I've got a site (password protected, sorry) where I have this in the
top of my template:
session_start();
$iSessionId = session_id();
$iSessionName = session_name();
Then I have a bunch of links like this in the site:
echo a href=\/departments/\Departments/a;
The
Kevin Murphy wrote:
I've got a site (password protected, sorry) where I have this in the top
of my template:
session_start();
$iSessionId = session_id();
$iSessionName = session_name();
Then I have a bunch of links like this in the site:
echo a href=\/departments/\Departments/a;
On Wed, August 16, 2006 8:44 pm, Michael B Allen wrote:
Searching through the logs and browsing my site (see sig) I sometimes
see
PHPSESSID is used as opposed to cookies. I know it's not simply that
the
client doesn't support cookies because I can see the same IP
transition
to and from
On Wed, August 16, 2006 10:56 pm, Michael B Allen wrote:
On Thu, 17 Aug 2006 12:06:08 +1000
Chris [EMAIL PROTECTED] wrote:
Michael B Allen wrote:
Searching through the logs and browsing my site (see sig) I
sometimes see
PHPSESSID is used as opposed to cookies. I know it's not simply
that
On Thu, 17 Aug 2006 14:26:17 +1000
Chris [EMAIL PROTECTED] wrote:
Michael B Allen wrote:
On Thu, 17 Aug 2006 12:06:08 +1000
Chris [EMAIL PROTECTED] wrote:
Michael B Allen wrote:
Searching through the logs and browsing my site (see sig) I sometimes see
PHPSESSID is used as opposed to
On Thu, 17 Aug 2006 12:06:08 +1000
Chris [EMAIL PROTECTED] wrote:
Michael B Allen wrote:
Searching through the logs and browsing my site (see sig) I sometimes see
PHPSESSID is used as opposed to cookies. I know it's not simply that the
client doesn't support cookies because I can see the
Searching through the logs and browsing my site (see sig) I sometimes see
PHPSESSID is used as opposed to cookies. I know it's not simply that the
client doesn't support cookies because I can see the same IP transition
to and from using PHPSESSID. Can someone explain why this is happening?
I'm
Michael B Allen wrote:
Searching through the logs and browsing my site (see sig) I sometimes see
PHPSESSID is used as opposed to cookies. I know it's not simply that the
client doesn't support cookies because I can see the same IP transition
to and from using PHPSESSID. Can someone explain why
Michael B Allen wrote:
On Thu, 17 Aug 2006 12:06:08 +1000
Chris [EMAIL PROTECTED] wrote:
Michael B Allen wrote:
Searching through the logs and browsing my site (see sig) I sometimes see
PHPSESSID is used as opposed to cookies. I know it's not simply that the
client doesn't support cookies
I have the following lines in a PHP script:
ini_set('session.save handler','user');
ini_set('session.use_cookies', '1');
ini_set('session.use_only_cookies', '1');
ini_set('session.cookie_lifetime', '0');
ini_set('session.use_trans_sid', '0');
I do not want the Session ID to be passed via the
[snip]
ini_set('session.use_trans_sid', '0');
[/snip]
I think, at least according to the manual
session.use_trans_sid can only be set in php.ini, .htaccess or
httpd.conf
http://www.php.net/ini_set look at session.use_trans_sid
--
PHP General Mailing List (http://www.php.net/)
To
Sorry, but I tried this : session.use_cookies = 0 in php.ini
and I have always the bug.
And if I use htmldoc on command line with same args it works fine.
Could php forbidden using of PHPSESSID ?
Nicolas
Le mar 23/03/2004 à 16:37, Raditha Dissanayake a écrit :
Guillouet Nicolas wrote:
Hi,
I discover a surprising thing with PHPSESSID, I try something like this
:
$var=htmldoc -t html --quiet ''
'https://login:[EMAIL
PROTECTED]/file.php?documentIdent=157typeAffiche=3PHPSESSID=068dd351a106bb6ead80e11a27f75100';
echo 'var='.$var;
passthru($var);
passthru is waiting for and
Guillouet Nicolas wrote:
Hi,
I discover a surprising thing with PHPSESSID, I try something like this
:
$var=htmldoc -t html --quiet ''
'https://login:[EMAIL
PROTECTED]/file.php?documentIdent=157typeAffiche=3PHPSESSID=068dd351a106bb6ead80e11a27f75100';
echo 'var='.$var;
passthru($var);
passthru
Hi everyone,
I have this situation:
I use some regular expressions to rewrite the URL of a web site,
in particular:
http://www.mysite.com/lingua-ita/colore-rosso/pagina.html
that becames
http://www.mysite.com/pagina.php?lingua=itacolore=rosso.
Is all ok until I use some session variables.
