Re: [PHP] PHP sessions expiring early
On 09/07/2011 03:50 PM, Paul Waring wrote: I'm having trouble with a PHP website which requires users to be logged in to access all content other than the home page and a couple of static pages (about us, contact us etc.). Several users have said they are being logged out every few minutes whilst using the site - they can login but will be shown the login form again after a few minutes. I can't confirm this myself as the site seems to work fine for me - even using the same browser as they are and under their accounts - but I'm wondering if this could be a problem with the session settings? You have set gc_maxlifetime to 3600 seconds. How much expire time have you set? Because, every 3600 seconds, session data stored is considered as garbage and php clears them out itself. If your expiration time is more than 3600 seconds, then this will not work. You need to increase gc_maxlifetime. For the other case, I'm clueless. -- Nilesh Govindarajan http://nileshgr.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions expiring early
On 07/09/11 11:47, Nilesh Govindarajan wrote: On 09/07/2011 03:50 PM, Paul Waring wrote: I'm having trouble with a PHP website which requires users to be logged in to access all content other than the home page and a couple of static pages (about us, contact us etc.). Several users have said they are being logged out every few minutes whilst using the site - they can login but will be shown the login form again after a few minutes. I can't confirm this myself as the site seems to work fine for me - even using the same browser as they are and under their accounts - but I'm wondering if this could be a problem with the session settings? You have set gc_maxlifetime to 3600 seconds. How much expire time have you set? Because, every 3600 seconds, session data stored is considered as garbage and php clears them out itself. Yes, I'm aware of that. However, users are being logged out after a few minutes, not one hour of inactivity (which is what I'd expect with 3600 seconds). If your expiration time is more than 3600 seconds, then this will not work. You need to increase gc_maxlifetime. If you mean the expiration time of the session cookie, it is set to 0, which means it shouldn't be deleted until the browser is closed (or the user logs out, at which point it is deleted immediately). Paul -- Paul Waring http://www.phpdeveloper.org.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions expiring early
On 7 September 2011 11:20, Paul Waring p...@phpdeveloper.org.uk wrote: I'm having trouble with a PHP website which requires users to be logged in to access all content other than the home page and a couple of static pages (about us, contact us etc.). Several users have said they are being logged out every few minutes whilst using the site - they can login but will be shown the login form again after a few minutes. I can't confirm this myself as the site seems to work fine for me - even using the same browser as they are and under their accounts - but I'm wondering if this could be a problem with the session settings? The current settings I have are: session.auto_start Off session.bug_compat_42 On session.bug_compat_warn On session.cache_expire 180 session.cache_limiter nocache session.cookie_domain no value session.cookie_httponly Off session.cookie_lifetime 0 session.cookie_path / session.cookie_secure Off session.entropy_file no value session.entropy_length 0 session.gc_divisor 100 session.gc_maxlifetime 3600 session.gc_probability 1 session.hash_bits_per_character 4 session.hash_function 0 session.name PHPSESSID session.referer_check no value session.save_handler files session.save_path /shared/sessions session.serialize_handler php session.use_cookies On session.use_only_cookies Off session.use_trans_sid 0 The only options I have changed from the defaults are gc_maxlifetime, gc_probability and save_path. There are several sites on the same server, some are https, others just plain http. They all use the same session options. session_start() is called once on every page. The PHP version we're running is: PHP 5.2.6-1+lenny13 with Suhosin-Patch 0.9.6.2 (cli) (built: Jul 1 2011 16:01:01). I'm aware it's an old version before anyone tells me to upgrade (it's the latest stable version in Debian Lenny). :) Potential problems I have already ruled out: 1. I don't think it's a browser problem as the users have a variety of browsers and versions (we log the user agent for each login, they're mostly IE7/8 on XP/Vista/7 with a few Chrome users), and I can't reproduce the problem using the same browsers on my machine. 2. The server time is correct. 3. The sessions aren't stored in a directory which is being regularly cleared out, such as /var/lib/php5 or /tmp. 4. The web server has permission to write to the save_path directory, and I can see session files being created. 5. No output buffering functions are being used. Can anyone suggest things which I could try? I cannot work out why this problem is happening for some users but not me. Thanks in advance. Paul How do you handle multiple logins? If I login using my laptop and get Session A for my account and then I login using my desktop and get Session B for my account, does Session A get killed? Do you allow multiple, simultaneous logins per account? -- Richard Quadling Twitter : EE : Zend : PHPDoc @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY : bit.ly/lFnVea -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions expiring early
On 7 September 2011 11:20, Paul Waring p...@phpdeveloper.org.uk wrote: Can anyone suggest things which I could try? I cannot work out why this problem is happening for some users but not me. For browsers/extensions that do automatic read ahead (I load page A and linked pages B and C are also retrieved). Is the potential for cached pages to be returned for a user NOT logged in? -- Richard Quadling Twitter : EE : Zend : PHPDoc @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY : bit.ly/lFnVea -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions expiring early
Just confirm once that you are not calling session_destroy somewhere. Thanks, Vikash Kumar -- http://vika.sh On 7 September 2011 16:46, Richard Quadling rquadl...@gmail.com wrote: On 7 September 2011 11:20, Paul Waring p...@phpdeveloper.org.uk wrote: Can anyone suggest things which I could try? I cannot work out why this problem is happening for some users but not me. For browsers/extensions that do automatic read ahead (I load page A and linked pages B and C are also retrieved). Is the potential for cached pages to be returned for a user NOT logged in? -- Richard Quadling Twitter : EE : Zend : PHPDoc @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY : bit.ly/lFnVea -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions expiring early
On 07/09/11 12:15, Richard Quadling wrote: How do you handle multiple logins? If I login using my laptop and get Session A for my account and then I login using my desktop and get Session B for my account, does Session A get killed? Session A is killed, your last login is always the current one. Do you allow multiple, simultaneous logins per account? No, but then each user is accessing their account from a single machine and browser anyway (i.e. they don't switch from desktop to laptop and then back again), so we don't even have people trying to have simultaneous logins. -- Paul Waring http://www.phpdeveloper.org.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions expiring early
On 07/09/11 12:20, vikash.i...@gmail.com wrote: Just confirm once that you are not calling session_destroy somewhere. The only place session_destroy is called is in the logout function, which itself is only called if a user clicks the logout link. -- Paul Waring http://www.phpdeveloper.org.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions expiring early
