have PHP source code in it... Which, by the way, is a very scarey concept unless you have complete security control over the remote server... -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm - Original Message - From: Matthew Walker [EMAIL PROTECTED] Newsgroups: php.general To: [EMAIL PROTECTED] Sent: Friday, September 21, 2001 11:48 AM Subject: Sessions and include()... What happens if you use include() to include a file from another server, and that file sets a session? Does the session get set for the domain of the wrapper page, or does it get set for the domain of the included page? -- Matthew Walker Ecommerce Project Manager Mountain Top Herbs --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.281 / Virus Database: 149 - Release Date: 9/18/2001 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: Sessions and include()...
Alright. If that's the case, how do you make sure a cookie gets set for the remote domain? I'm working on a project to write a hosted shopping cart, but we want people to have the ability to include pieces of the display functionality on their own pages, if their host supports PHP. But those pieces would need to use the same session as if they were on /our/ server. -Original Message- From: Richard Lynch [mailto:[EMAIL PROTECTED]] Sent: Friday, September 21, 2001 10:25 PM To: Matthew Walker Cc: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions and include()... I believe: include() gets parsed and executed on the server that is doing the include-ing, not the remote server... If that file has session_xxx() in it, you'll have started a session and whatnot on the local server. The remote server doesn't even have to have PHP on it at all, and its configuration is irrelevant, other than allowing you to read some file that happens to have PHP source code in it... Which, by the way, is a very scarey concept unless you have complete security control over the remote server... -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm - Original Message - From: Matthew Walker [EMAIL PROTECTED] Newsgroups: php.general To: [EMAIL PROTECTED] Sent: Friday, September 21, 2001 11:48 AM Subject: Sessions and include()... What happens if you use include() to include a file from another server, and that file sets a session? Does the session get set for the domain of the wrapper page, or does it get set for the domain of the included page? -- Matthew Walker Ecommerce Project Manager Mountain Top Herbs --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.281 / Virus Database: 149 - Release Date: 9/18/2001 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Sessions and include()...
I believe: include() gets parsed and executed on the server that is doing the include-ing, not the remote server... If that file has session_xxx() in it, you'll have started a session and whatnot on the local server. The remote server doesn't even have to have PHP on it at all, and its configuration is irrelevant, other than allowing you to read some file that happens to have PHP source code in it... Which, by the way, is a very scarey concept unless you have complete security control over the remote server... -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm - Original Message - From: Matthew Walker [EMAIL PROTECTED] Newsgroups: php.general To: [EMAIL PROTECTED] Sent: Friday, September 21, 2001 11:48 AM Subject: Sessions and include()... What happens if you use include() to include a file from another server, and that file sets a session? Does the session get set for the domain of the wrapper page, or does it get set for the domain of the included page? -- Matthew Walker Ecommerce Project Manager Mountain Top Herbs --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.281 / Virus Database: 149 - Release Date: 9/18/2001 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Sessions Getting Broken
Maybe it's getting timed out? Niklas lampén [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a database update system and I regonize users with sessions. Sometimes sessions just broke with no sane (for me at least) reason. Any ideas what may cause this, it's pretty anoying if you have updated 20 fields, try to submit the form and then you get kicked out of the system!?! Otherwise my sessions work great. :) Niklas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: Sessions Getting Broken
Hmm.. How do I know how fast they timeout? And it seems that all of my users drop at the same time, not sure about it thou. session.cache_expire is set to 180. session.cookie_lifetime is 0. Maybe those do tell you something and you tell me more! :) Niklas -Original Message- From: _lallous [mailto:[EMAIL PROTECTED]] Sent: 11. syyskuuta 2001 13:09 To: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions Getting Broken Maybe it's getting timed out? Niklas lampén [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a database update system and I regonize users with sessions. Sometimes sessions just broke with no sane (for me at least) reason. Any ideas what may cause this, it's pretty anoying if you have updated 20 fields, try to submit the form and then you get kicked out of the system!?! Otherwise my sessions work great. :) Niklas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Re: Sessions Getting Broken