It
Hi everyone,
I have this situation:
I use some regular expressions to rewrite the URL of a web site,
in particular:
http://www.mysite.com/lingua-ita/colore-rosso/pagina.html
that becames
http://www.mysite.com/pagina.php?lingua=itacolore=rosso.
Is all ok until I use some session variables.
It
This should be a simple question but I can't find the answer in the manual.
is it necessary to global variables or constants in functions?
i.e.
function Foo()
{
global $PHPSESSID;
global SID; // how would you do that anyway?
}
Thanks in advance
Daryl
--
PHP General Mailing List
: Wednesday, July 30, 2003 12:59 PM
Subject: [PHP] PHPSESSID AND SID
This should be a simple question but I can't find the answer in the
manual.
is it necessary to global variables or constants in functions?
i.e.
function Foo()
{
global $PHPSESSID;
global SID; // how would you do that anyway
What php.ini setting causes the following:
A link in a document a href=index.phpindex/a gets modified by PHP,
so that the end-user sees
a href=index.php?PHPSESSID=(*Uwhatever*$GIODGindex/a
in the source? How do you turn this off?
Thanks,
Kris
--
PHP General Mailing List (http://www.php.net/)
On Wednesday 16 July 2003 22:45, Kris Yates wrote:
What php.ini setting causes the following:
A link in a document a href=index.phpindex/a gets modified by PHP,
so that the end-user sees
a href=index.php?PHPSESSID=(*Uwhatever*$GIODGindex/a
in the source? How do you turn this off?
--- Kris Yates [EMAIL PROTECTED] wrote:
What php.ini setting causes the following:
A link in a document a href=index.phpindex/a gets
modified by PHP, so that the end-user sees
a href=index.php?PHPSESSID=(*Uwhatever*$GIODGindex/a
in the source? How do you turn this off?
Hey List-
I'm trying to figure out how to make the PHPSESSID cookie be longer then 32
characters?
One can set the entropy file and entropy length, but if my understanding of
entropy is correct then that just helps randomize the 32 chars and not not
actually make a string that much longer or
Hi Henrik,
Take a look at session_id, you can use it to get or set the session id.
Using some of my random generation functions I juse 72 to 96 character
session ids for my more secure PHP applications. Remember if you want
it to remain secure you need to pass it through SSL, longer keys do
Hi Everyone,
I'm working on securing my application, and am running into a slight issue
that I cannot seem to find a fix for. If the attacker changes his PHPSESSID
cookie to contain illegal characters, it causes an error on the screen upon
session_start().
How can I check to see if this is a
I'm working on securing my application, and am running into a slight
issue
that I cannot seem to find a fix for. If the attacker changes his
PHPSESSID
cookie to contain illegal characters, it causes an error on the screen
upon
session_start().
How can I check to see if this is a valid
At 05:45 08.03.2003, Liam Gibbs said:
[snip]
Here's the newest brain teaser: I have cookies disabled (well, I have IE set
to the highest security mode, where it disables cookies). I understand that
with cookies enabled, $PHPSESSID will return nothing when
I think it might have something to do with --enable-trans-sid
read up on that
Jim
- Original Message -
From: Liam Gibbs [EMAIL PROTECTED]
To: php list [EMAIL PROTECTED]
Sent: Friday, March 07, 2003 8:45 PM
Subject: [PHP] $PHPSESSID
First of all, thanks all who helped with the min
First of all, thanks all who helped with the min and max functions (that works) and
the dollar sign bit (which also works). Kudos. Couldn't have done it without y'all!
Here's the newest brain teaser: I have cookies disabled (well, I have IE set to the
highest security mode, where it disables
Hello,
Have a strange problem since upgrading to 4.2.2.
On a clients first visit to a site, the PHPSESSID gets written into the
URL, but not on any additional requests.
Has anyone had this problem? It wasn't happening before the upgrade.
Running:
Redhat 7.3
PHP 4.2.2
On a clients first visit to a site, the PHPSESSID gets written into the
URL, but not on any additional requests.
Has anyone had this problem? It wasn't happening before the upgrade.
Running:
Redhat 7.3
PHP 4.2.2
Apache 1.3.26
The same thing happens to me, however, sessions are
On Thursday 29 August 2002 08:00, Todd Pasley wrote:
On a clients first visit to a site, the PHPSESSID gets written into the
URL, but not on any additional requests.
Has anyone had this problem? It wasn't happening before the upgrade.
Running:
Redhat 7.3
PHP 4.2.2
Apache
Hi, I have a few questions with php sessions, below is an example script:
test_sess.php
-
?php
session_cache_limiter();
session_start();
?
