Kevin Murphy wrote:
I've got a site (password protected, sorry) where I have this in the top
of my template:
session_start();
$iSessionId = session_id();
$iSessionName = session_name();
Then I have a bunch of links like this in the site:
echo "Departments";
The first time, and on
I've got a site (password protected, sorry) where I have this in the
top of my template:
session_start();
$iSessionId = session_id();
$iSessionName = session_name();
Then I have a bunch of links like this in the site:
echo "Departments";
The first time, and only the f
On Wed, August 16, 2006 10:56 pm, Michael B Allen wrote:
> On Thu, 17 Aug 2006 12:06:08 +1000
> Chris <[EMAIL PROTECTED]> wrote:
>
>> Michael B Allen wrote:
>> > Searching through the logs and browsing my site (see sig) I
>> sometimes see
>> > PHPSESSID is used as opposed to cookies. I know it's no
On Wed, August 16, 2006 8:44 pm, Michael B Allen wrote:
> Searching through the logs and browsing my site (see sig) I sometimes
> see
> PHPSESSID is used as opposed to cookies. I know it's not simply that
> the
> client doesn't support cookies because I can see the same IP
> transition
> to and fro
On Thu, 17 Aug 2006 12:06:08 +1000
Chris <[EMAIL PROTECTED]> wrote:
> Michael B Allen wrote:
> > Searching through the logs and browsing my site (see sig) I sometimes see
> > PHPSESSID is used as opposed to cookies. I know it's not simply that the
> > client doesn't support cookies because I can s
On Thu, 17 Aug 2006 14:26:17 +1000
Chris <[EMAIL PROTECTED]> wrote:
> Michael B Allen wrote:
> > On Thu, 17 Aug 2006 12:06:08 +1000
> > Chris <[EMAIL PROTECTED]> wrote:
> >
> >> Michael B Allen wrote:
> >>> Searching through the logs and browsing my site (see sig) I sometimes see
> >>> PHPSESSID
Michael B Allen wrote:
On Thu, 17 Aug 2006 12:06:08 +1000
Chris <[EMAIL PROTECTED]> wrote:
Michael B Allen wrote:
Searching through the logs and browsing my site (see sig) I sometimes see
PHPSESSID is used as opposed to cookies. I know it's not simply that the
client doesn't support cookies be
Michael B Allen wrote:
Searching through the logs and browsing my site (see sig) I sometimes see
PHPSESSID is used as opposed to cookies. I know it's not simply that the
client doesn't support cookies because I can see the same IP transition
to and from using PHPSESSID. Can someone explain why th
Searching through the logs and browsing my site (see sig) I sometimes see
PHPSESSID is used as opposed to cookies. I know it's not simply that the
client doesn't support cookies because I can see the same IP transition
to and from using PHPSESSID. Can someone explain why this is happening?
I'm usi
[snip]
ini_set('session.use_trans_sid', '0');
[/snip]
I think, at least according to the manual
session.use_trans_sid can only be set in php.ini, .htaccess or
httpd.conf
http://www.php.net/ini_set look at session.use_trans_sid
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe,
I have the following lines in a PHP script:
ini_set('session.save handler','user');
ini_set('session.use_cookies', '1');
ini_set('session.use_only_cookies', '1');
ini_set('session.cookie_lifetime', '0');
ini_set('session.use_trans_sid', '0');
I do not want the Session ID to be passed via the URL,
Sorry, but I tried this : session.use_cookies = 0 in php.ini
and I have always the bug.
And if I use htmldoc on command line with same args it works fine.
Could php forbidden using of PHPSESSID ?
Nicolas
Le mar 23/03/2004 à 16:37, Raditha Dissanayake a écrit :
> Guillouet Nicolas wrote:
>
>
Guillouet Nicolas wrote:
Hi,
I discover a surprising thing with PHPSESSID, I try something like this
:
$var="htmldoc -t html --quiet ''
'https://login:[EMAIL
PROTECTED]/file.php?documentIdent=157&typeAffiche=3&PHPSESSID=068dd351a106bb6ead80e11a27f75100'";
echo 'var='.$var;
passthru($var);
passt
Hi,
I discover a surprising thing with PHPSESSID, I try something like this
:
$var="htmldoc -t html --quiet ''
'https://login:[EMAIL
PROTECTED]/file.php?documentIdent=157&typeAffiche=3&PHPSESSID=068dd351a106bb6ead80e11a27f75100'";
echo 'var='.$var;
passthru($var);
passthru is waiting for and d
Hi everyone,
I have this situation:
I use some regular expressions to rewrite the URL of a web site,
in particular:
http://www.mysite.com/lingua-ita/colore-rosso/pagina.html
that becames
http://www.mysite.com/pagina.php?lingua=ita&colore=rosso.