On 07/09/11 12:16, Richard Quadling wrote: On 7 September 2011 11:20, Paul Waringp...@phpdeveloper.org.uk wrote: Can anyone suggest things which I could try? I cannot work out why this problem is happening for some users but not me. For browsers/extensions that do automatic read ahead (I load page A and linked pages B and C are also retrieved). I hadn't thought of that. However, we audit all user logins and logouts, as well as all page requests. If the browser was pre-fetching the logout page, we'd have 'user logout' entries in our logs, but the only notices we have are for users logging in. If users were being logged out because of pre-fetching, I'd expect to see each login entry have a corresponding logout entry. Is the potential for cached pages to be returned for a user NOT logged in? Any pages which a user has viewed whilst logged in shouldn't be cached, assuming the browser is respecting the headers. They are all sent with: Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 -- Paul Waring http://www.phpdeveloper.org.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions expiring early
On 07/09/11 13:42, Richard Quadling wrote: On 7 September 2011 12:32, Paul Waringp...@phpdeveloper.org.uk wrote: On 07/09/11 12:16, Richard Quadling wrote: On 7 September 2011 11:20, Paul Waringp...@phpdeveloper.org.ukwrote: Can anyone suggest things which I could try? I cannot work out why this problem is happening for some users but not me. For browsers/extensions that do automatic read ahead (I load page A and linked pages B and C are also retrieved). I hadn't thought of that. However, we audit all user logins and logouts, as well as all page requests. If the browser was pre-fetching the logout page, we'd have 'user logout' entries in our logs, but the only notices we have are for users logging in. If users were being logged out because of pre-fetching, I'd expect to see each login entry have a corresponding logout entry. Is the potential for cached pages to be returned for a user NOT logged in? Any pages which a user has viewed whilst logged in shouldn't be cached, assuming the browser is respecting the headers. They are all sent with: Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 How is your code determining if they need to be redirected back to the login page? The test is whether two $_SESSION elements are set and match ones in the database, plus whether the last page view by the user (stored in the database, updated on each request) was less than one hour ago. What changes that information? A page load changed the 'last page view time'. Nothing changes the other session data, except an explicit logout (which sets $_SESSION = array() and calls session_destroy). Can you monitor it externally? I'm not sure what you mean by 'externally'. Most of the site requires a login, so it's not possible for a third-party to monitor it if that's what you mean. -- Paul Waring http://www.phpdeveloper.org.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions - users being automatically logged out
Inc session.cache_expire. You have only 3 minutes. This means browser will drop cookie containing session id in three minutes, or even less, of clients inactivity. I prefer to set expire-time to zero. So, browser will never forget session id. In other case, if security requires, i usually set it to 24 hours, to avoid some mystic problems, in case of misconfigured servers and/or clients TZ; they are rare. 2010/11/4, Paul Waring p...@xk7.net: I'm having trouble with a PHP site whereby some users are being logged out on a regular basis. This will usually happen after they have been using the site for a few minutes, they can login without any problems and access a few pages, but then suddenly they will request a page and be sent to the login form, which suggests that their session no longer exists. However, this doesn't affect all users - I can login and use the application without any problems, as can some other users. According to phpinfo(), the following session values are set (all are what I'd expect - either the default or something I've deliberately changed): session.auto_start = Off session.bug_compat_42 = On session.bug_compat_warn = On session.cache_expire = 180 session.cache_limiter = nocache session.cookie_domain = no value session.cookie_httponly = Off session.cookie_lifetime = 0 session.cookie_path = / session.cookie_secure = Off session.entropy_file = no value session.entropy_length = 0 session.gc_divisor = 100 session.gc_maxlifetime = 1440 session.gc_probability = 1 session.hash_bits_per_character = 4 session.hash_function = 0 session.name = PHPSESSID session.referer_check = no value session.save_handler = files session.save_path = /shared/sessions session.serialize_handler = php session.use_cookies = On session.use_only_cookies = Off session.use_trans_sid = 0 I've tried checking a few obvious things: * IP addresses - the site doesn't use the IP address as part of the authentication process, and almost all our users (including the ones experiencing problems) have static IP addresses anyway. * Number of sessions - there are between 40-60 session files on disk at any one time, so I doubt there's a maximum number of session files limit being broken, if such a configuration option exists. * Permissions - the web server user (www-data) has read/write permissions to the directory where the sessions are stored and all the files within it, and they are all owned by this user. Is there anything else obvious which could be causing the problem? This seemed to occur when we moved hosts, and I haven't changed the site's session handling code for some time, so I suspect it might be a configuration issue but can't figure out what. Thanks, Paul -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions - users being automatically logged out
On 04/11/10 14:56, Alexander Holodny wrote: Inc session.cache_expire. You have only 3 minutes. This means browser will drop cookie containing session id in three minutes, or even less, of clients inactivity. According to the PHP manual: session.cache_expire specifies time-to-live for cached session pages in minutes, this has no effect for nocache limiter. So the value of session.cache_expire should be ignored, as session.cache_limiter is set to nocache. Paul -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions
On Fri, 2010-03-12 at 19:29 -0500, Martine Osias wrote: Hi: I need to store variables to send then between pages. I don't need the variables in a database so I try to send them with sessions. The variables don't seem to be there when I try to get them. What could be the problem. Here are the pages where I store and retrieve the variables. Page 1 (variables stored): ?php session_start(); $_SESSION['scripture_text'] = $row_scripture['ScriptureText']; $_SESSION['scripture_ref'] = $row_scripture['ScriptureRef']; ? Page 2 (variables retrieved): ?php session_start(); include(includes/config.php); ? !DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd; html xmlns=http://www.w3.org/1999/xhtml; head /head body table width=100% align=center border=0 tr td align=left?=laquo;.$_SESSION['scripture_text'].raquo;?/td /tr tr td style=font-size: smaller; align=right?=$_SESSION['scripture_ref']?/td /tr /table /body /html Are there any errors, either displayed or in the error log? Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] PHP Sessions