A HREF=/local/path.phplocal path/A
When I initially load the file (session cookie gets set), the HREF link
gets the PHPSESSID appended to
Actually, over the weekend, I started using sessions in my scripts.
All I did was start it using session_start();
I only noticed this behaviour using Opera 6.02 Linux browser running
under FBSD 4.6-Stable.
(It may have happened in mozilla 1.0 r3, but I may have not paid
attention to it).
I load
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all
I've just moved host and I'm getting a very ugly PHPSESSID string
appended to my url's
I know this can be fixed but can't remember how, my ISP is not so bright
so I was hoping someone could tell me what to tell them.
How can I change this?
On Tuesday 09 April 2002 17:20, Nick Wilson wrote:
Hi all
I've just moved host and I'm getting a very ugly PHPSESSID string
appended to my url's
This happens when php is compiled with the --enable-trans-sid option.
I know this can be fixed but can't remember how, my ISP is not so bright
I have a website where I use sessions. After a user has logged of, the logon
screen appears again. The username field is filled with the value from a
cookie.
What happens:
For example: username = Peter
In the situation that I log of (and the logon page appears), the username
field gets the
Hi All,
I have a few scripts using $PHPSESSID to softly disable cookies
requirement on some pages. I just installed PHP 4.1.0 and I am porting some
lines to adapt to the new version.
If I do this:
?php
echo $PHPSESSID;
?
It doesn't show nothing at all. Did something changed, does
Hi
One way is ?echo session_id()? or if cookies aren't used try ?=SID?
$PHPSESSID seems to only get set if it comes back as a cookie
Tom
At 04:39 AM 18/12/01, Julio Nobrega Trabalhando wrote:
Hi All,
I have a few scripts using $PHPSESSID to softly disable cookies
requirement on some
JNT If I do this:
JNT ?php
JNT echo $PHPSESSID;
I've encountered the same when instaling the Mandrake Linux 8.1 with a
precompiled php - also 4.1.0.
Sessions just doesn't seem to work no matter how I access them.
I installed Redhat 7.1 on my server again, and left the problem for my
ISP.
I use session in my Shopping cart program.
start with
session_start() ;
and register the value with
session_register('uid') ;
when I want to pass the session value to another page I use
echo "a href='somepage.php'click/a" ;
In 'somepage.php' I try to echo $uid the output that
I use session in my Shopping cart program.
start with
session_start() ;
and register the value with
session_register('uid') ;
when I want to pass the session value to another page I use
echo "a href='somepage.php'click/a" ;
In 'somepage.php' I try to echo $uid the output that
If the user's browser does not support the session cookie like it should,
PHP will automatically "rewrite" your url's and add "?PHPSESSID=".
So you don't need to force PHPSESSID to be sent, but you could always just
add ?PHPSESSID= onto all the urls you want.
It's just really ugly that way.
Hi
You will probably need to make clean and rebuild php config and do a new
make against the new version of apache.
Just a guess
Tom
At 12:28 PM 5/04/01 +0900, Maxim Maletsky wrote:
Hello,
my co-worker has reinstalled Apache and PHP over the last night.
The Apache was upgraded to the new
, look for a second evil twin of php.ini
-Ben
-Original Message-
From: trogers [mailto:[EMAIL PROTECTED]]
Sent: Sunday, April 08, 2001 6:59 PM
To: 'PHP General List. (E-mail)'
Subject: Re: [PHP] PHPSESSID sticks to every link after upgrate of
Apache/PHP
Hi
You will probably need to make
Hello,
my co-worker has reinstalled Apache and PHP over the last night.
The Apache was upgraded to the new version while PHP was re-installed the
same.
PHP.ini was untouched.
Site uses sessions and, somehow, after this upgrade started carrying
PHPSESSID through HREF.
What should look
Maxim Maletsky wrote:
Site uses sessions and, somehow, after this upgrade started carrying
PHPSESSID through HREF.
Sounds to me like php was compliled with the --enable-trans-sid option
which does exactly that.
Just a guess.
Regards
Joseph
--
PHP General Mailing List
Hm...what browser are you using to test the site?
By using the trans_id option I believe that tells PHP to append the sessid
into the url if the cookie is not being accepted.
Try turning it off and trying it, and you may need to comment out the
url.rewriter thing directly under that option.
Where is the temp session file held at? I have a script that uses sessions
but I can't find the session file.
My php.ini file indicates that the session.save_path = c:\php\sessiondata
but there is not any files there when there should be.
Change those \ to / and keep all the players happy.
It
Where is the temp session file held at? I have a script that uses sessions but I can't
find the session file.
My php.ini file indicates that the session.save_path = c:\php\sessiondata but there is
not any files there when there should be. It does look like the session is working
though.
Any
49 matches
Mail list logo