Can't tell like that No more ideasmaybe somecode would help?! Niklas lampén [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hmm.. How do I know how fast they timeout? And it seems that all of my users drop at the same time, not sure about it thou. session.cache_expire is set to 180. session.cookie_lifetime is 0. Maybe those do tell you something and you tell me more! :) Niklas -Original Message- From: _lallous [mailto:[EMAIL PROTECTED]] Sent: 11. syyskuuta 2001 13:09 To: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions Getting Broken Maybe it's getting timed out? Niklas lampén [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a database update system and I regonize users with sessions. Sometimes sessions just broke with no sane (for me at least) reason. Any ideas what may cause this, it's pretty anoying if you have updated 20 fields, try to submit the form and then you get kicked out of the system!?! Otherwise my sessions work great. :) Niklas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: Sessions Getting Broken
session_start(); if (!session_is_registered(Session)) { toStart(2); exit; }; $Session = $GLOBALS[Session]; This is what I do on every page. I don't think it's timeout, since the session might get broken just after 5 minutes. function toStart() is used to move user to the login page with an error code. Niklas -Original Message- From: _lallous [mailto:[EMAIL PROTECTED]] Sent: 11. syyskuuta 2001 14:35 To: [EMAIL PROTECTED] Subject: Re: [PHP] Re: Sessions Getting Broken Can't tell like that No more ideasmaybe somecode would help?! Niklas lampén [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hmm.. How do I know how fast they timeout? And it seems that all of my users drop at the same time, not sure about it thou. session.cache_expire is set to 180. session.cookie_lifetime is 0. Maybe those do tell you something and you tell me more! :) Niklas -Original Message- From: _lallous [mailto:[EMAIL PROTECTED]] Sent: 11. syyskuuta 2001 13:09 To: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions Getting Broken Maybe it's getting timed out? Niklas lampén [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a database update system and I regonize users with sessions. Sometimes sessions just broke with no sane (for me at least) reason. Any ideas what may cause this, it's pretty anoying if you have updated 20 fields, try to submit the form and then you get kicked out of the system!?! Otherwise my sessions work great. :) Niklas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: SESSIONS! - please help
this allways buggers people up session_register(count); $count = array(); should be $count = array(); session_register(count); you have to set the var first before registering it. you should also check if the var is allready registerd ($HTTP_SESSION_VARS[]) if so, dont re-register it, this can cause session to segfault apache every so often. www.mediawaveonline.com/exmaples/session.txt this is my session file I use, take a look at what I mean. also your using php4 so try foreach() its alot nicer, just looks better. foreach($count as $key = $value) vs while (list($key, $value) = each ($count)) -- Chris Lee [EMAIL PROTECTED] Christian Haines [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi all, PHP-4.03pl LINUX 7.0 i am still having problems with sessions. the following does nothing but should appear to do something! it is just a simple experiment to test that sessions work. session_test.php calls session_proc.php to perform one of three functions. i would really appreciate any help as this is driving me nuts. i have also tested this on other systems to no avail. many thanks in advance, christian - session_test.php -- html body ? if(is_array($count)) { reset ($count); while (list($key, $value) = each ($count)) { echo Key: $key; Value: $value Count:.count($value).br\n; if(is_array($value)) { reset ($value); while (list($key2, $value2) = each ($value)) { echo --- Key: $key2; Value: $value2 br\n; } } } } print brnbsp;br.count($count). ---.session_is_registered(count); ? form name=test method=post action=session_proc.php input name=increment type=submit value=incrementinput name=reset type=submit value=resetinput name=decrement type=submit value=decrement /form /body /html - session_proc.php -- ? session_start(); session_register(count); $count = array(); if(isset($increment)) { $count[0] = 9; $count[1] = 11; $count[2] = 12; } if(isset($reset)) { unset($count); } if(isset($decrement)) { $count[0] = 4; $count[1] = 6; $count[2] = 1; } header(location: session_test.php); exit; ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: sessions problems :/