Martine Osias wrote: Hi: I need to store variables to send then between pages. I don't need the variables in a database so I try to send them with sessions. The variables don't seem to be there when I try to get them. What could be the problem. Here are the pages where I store and retrieve the variables. Page 1 (variables stored): ?php session_start(); $_SESSION['scripture_text'] = $row_scripture['ScriptureText']; $_SESSION['scripture_ref'] = $row_scripture['ScriptureRef']; Do sessions work at all? Something simple, like ?php //a.php session_start(); $_SESSION['test']=foo; echo 'a href=b.phpClick me/a'; ? ?php //b.php session_start(); echo $_SESSION['test']; // should say foo ? * ... would be a good 1st test. If that works, I'd suspect that $row_scripture['ScriptureText'] and friends are empty. If it doesn't, I'd suspect a combination of very strict browser privacy settings (disallow all cookies) with lame server config (use_only_cookies), or that session support is missing or disabled. HTH, KDK -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions
Forgot to mention, you could check into the privacy vs. server settings by doing: session_start(); echo session_id(); on both pages. If they're different, then this is the problem. KDK -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions
Hello Martine, Try to make on the second page a print_r ($_SESSION); -- With best regards from Ukraine, Andre Skype: Francophile; WlmMSN: arthaelon @ yandex.ru; Jabber: arthaelon @ jabber.org Yahoo! messenger: andre.polykanine; ICQ: 191749952 Twitter: m_elensule - Original message - From: Martine Osias webi...@gmail.com To: php-general@lists.php.net php-general@lists.php.net Date: Saturday, March 13, 2010, 2:29:41 AM Subject: [PHP] PHP Sessions Hi: I need to store variables to send then between pages. I don't need the variables in a database so I try to send them with sessions. The variables don't seem to be there when I try to get them. What could be the problem. Here are the pages where I store and retrieve the variables. Page 1 (variables stored): ?php session_start(); $_SESSION['scripture_text'] = $row_scripture['ScriptureText']; $_SESSION['scripture_ref'] = $row_scripture['ScriptureRef']; ? Page 2 (variables retrieved): ?php session_start(); include(includes/config.php); ? !DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd; html xmlns=http://www.w3.org/1999/xhtml; head /head body table width=100% align=center border=0 tr td align=left?=laquo;.$_SESSION['scripture_text'].raquo;?/td /tr tr td style=font-size: smaller; align=right?=$_SESSION['scripture_ref']?/td /tr /table /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions, AJAX, authentication and security.
You could use a one time token on each request Bastien Sent from my iPod On Nov 21, 2009, at 6:30 AM, Angus Mann angusm...@pobox.com wrote: Hi all. A question about PHP sessions and their interaction with AJAX. I have a database containing sensitive information and users need to log in to my PHP script and be authenticated before they are granted access. For one of the forms I would like to retrieve information using AJAX, and some of that information is sensitive also. The request from AJAX is handled by another, simpler PHP script. It occurs to me that the AJAX handler could be used to bypass the user authentication and a crafted request sent directly to the AJAX handler to get information without authentication. Can anyone offer some advice about how to piggy-back the session/ authentication data that the user originally used to the AJAX so that only an authenticated user will get a valid response from the AJAX handler? I know I could embed authentication information into the web-page and send this with the AJAX request but I'm interested to know if there are other methods also. I hope the explanation is clear. Thanks in advance. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP sessions, AJAX, authentication and security.
At 9:30 PM +1000 11/21/09, Angus Mann wrote: Hi all. A question about PHP sessions and their interaction with AJAX. I have a database containing sensitive information and users need to log in to my PHP script and be authenticated before they are granted access. For one of the forms I would like to retrieve information using AJAX, and some of that information is sensitive also. The request from AJAX is handled by another, simpler PHP script. It occurs to me that the AJAX handler could be used to bypass the user authentication and a crafted request sent directly to the AJAX handler to get information without authentication. Can anyone offer some advice about how to piggy-back the session/authentication data that the user originally used to the AJAX so that only an authenticated user will get a valid response from the AJAX handler? I know I could embed authentication information into the web-page and send this with the AJAX request but I'm interested to know if there are other methods also. I hope the explanation is clear. Thanks in advance. Angus: First, don't trust anything that comes from the client -- period. Second, Ajax is just another way to send stuff to the server. When the data gets to the server then authenticate and set a session variable to indicate such. This is not rocket science, but if you don't do it right you'll leave a crater. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions and Google
On 6/7/06, tedd [EMAIL PROTECTED] wrote: Can someone shed some light on this for me? How can one do sessions and make Google bots happy? I think what they're getting at is don't use session id's unless they're logged in. -- Anthony Ettinger Signature: http://chovy.dyndns.org/hcard.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions and Google (Solved)
At 12:47 PM +1000 6/8/06, Chris wrote: tedd wrote: At 10:56 AM +1000 6/8/06, Chris wrote: tedd wrote: Hi gang: I've read that php sessions can create problems for Google bots. -snip- Chris: Thanks -- after your lead, I found that my site's session.use_trans_sid was turned off by default. So, it wasn't the problem I thought it might have been. So your page urls don't automatically append the session id to the end? I might have the wrong variable name so if you're still seeing them, I obviously have it wrong... No, you're right and my url's are clean of SID's -- they always have been, that was the default. The problem I was trying to figure out was how the use of SID's cause SE's to fail and how that works. I figured that once I understand how that worked, then I could keep from doing it. I just needed to see for myself what it was. You know, one of my wonder why this works studies. While the problem wasn't present for me, which at the start of this I wasn't sure about, I did learn how it works and why SE's have problems with indexing url's that have ? in them. For those interested in this thread, this is what I believe is happening. If you have a web page that uses SID's in it's url, then it appears to a SE as something like this (using one of my sites as an example): http://ancientstones.com?PHPSESSID=1234 and not like: http://ancientstones.com/ So the SE grabs the page with the SID. The next time it travels your site, it see's: http://ancientstones.com?PHPSESSID=5678 and grabs that page. After a while, Google has numerous duplicate pages and has to pick one to be representative of your site and store all the others into it's supplemental index. Now when Google determines PageRank for your site, it does so by calculating how many sites link to your site (simple version). If Google has picked: http://ancientstones.com?PHPSESSID=5678 to be THE representative for your site, then you're sunk because no one uses a SID in their link to your site. Your site will always have a PR of 0 -- as it is with the referenced site. While the site ranks very high (currently #1) in a Google search for Custom Tile Medallions, it has a PR of 0. I was trying to figure out what was happening and if there was something I was doing in using php caused the low PR. I found that PHP wasn't the problem -- and now I know that. At least, that's the way I understand what's going on -- if I'm mistaken, please correct me. tedd -- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions and Google