Is all ok until I use some session variables.
It hap
Hi everyone,
I have this situation:
I use some regular expressions to rewrite the URL of a web site,
in particular:
http://www.mysite.com/lingua-ita/colore-rosso/pagina.html
that becames
http://www.mysite.com/pagina.php?lingua=ita&colore=rosso.
Is all ok until I use some session variables.
It hap
t;
To: <[EMAIL PROTECTED]>
Sent: Wednesday, July 30, 2003 12:59 PM
Subject: [PHP] PHPSESSID AND SID
> This should be a simple question but I can't find the answer in the
manual.
>
> is it necessary to global variables or constants in functions?
> i.e.
> function Foo()
>
This should be a simple question but I can't find the answer in the manual.
is it necessary to global variables or constants in functions?
i.e.
function Foo()
{
global $PHPSESSID;
global SID; // how would you do that anyway?
}
Thanks in advance
Daryl
--
PHP General Mailing List (http://ww
--- Kris Yates <[EMAIL PROTECTED]> wrote:
> What php.ini setting causes the following:
>
> A link in a document index gets
> modified by PHP, so that the end-user sees
> index
>
> in the source? How do you turn this off?
session.use_trans_sid = 1
Make that 0.
Chris
=
Become a better Web d
On Wednesday 16 July 2003 22:45, Kris Yates wrote:
> What php.ini setting causes the following:
>
> A link in a document index gets modified by PHP,
> so that the end-user sees
> index
>
> in the source? How do you turn this off?
session.use_trans_sid
--
Jason Wong -> Gremlins Associates -> www.
What php.ini setting causes the following:
A link in a document index gets modified by PHP,
so that the end-user sees
index
in the source? How do you turn this off?
Thanks,
Kris
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hi Henrik,
Take a look at session_id, you can use it to get or set the session id.
Using some of my random generation functions I juse 72 to 96 character
session ids for my more secure PHP applications. Remember if you want
it to remain secure you need to pass it through SSL, longer keys do no
Hey List-
I'm trying to figure out how to make the PHPSESSID cookie be longer then 32
characters?
One can set the entropy file and entropy length, but if my understanding of
entropy is correct then that just helps randomize the 32 chars and not not
actually make a string that much longer or s
> I'm working on securing my application, and am running into a slight
issue
> that I cannot seem to find a fix for. If the attacker changes his
> PHPSESSID
> cookie to contain illegal characters, it causes an error on the screen
> upon
> session_start().
>
> How can I check to see if this is a va
Hi Everyone,
I'm working on securing my application, and am running into a slight issue
that I cannot seem to find a fix for. If the attacker changes his PHPSESSID
cookie to contain illegal characters, it causes an error on the screen upon
session_start().
How can I check to see if this is a vali
I think it might have something to do with --enable-trans-sid
read up on that
Jim
- Original Message -
From: "Liam Gibbs" <[EMAIL PROTECTED]>
To: "php list" <[EMAIL PROTECTED]>
Sent: Friday, March 07, 2003 8:45 PM
Subject: [PHP] $PHPSESSID
First of all
At 05:45 08.03.2003, Liam Gibbs said:
[snip]
>Here's the newest brain teaser: I have cookies disabled (well, I have IE set
>to the highest security mode, where it disables cookies). I understand that
>with cookies enabled, $PHPSESSID will return nothing whe
First of all, thanks all who helped with the min and max functions (that works) and
the dollar sign bit (which also works). Kudos. Couldn't have done it without y'all!
Here's the newest brain teaser: I have cookies disabled (well, I have IE set to the
highest security mode, where it disables coo
On Thursday 29 August 2002 08:00, Todd Pasley wrote:
> > On a clients first visit to a site, the PHPSESSID gets written into the
> > URL, but not on any additional requests.
> >
> > Has anyone had this problem? It wasn't happening before the upgrade.
> >
> > Running:
> >
> > Redhat 7.3
> > PHP 4.
>
> On a clients first visit to a site, the PHPSESSID gets written into the
> URL, but not on any additional requests.
>
> Has anyone had this problem? It wasn't happening before the upgrade.
>
> Running:
>
> Redhat 7.3
> PHP 4.2.2
> Apache 1.3.26
The same thing happens to me, however, sessions
Hello,
Have a strange problem since upgrading to 4.2.2.
On a clients first visit to a site, the PHPSESSID gets written into the
URL, but not on any additional requests.
Has anyone had this problem? It wasn't happening before the upgrade.
Running:
Redhat 7.3
PHP 4.2.2
Actually, over the weekend, I started using sessions in my scripts.
All I did was start it using session_start();
I only noticed this behaviour using Opera 6.02 Linux browser running
under FBSD 4.6-Stable.