another question is, at what time of the script does php call my session_write function to update the registered session?! *AFTER* the connection to the browser is dead and gone, so any error output is sent to the twilight zone. Any error output in session_write needs to go through error_log or something. -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Sessions in pop-up windows
If Cookies are off, you may need to provide more than just # as the HREF. While # will work, it's not technically speaking a valid URL, and PHP is probably not inserting the SID into the URL, or else inserting it in the wrong place. Use View Source in your browser to see what PHP is doing to that HREF. -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm - Original Message - From: Chris Cameron [EMAIL PROTECTED] Newsgroups: php.general To: [EMAIL PROTECTED] Sent: Sunday, August 19, 2001 1:28 PM Subject: Sessions in pop-up windows I'm having some issues passing a session to a pop-up window. The pop-up window is you average DreamWeaver popup: a href=# onClick=MM_openBrWindow('prod_detail_pop.php','','width=500,height=350')L ink/a When you click on the link, the session doesn't get passed. I have trans-sid enabled. Any ideas on how I could go about passing my sid? Thanks, Chris -- Chris Cameron System Administrator UpNIX Internet Services http://www.upnix.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Sessions in older browsers
Show us source code. Test your site in IE 4.0 and set preferences to notify me before accepting cookies See what you get for cookies, and what IE stores, and what comes back to your PHP code. -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm - Original Message - From: Sheni R. Meledath [EMAIL PROTECTED] Newsgroups: php.general To: PHP Masters [EMAIL PROTECTED] Sent: Tuesday, August 14, 2001 2:04 AM Subject: Sessions in older browsers Hello: I am using Sessions for user authentication in one of our sites. The problem is now so many users are calling us saying that they are not able to access the site. They have got IE v 4.0 . Are there any problems with sessions in older browser versions. Could anybody please suggest a way to solve this issue. Many thanks Sheni R Meledath [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Sessions + Variables + includes
great minds and all that this is some code i use but i have a login page that takes the username and passowrd and passes that to another page that does the verification. so: page 1 takes the username and password. page 2 registers session vars and sets logged in to true if accepted. every page from then on has this include file ?php session_start(); if ($loggedin != true) { echo'headmeta HTTP-EQUIV=Refresh CONTENT=0;URL=login.php/head'; session_destroy(); exit; } i use the meta http=equiv to direct them to the index page of the site if they are verified. Steve Dosenbrei [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Sorry for my bad english ;-) I'm writing an application using php and sessions. In the first include file i'm writing something like this session_start(); session_register(loggedin); The i have another include file with the functions. When i'm submitting the username and passwort to the function which checks them i'd like to set loggedin to 1 how does this work? function CheckLogin($username,$password) { if($username=='test' $password=='user') { $loggedin=1; header(location:secretpage.php); } else { $loggedin =0; header(location:login.php) } Can i user include with sessions or doe i have to use requiere? I also tried to set the $loggedin to 1 this way: $HTTP_SESSION_VARS[loggedin]=1; This doesn't work too. Please help me THX -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Sessions are so buggie in PHP ???
For who knows about bugs with session in PHP, I have: PHP Version 4.0.4pl1 Marian [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a problem with session thing. I have one script for logging into some user pages. But many users tell me that the script is... lossing the session_variables which are set. It's very strange because this is not for certain users, or browsers. It's very randomly. Today this happent for me also, I mean I was going into those pages, and one time the server lost the session_variables and the script told me that I'm not even logged. Why is this happening ? it's very very randomly, but its happening and not one time a day... some users reported me that they have to close totally the browser and then try to login again and this is not happening again. This problem is happening with any browser... any idea ? Plz help ! :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]