tedd wrote: Hi gang: I've read that php sessions can create problems for Google bots. For example, the following was taken from a Google Web Master Help Center: -- Quote -- Allow search bots to crawl your sites without session IDs or arguments that track their path through the site. These techniques are useful for tracking individual user behavior, but the access pattern of bots is entirely different. Using these techniques may result in incomplete indexing of your site, as bots may not be able to eliminate URLs that look different but actually point to the same page. -- Un-quote -- http://www.google.com/support/webmasters/bin/answer.py?answer=35770 I've also seen a comment here: http://www.weberdev.com/get_example-3431.html But, I'm not following what's happening. Can someone shed some light on this for me? How can one do sessions and make Google bots happy? use_trans_sid (I think) will append the sessionid to all pages, so instead of: /page.php it will become /page.php?PHPSESSID=x much the same as if you do: ?php echo '/page.php?' . SID; ? Bots don't like that, so where possible turn use_trans_sid off (check manual about when/how you can do this). -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions and Google
At 10:56 AM +1000 6/8/06, Chris wrote: tedd wrote: Hi gang: I've read that php sessions can create problems for Google bots. For example, the following was taken from a Google Web Master Help Center: -- Quote -- Allow search bots to crawl your sites without session IDs or arguments that track their path through the site. These techniques are useful for tracking individual user behavior, but the access pattern of bots is entirely different. Using these techniques may result in incomplete indexing of your site, as bots may not be able to eliminate URLs that look different but actually point to the same page. -- Un-quote -- http://www.google.com/support/webmasters/bin/answer.py?answer=35770 I've also seen a comment here: http://www.weberdev.com/get_example-3431.html But, I'm not following what's happening. Can someone shed some light on this for me? How can one do sessions and make Google bots happy? use_trans_sid (I think) will append the sessionid to all pages, so instead of: /page.php it will become /page.php?PHPSESSID=x much the same as if you do: ?php echo '/page.php?' . SID; ? Bots don't like that, so where possible turn use_trans_sid off (check manual about when/how you can do this). Chris: Thanks -- after your lead, I found that my site's session.use_trans_sid was turned off by default. So, it wasn't the problem I thought it might have been. Thanks again. tedd -- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions and Google
tedd wrote: At 10:56 AM +1000 6/8/06, Chris wrote: tedd wrote: Hi gang: I've read that php sessions can create problems for Google bots. For example, the following was taken from a Google Web Master Help Center: -- Quote -- Allow search bots to crawl your sites without session IDs or arguments that track their path through the site. These techniques are useful for tracking individual user behavior, but the access pattern of bots is entirely different. Using these techniques may result in incomplete indexing of your site, as bots may not be able to eliminate URLs that look different but actually point to the same page. -- Un-quote -- http://www.google.com/support/webmasters/bin/answer.py?answer=35770 I've also seen a comment here: http://www.weberdev.com/get_example-3431.html But, I'm not following what's happening. Can someone shed some light on this for me? How can one do sessions and make Google bots happy? use_trans_sid (I think) will append the sessionid to all pages, so instead of: /page.php it will become /page.php?PHPSESSID=x much the same as if you do: ?php echo '/page.php?' . SID; ? Bots don't like that, so where possible turn use_trans_sid off (check manual about when/how you can do this). Chris: Thanks -- after your lead, I found that my site's session.use_trans_sid was turned off by default. So, it wasn't the problem I thought it might have been. So your page urls don't automatically append the session id to the end? I might have the wrong variable name so if you're still seeing them, I obviously have it wrong... -- Postgresql php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php, sessions and ie
Thanks for the information
On 4/4/06, Chrome [EMAIL PROTECTED] wrote:
I let GC and cookie expiration handle ending the session... The cookie was
only set for 15 minutes
Dan
---
http://chrome.me.uk
-Original Message-
From: Dallas Cahker [mailto:[EMAIL PROTECTED]
Sent: 04 April 2006 19:41
To: php-general@lists.php.net
Subject: Re: [PHP] php, sessions and ie
How are you destroying the sessions if they leave the site (dont logout).
do
you check on activity or something else?
On 4/4/06, Dan Parry [EMAIL PROTECTED] wrote:
I have had some issues with sessions and IE in the past and used the
following code to start the session
?php
if (isset($SessID)){ session_id($SessID); }
session_start();
header(Cache-control: private); // IE 6 Fix.
setcookie(SessID, session_id(), time() + 60 * 15);
?
Now, though, I always use a DB to store sessions... Much nicer
HTH
Dan
-
Dan Parry
Senior Developer
Virtua Webtech Ltd
http://www.virtuawebtech.co.uk
-Original Message-
From: Dallas Cahker [mailto:[EMAIL PROTECTED]
Sent: 04 April 2006 16:19
To: php-general@lists.php.net
Subject: [PHP] php, sessions and ie
I've been hearing some of my friends saying there is an issue with
Session
in PHP and IE having problems with them. Is that true? If it is how do
people get around this? Session information saved to db? Session id in
cookie?
__ NOD32 1.1454 (20060321) Information __
This message was checked by NOD32 antivirus system.
http://www.eset.com
Re: [PHP] php, sessions and ie
I used to use a database table which housed their information, and their cookie housed their sessionID that the server assigned them when they logged in. Grabbing the sessionID only from the cookie (and their IP) I was able to log most people in (even dynamic IPs don't change THAT often). For those whom were dealing with a changed IP, the system had them verify just their password. Wrong password dumped them back out and asked for full login information. no browser issues at the time. Wolf Dallas Cahker wrote: I've been hearing some of my friends saying there is an issue with Session in PHP and IE having problems with them. Is that true? If it is how do people get around this? Session information saved to db? Session id in cookie? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] php, sessions and ie
I have had some issues with sessions and IE in the past and used the
following code to start the session
?php
if (isset($SessID)){ session_id($SessID); }
session_start();
header(Cache-control: private); // IE 6 Fix.
setcookie(SessID, session_id(), time() + 60 * 15);
?
Now, though, I always use a DB to store sessions... Much nicer
HTH
Dan
-
Dan Parry
Senior Developer
Virtua Webtech Ltd
http://www.virtuawebtech.co.uk
-Original Message-
From: Dallas Cahker [mailto:[EMAIL PROTECTED]
Sent: 04 April 2006 16:19
To: php-general@lists.php.net
Subject: [PHP] php, sessions and ie
I've been hearing some of my friends saying there is an issue with Session
in PHP and IE having problems with them. Is that true? If it is how do
people get around this? Session information saved to db? Session id in
cookie?