(It may have happened in mozilla 1.0 r3, but I may have not paid
attention to it).
I load
Hi, I have a few questions with php sessions, below is an example script:
test_sess.php
-
local path
When I initially load the file (session cookie gets set), the HREF link
gets the PHPSESSID appended to it. If I reload the page (cookie already
set) the appendage goes away.
Ac
On Tuesday 09 April 2002 17:20, Nick Wilson wrote:
> Hi all
> I've just moved host and I'm getting a very ugly PHPSESSID string
> appended to my url's
This happens when php is compiled with the "--enable-trans-sid" option.
> I know this can be fixed but can't remember how, my ISP is not so brig
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all
I've just moved host and I'm getting a very ugly PHPSESSID string
appended to my url's
I know this can be fixed but can't remember how, my ISP is not so bright
so I was hoping someone could tell me what to tell them.
How can I change this?
M
I have a website where I use sessions. After a user has logged of, the logon
screen appears again. The username field is filled with the value from a
cookie.
What happens:
For example: username = "Peter"
In the situation that I log of (and the logon page appears), the username
field gets the va
JNT> If I do this:
JNT> echo $PHPSESSID;
I've encountered the same when instaling the Mandrake Linux 8.1 with a
precompiled php - also 4.1.0.
Sessions just doesn't seem to work no matter how I access them.
I installed Redhat 7.1 on my server again, and left the problem for my
ISP.
Kind reg
Hi
One way is or if cookies aren't used try
$PHPSESSID seems to only get set if it comes back as a cookie
Tom
At 04:39 AM 18/12/01, Julio Nobrega Trabalhando wrote:
> Hi All,
>
> I have a few scripts using $PHPSESSID to softly disable cookies
>requirement on some pages. I just installed PH
Hi All,
I have a few scripts using $PHPSESSID to softly disable cookies
requirement on some pages. I just installed PHP 4.1.0 and I am porting some
lines to adapt to the new version.
If I do this:
It doesn't show nothing at all. Did something changed, does this var now
have a new nam
If the user's browser does not support the session cookie like it should,
PHP will automatically "rewrite" your url's and add "?PHPSESSID=".
So you don't need to force PHPSESSID to be sent, but you could always just
add ?PHPSESSID= onto all the urls you want.
It's just really ugly that way.
--
I use session in my Shopping cart program.
start with
session_start() ;
and register the value with
session_register('uid') ;
when I want to pass the session value to another page I use
echo "click" ;
In 'somepage.php' I try to echo $uid the output that correct
My question is why m
I use session in my Shopping cart program.
start with
session_start() ;
and register the value with
session_register('uid') ;
when I want to pass the session value to another page I use
echo "click" ;
In 'somepage.php' I try to echo $uid the output that correct
My question is why m
othing changed, look for a second evil twin of php.ini
-Ben
-Original Message-
From: trogers [mailto:[EMAIL PROTECTED]]
Sent: Sunday, April 08, 2001 6:59 PM
To: 'PHP General List. (E-mail)'
Subject: Re: [PHP] PHPSESSID sticks to every link after upgrate of
Apache/PHP
Hi
You will proba
Hi
You will probably need to make clean and rebuild php config and do a new
make against the new version of apache.
Just a guess
Tom
At 12:28 PM 5/04/01 +0900, Maxim Maletsky wrote:
>
>Hello,
>
>my co-worker has reinstalled Apache and PHP over the last night.
>
>The Apache was upgraded to the ne
Hm...what browser are you using to test the site?
By using the trans_id option I believe that tells PHP to append the sessid
into the url if the cookie is not being accepted.
Try turning it off and trying it, and you may need to comment out the
url.rewriter thing directly under that option.
Tr
Maxim Maletsky wrote:
>
> Site uses sessions and, somehow, after this upgrade started carrying
> PHPSESSID through HREF.
Sounds to me like php was compliled with the --enable-trans-sid option
which does exactly that.
Just a guess.
Regards
Joseph
--
PHP General Mailing List (http://ww
Hello,
my co-worker has reinstalled Apache and PHP over the last night.
The Apache was upgraded to the new version while PHP was re-installed the
same.
PHP.ini was untouched.
Site uses sessions and, somehow, after this upgrade started carrying
PHPSESSID through HREF.
What should look fo
>Where is the temp session file held at? I have a script that uses sessions
but I can't find the session file.
>My php.ini file indicates that the session.save_path = c:\php\sessiondata
but there is not any files there when there should be.
Change those \ to / and keep all the players happy.
>It
Where is the temp session file held at? I have a script that uses sessions but I can't
find the session file.
My php.ini file indicates that the session.save_path = c:\php\sessiondata but there is
not any files there when there should be. It does look like the session is working
though.
Any
49 matches
Mail list logo