__ NOD32 1.1454 (20060321) Information __
This message was checked by NOD32 antivirus system.
http://www.eset.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php, sessions and ie
How are you destroying the sessions if they leave the site (dont logout). do
you check on activity or something else?
On 4/4/06, Dan Parry [EMAIL PROTECTED] wrote:
I have had some issues with sessions and IE in the past and used the
following code to start the session
?php
if (isset($SessID)){ session_id($SessID); }
session_start();
header(Cache-control: private); // IE 6 Fix.
setcookie(SessID, session_id(), time() + 60 * 15);
?
Now, though, I always use a DB to store sessions... Much nicer
HTH
Dan
-
Dan Parry
Senior Developer
Virtua Webtech Ltd
http://www.virtuawebtech.co.uk
-Original Message-
From: Dallas Cahker [mailto:[EMAIL PROTECTED]
Sent: 04 April 2006 16:19
To: php-general@lists.php.net
Subject: [PHP] php, sessions and ie
I've been hearing some of my friends saying there is an issue with Session
in PHP and IE having problems with them. Is that true? If it is how do
people get around this? Session information saved to db? Session id in
cookie?
__ NOD32 1.1454 (20060321) Information __
This message was checked by NOD32 antivirus system.
http://www.eset.com
RE: [PHP] php, sessions and ie
I let GC and cookie expiration handle ending the session... The cookie was
only set for 15 minutes
Dan
---
http://chrome.me.uk
-Original Message-
From: Dallas Cahker [mailto:[EMAIL PROTECTED]
Sent: 04 April 2006 19:41
To: php-general@lists.php.net
Subject: Re: [PHP] php, sessions and ie
How are you destroying the sessions if they leave the site (dont logout). do
you check on activity or something else?
On 4/4/06, Dan Parry [EMAIL PROTECTED] wrote:
I have had some issues with sessions and IE in the past and used the
following code to start the session
?php
if (isset($SessID)){ session_id($SessID); }
session_start();
header(Cache-control: private); // IE 6 Fix.
setcookie(SessID, session_id(), time() + 60 * 15);
?
Now, though, I always use a DB to store sessions... Much nicer
HTH
Dan
-
Dan Parry
Senior Developer
Virtua Webtech Ltd
http://www.virtuawebtech.co.uk
-Original Message-
From: Dallas Cahker [mailto:[EMAIL PROTECTED]
Sent: 04 April 2006 16:19
To: php-general@lists.php.net
Subject: [PHP] php, sessions and ie
I've been hearing some of my friends saying there is an issue with Session
in PHP and IE having problems with them. Is that true? If it is how do
people get around this? Session information saved to db? Session id in
cookie?
__ NOD32 1.1454 (20060321) Information __
This message was checked by NOD32 antivirus system.
http://www.eset.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions
Chris Wagner wrote:
i recently started using PHP's sessions. i am finding that the sessions
seem to expire after 20 or 30 minutes -- or, at least the variables
which i set, within $_SESSION, are getting cleared after this relatively
short amount of time.
before calling session_start(), i do a few initializations:
ini_set('session.use_cookies', 1);
ini_set('session.use_trans_sid', 0);
ini_set('session.save_handler', 'files');
ini_set('session.serialize_handler', 'php');
ini_set('session.name', 'session-id');
i am not setting the 'session.cache_expire' INI variable, and even did a
check to make sure it was not being modified, and i found that it
contains the default value of 180 (minutes).
furthermore, the *cookie* is not expiring. i've also checked
'session.cookie_lifetime', and it is 0 (zero, for until browser is
closed). i've also checked the browser's cookie list, and the cookie
is still around at the time that i lose my session variables.
does anyone have any ideas as to why i may be losing my session
variables so early?
Check session.gc_lifetime or similar. That is the garbage collection
routine that goes through and deletes any session data files (in /tmp or
wherever your setup puts them) that are older than that config setting
value.
--
Jasper Bryant-Greene
Freelance web developer
http://jasper.bryant-greene.name/
If you find my advice useful, please consider donating to a poor
student! You can choose whatever amount you think my advice was
worth to you. http://tinyurl.com/7oa5s
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions?
rory walsh mailto:[EMAIL PROTECTED]
on Wednesday, March 02, 2005 11:19 AM said:
?php
if($_POST[username]==rory){//if user logs in as rory start session
session_start();
header(Cache-control: private);
$_SESSION['loggedin'] = yes;
}
Put session_start(); at the *very* beginning of your script. See if that
helps.
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions?
The problem there is that I have to test if the user has logged on so I
need to include the if statement? Can the session_start not be called
from within an if statement? Does it really have to be the very first
thing in the script, if so I imagine that this means a single script
cannot be used to manage a complete website?
Chris W. Parker wrote:
rory walsh mailto:[EMAIL PROTECTED]
on Wednesday, March 02, 2005 11:19 AM said:
?php
if($_POST[username]==rory){//if user logs in as rory start session
session_start();
header(Cache-control: private);
$_SESSION['loggedin'] = yes;
}
Put session_start(); at the *very* beginning of your script. See if that
helps.
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions?
rory walsh mailto:[EMAIL PROTECTED] on Wednesday, March 02, 2005 1:26 PM said: The problem there is that I have to test if the user has logged on so I need to include the if statement? Can the session_start not be called from within an if statement? Does it really have to be the very first thing in the script, if so I imagine that this means a single script cannot be used to manage a complete website? No session_start(); can go anywhere. It's just that it appears that your logic is setup in such a way that session_start(); is not being called when you need it be. By putting it before everything else you can avoid this. And as well, is there a reason you wouldn't want to just start the session at the beginning of the page? I mean, why wait till the user has submitted the form to start the session? Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions?
Yes I see what you mean. I only wanted to start a session IF the user logged in, but I see your point, the session can be started as soon as anyone opens the main page. I'll give it a go and see if that helps, cheers, Rory. Chris W. Parker wrote: rory walsh mailto:[EMAIL PROTECTED] on Wednesday, March 02, 2005 1:26 PM said: The problem there is that I have to test if the user has logged on so I need to include the if statement? Can the session_start not be called from within an if statement? Does it really have to be the very first thing in the script, if so I imagine that this means a single script cannot be used to manage a complete website? No session_start(); can go anywhere. It's just that it appears that your logic is setup in such a way that session_start(); is not being called when you need it be. By putting it before everything else you can avoid this. And as well, is there a reason you wouldn't want to just start the session at the beginning of the page? I mean, why wait till the user has submitted the form to start the session? Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions?
rory walsh wrote:
The problem there is that I have to test if the user has logged on so I
need to include the if statement?
there are 2 tests to do:
1. check to see whether the user is logged on already
2. check to see whether the user is trying to log on
Can the session_start not be called
from within an if statement?
not really, well you can but I can't think
of any reason that you would want to conditionally start the
session.
Does it really have to be the very first
thing in the script,
you have to call it before you use the session
(i.e. data stored in it).
if so I imagine that this means a single script
cannot be used to manage a complete website?
it can. maybe if I rewrite you code a little
it will help you understand:
?php
session_start(); // always start the session.
// you want something more secure as a login procedure!
if($_POST[username]==rory) {
// if user logs in as rory
// then mark the user as logged in
// in the session
$_SESSION['loggedin'] = yes;
}
if ($_SESSION['loggedin'] == yes) {
header(Cache-control: private);
}
Chris W. Parker wrote:
rory walsh mailto:[EMAIL PROTECTED]
on Wednesday, March 02, 2005 11:19 AM said:
?php
if($_POST[username]==rory){//if user logs in as rory start session
session_start();
header(Cache-control: private);
$_SESSION['loggedin'] = yes;
}
Put session_start(); at the *very* beginning of your script. See if that
helps.
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions?
Thanks everyone, I'm getting closer. The only problem I have not is that
I keep entering that test, I modified it to change the session variable
once we enter the test but it somehow does not seem to change it? This
is the code,
if(strlen($_SESSION['loggedin']==yes)){
$_SESSION['loggedin']=no;
$CONTENT = You are currently logged in as .$_POST[username].
form action=\index.php\ method=\POST\
input type=\submit\ value=\Log out\ /
input type=\hidden\ name=\logout\ value=\yes\//form
hrIf you would like to change the text on the main page please click
here a href=\index.php?action=edit\font color=\blue\Edit intro
page/afont color =\#136863\hrh3File Upload./h1hr Any files
will appear in the 'students' page of the website. Files that uploaded
here are not availablre to the public and can only be acccessed by
students who have logged in. Because of security issues only well know
file types such as word, acrobat and text files are legible for upload.
form enctype=\multipart/form-data\ action=\index.php\ method=\POST\
!-- MAX_FILE_SIZE must precede the file input field --
input type=\hidden\ name=\MAX_FILE_SIZE\ value=\3\ /
!-- Name of input element determines name in $_FILES array --
Send this file: input name=\userfile\ type=\file\ /
input type=\submit\ value=\Upload\ /
input type=\hidden\ name=\arg1\ value=\yes\
/form;
}
When I click the logout button it works fine, but when I click on the
link inside the page it simply reloads the same page as if the session
variable has not changed at all? If I link to a page like this does it
call the script again, or does this need to be done with a form submit?
I must apologise for my lack of knowledge here! I program in other
languages and as a result I have that I can get really deep in code I
don't understand very fast!
Rory Walsh wrote:
Yes I see what you mean. I only wanted to start a session IF the user
logged in, but I see your point, the session can be started as soon as
anyone opens the main page. I'll give it a go and see if that helps,
cheers,
Rory.
Chris W. Parker wrote:
rory walsh mailto:[EMAIL PROTECTED]
on Wednesday, March 02, 2005 1:26 PM said:
The problem there is that I have to test if the user has logged on so
I need to include the if statement? Can the session_start not be
called from within an if statement? Does it really have to be the
very first thing in the script, if so I imagine that this means a
single script cannot be used to manage a complete website?
No session_start(); can go anywhere. It's just that it appears that your
logic is setup in such a way that session_start(); is not being called
when you need it be. By putting it before everything else you can avoid
this.
And as well, is there a reason you wouldn't want to just start the
session at the beginning of the page? I mean, why wait till the user has
submitted the form to start the session?
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions?
rory walsh mailto:[EMAIL PROTECTED]
on Wednesday, March 02, 2005 2:08 PM said:
Thanks everyone, I'm getting closer. The only problem I have not is
that I keep entering that test, I modified it to change the session
variable once we enter the test but it somehow does not seem to
change it? This is the code,
Immediately I see:
if(strlen($_SESSION['loggedin']==yes)){
That doesn't make sense. Do you mean?:
if($_SESSION['loggedin'] == yes) {
And the next line:
$_SESSION['loggedin']=no;
Why are you reversing the value of 'loggedin'? Once the person is logged
in shouldn't they stay that way until session timeout or they log out?
When I click the logout button it works fine, but when I click on the
link inside the page it simply reloads the same page as if the session
variable has not changed at all? If I link to a page like this does it
call the script again, or does this need to be done with a form
submit? I must apologise for my lack of knowledge here! I program in
other languages and as a result I have that I can get really deep in
code I don't understand very fast!
Maybe you've already stated this in a previous email and I just don't
remember, what exactly is it that you're trying to accomplish?
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions?
Sorry bout that little mistake. You right I mean to check to see if
$_SESSION['loggedin'] == yes; That doesn't make a difference as it
turns out. The reason that I immediately change this is that I want the
content of the page to change, and in order to do that I want to stop it
from going into this code? Actually I am not going to do this, I will
use another variable, but by setting $_SESSION['loggedin'] to 'no' it
should not go into this test, but it somehow does? Is it to do with the
link:
a href=\index.php?action=edit\
does this call the script again, just as an action=script.php in a
form would? Cheers for the help on this.
Chris W. Parker wrote:
rory walsh mailto:[EMAIL PROTECTED]
on Wednesday, March 02, 2005 2:08 PM said:
Thanks everyone, I'm getting closer. The only problem I have not is
that I keep entering that test, I modified it to change the session
variable once we enter the test but it somehow does not seem to
change it? This is the code,
Immediately I see:
if(strlen($_SESSION['loggedin']==yes)){
That doesn't make sense. Do you mean?:
if($_SESSION['loggedin'] == yes) {
And the next line:
$_SESSION['loggedin']=no;
Why are you reversing the value of 'loggedin'? Once the person is logged
in shouldn't they stay that way until session timeout or they log out?
When I click the logout button it works fine, but when I click on the
link inside the page it simply reloads the same page as if the session
variable has not changed at all? If I link to a page like this does it
call the script again, or does this need to be done with a form
submit? I must apologise for my lack of knowledge here! I program in
other languages and as a result I have that I can get really deep in
code I don't understand very fast!
Maybe you've already stated this in a previous email and I just don't
remember, what exactly is it that you're trying to accomplish?
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions?
rory walsh mailto:[EMAIL PROTECTED]
on Wednesday, March 02, 2005 2:38 PM said:
Is it to do with the link:
a href=\index.php?action=edit\
does this call the script again, just as an action=script.php in a
form would? Cheers for the help on this.
Yes it does. But it doesn't erase the session values (it seems that's
what you think is happening?).
I think what you need to do (I do this sometimes too) is start from
scratch and create a very basic test page that works as expected. Then
slowly add in the features you want. It'll give you a much greater
understanding of how things work and where you're going wrong. Sure it's
tedious but it'll help you in the long run.
Here is a good base to start with:
?php
session_start();
if(isset($_GET['var']) !empty($_GET['var']))
{
$_SESSION['myVariable'] = from form;
}
else
{
$_SESSION['myVariable'] = direct request;
}
print_r($_SESSION);
?
hth,
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions?
Yeah your right, I'm trying to walk before I can crawl! Cheers for the help,
Rory.
Chris W. Parker wrote:
rory walsh mailto:[EMAIL PROTECTED]
on Wednesday, March 02, 2005 2:08 PM said:
Thanks everyone, I'm getting closer. The only problem I have not is
that I keep entering that test, I modified it to change the session
variable once we enter the test but it somehow does not seem to
change it? This is the code,
Immediately I see:
if(strlen($_SESSION['loggedin']==yes)){
That doesn't make sense. Do you mean?:
if($_SESSION['loggedin'] == yes) {
And the next line:
$_SESSION['loggedin']=no;
Why are you reversing the value of 'loggedin'? Once the person is logged
in shouldn't they stay that way until session timeout or they log out?
When I click the logout button it works fine, but when I click on the
link inside the page it simply reloads the same page as if the session
variable has not changed at all? If I link to a page like this does it
call the script again, or does this need to be done with a form
submit? I must apologise for my lack of knowledge here! I program in
other languages and as a result I have that I can get really deep in
code I don't understand very fast!
Maybe you've already stated this in a previous email and I just don't
remember, what exactly is it that you're trying to accomplish?
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions question
Reinhart Viane wrote:
in a page checkuser i do this after the user is logged in:
PHP Code
// Register some session variables!
session_register('userid');
$_SESSION['userid'] = $userid;
session_register('first_name');
$_SESSION['first_name'] = $first_name;
session_register('last_name');
$_SESSION['last_name'] = $last_name;
session_register('email_address');
$_SESSION['email_address'] = $email_address;
session_register('user_level');
$_SESSION['user_level'] = $user_level;
You should only save the userId in the session, everything else should
be retrieved from your database using that id.
Now let's say user 1 logs in, his session is registered (with userid from
database is 5 and first_name is XXX)
Then another user logs in, again his session is registered (with userid from
database is 1 and first_name is YYY)
Are both user's in the same computer? then there may be a question about
the old cookie being sent back to the server (if it's expiration time
has not been exceeded). If the users are not using the same computer the
chances are you have a bug in your code.
Now user 1 leaves the pages (closes the browser) and user 2 uploads a
document (with my own script).
When the document is succesfully uploaded i display this:
PHP Code
echo ($_SESSION['first_name'])., the document has been succesfully
added;
echo ($_SESSION['userid']);
This results in the folowing output:
YYY, the document has been succesfully added
5
Meaning the $_SESSION['first_name'] is correct, but the $_SESSION['userid']
is the one of the user who logged out...
Now when using user_id in all places it seems to work correctly...
Is userid something that is defined by the server when making sessions?
no.
If not, i don't have any clue what is going wrong...
Can someone help me on this? So i know what is wrong?
Thx in advance
Pout
--
Raditha Dissanayake.
http://www.radinks.com/sftp/ | http://www.raditha.com/megaupload
Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader
Graphical User Inteface. Just 128 KB | with progress bar.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions question
In message [EMAIL PROTECTED], raditha dissanayake
[EMAIL PROTECTED] writes
Reinhart Viane wrote:
in a page checkuser i do this after the user is logged in:
PHP Code
// Register some session variables!
session_register('userid');
$_SESSION['userid'] = $userid;
session_register('first_name');
$_SESSION['first_name'] = $first_name;
session_register('last_name');
$_SESSION['last_name'] = $last_name;
session_register('email_address');
$_SESSION['email_address'] = $email_address;
session_register('user_level');
$_SESSION['user_level'] = $user_level;
You should only save the userId in the session, everything else should
be retrieved from your database using that id.
I normally do as you have suggested here - but why do you suggest that
this method is better?
--
Pete Clark
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions question
Pete wrote: You should only save the userId in the session, everything else should be retrieved from your database using that id. I normally do as you have suggested here - but why do you suggest that this method is better? One reason is for security. You cannot ever rule out the possibility of a user injecting someone else's data into the session to get access to information that he should not have. Of course he can fake the userid too. That's why each time you retrieve the userid from the session you should check if that id has been logged in. I do this (so do many others) by keeping two column table with session id and userid in it. -- Raditha Dissanayake. http://www.radinks.com/sftp/ | http://www.raditha.com/megaupload Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader Graphical User Inteface. Just 128 KB | with progress bar. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] php sessions question
I normally do as you have suggested here - but why do you suggest that this method is better? One reason is for security. You cannot ever rule out the possibility of a user injecting someone else's data into the session to get access to information that he should not have. Of course he can fake the userid too. That's why each time you retrieve the userid from the session you should check if that id has been logged in. I do this (so do many others) by keeping two column table with session id and userid in it. -- Raditha Dissanayake. Do you have an example or dou you know of any tutorials where this method is used? Thx Reinhart -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions Question
It could be a case that your provider is load balancing across several machines. If they are, and they aren't storing the session data in a central location, then that might account for the issue. That would explain the intermittent failure. The user might be making keepalive requests to the same box and being ok, and then get bounced once it hits a machine that doesn't have the session data... You might ask them about it... Tim. At 09:43 PM 7/8/2004, Ed Lazor wrote: What kind of problems could be happening server-side that would result in PHP sessions randomly disappearing? And, is there a way to log or track this information? Oh, and best of all, any recommendations on solutions? I have a PHP / MySQL application that's been running at a host provider for almost a year now. PHP sessions are used to track logged in users, For example, $_SESSION[UserID]. If the UserID isn't stored as a session variable, the user must not be logged in, so prompt them with a login screen. Most recent updates were made last week and everything has been working fine until this afternoon. Session data is somehow being lost. It seems random. A person will be logged in and navigating through the site when they suddenly get a login screen. They'll log back in and continue navigating for a little while when it will happen again - sometimes within seconds and othertimes within minutes. Sometimes it won't even happen for 30 minutes and then it suddenly begins to occur again. Thanks in advance for any ideas or recommendations that I can forward to my hosting provider on how to fix the problem. -Ed SimpleNet's Back ! http://www.simplenet.com
RE: [PHP] PHP Sessions on Windows
How does one get sessions working on Windows? I have modified my php.ini file so that session.save_path = C:\Temp, restarted and Apache. Still I get this error message: Warning: session_start(): open(/tmp\sess_26310affee160329c9e50f27663f8971, O_RDWR) failed: No such file or directory (2) in c:\apache\htdocs\dbmdata\admin\61646d696e.php on line 2 check you have edited the correct php.ini -- run ? phpinfo() ? and check where the ini file is to make sure you changed the correct one... hth rich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions on Windows
OK, I managed to get it working. I first attempted to edit the php.ini so that the session save path was C:\Temp. No matter what I did, the save path always showed up in phpinfo() as /tmp. So I created folder on the root of C: called tmp and everything worked. Thanks, Dave -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions on Windows
-Original Message- From: David Mitchell [mailto:[EMAIL PROTECTED] Sent: 12 May 2004 13:21 OK, I managed to get it working. I first attempted to edit the php.ini so that the session save path was C:\Temp. No matter what I did, the save path always showed up in phpinfo() as /tmp. So I created folder on the root of C: called tmp and everything worked. This still looks like PHP is not looking for the php.ini file where you think it is. I strongly suggest you follow the previous advice to work out where PHP is actually expecting your php.ini to be, before you have a need to change another initialization parameter. Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions on Windows
I think you need to restart PHP to pickup the new php.ini changes. My php.ini is in the windows directory (I believe). -Original Message- From: David Mitchell [mailto:[EMAIL PROTECTED] Sent: 12 May 2004 13:21 OK, I managed to get it working. I first attempted to edit the php.ini so that the session save path was C:\Temp. No matter what I did, the save path always showed up in phpinfo() as /tmp. So I created folder on the root of C: called tmp and everything worked. This still looks like PHP is not looking for the php.ini file where you think it is. I strongly suggest you follow the previous advice to work out where PHP is actually expecting your php.ini to be, before you have a need to change another initialization parameter. Cheers! Mike -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions on Windows
David Mitchell wrote: I first attempted to edit the php.ini so that the session save path was C:\Temp. No matter what I did, the save path always showed up in phpinfo() as /tmp. So I created folder on the root of C: called tmp and everything worked. You were not editing the correct php.ini, then. -- ---John Holmes... Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/ php|architect: The Magazine for PHP Professionals www.phparch.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions on Windows
Sounds right. Do you have a C:\temp directory? How does one get sessions working on Windows? I have modified my php.ini file so that session.save_path = C:\Temp, restarted and Apache. Still I get this error message: Warning: session_start(): open(/tmp\sess_26310affee160329c9e50f27663f8971, O_RDWR) failed: No such file or directory (2) in c:\apache\htdocs\dbmdata\admin\61646d696e.php on line 2 This is the code that is triggering the error. It seems very straightforward to me: session_start(); echo $_SESSION['user']; -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions - Cookies Not Saving
On 05 March 2004 03:33, Paul Higgins wrote: When I do: print_r($_COOKIE); I get the following: Array ( [PHPSESSID] = 11781ce29c68ca7ef563110f37e43f38 ) Does that mean its setting the Cookie? Yes. Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
On Friday 05 March 2004 13:05, Paul Higgins wrote: When I thought about what the compay really told me...it didn't make sense. All I know is that that cookie will not save on my WinXP box, but it will save on my Linux box. As sending cookies is pretty much a generic procedure which is not platform dependent it would suggest that your WinXP box is broken (needless to say I'm assuming that you have already ensured that your browser is configured to accept cookies). Have you tried any other browsers/platforms? -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* All vacations and holidays create problems, except for one's own -- Murphy's Laws on Work n34 */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions - Cookies Not Saving
but it will save on my Linux box. As sending cookies is pretty much a generic procedure which is not platform dependent it would suggest that your WinXP box is broken (needless to say I'm assuming that you have already ensured that your browser is configured to accept cookies). Have you tried any other browsers/platforms? The above snippet means it works on his linux box which is why i suggested to see if the session is storing in /tmp, he could prob have spyware running on his machine, i advice check out adaware. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( ' a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
When I do: print_r($_COOKIE); I get the following: Array ( [PHPSESSID] = 11781ce29c68ca7ef563110f37e43f38 ) Does that mean its setting the Cookie? I can't see the cookie on my computer. I don't have cookies disabled because I'm getting cookies from other sites. The privacy setting is set to Medium. Thanks, Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( 'a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
AAAGGGH!! I asked my hosting company where they were stored...on the server...I am so mad at myself...all that time wasted. Thanks for the help though...it was much appreciated! Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( 'a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
Is it a non default /tmp ? If so it should be in php.ini or u have to set where it is with an ini_set , hope that helps. AAAGGGH!! I asked my hosting company where they were stored...on the server...I am so mad at myself...all that time wasted. Thanks for the help though...it was much appreciated! Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( 'a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
If there is something in $_COOKIE, what does that mean? That there is a cookie somewhere? Or is it appending the Session ID to the URL? Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 15:24:32 +1100 (EST) Is it a non default /tmp ? If so it should be in php.ini or u have to set where it is with an ini_set , hope that helps. AAAGGGH!! I asked my hosting company where they were stored...on the server...I am so mad at myself...all that time wasted. Thanks for the help though...it was much appreciated! Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( ' a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Get a FREE online computer virus scan from McAfee when you click here. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
Ahh is it showing in the url ? Usually it stores as a cookie, or via url, i think that is also set in php.ini, someone want to ellaborate here ? If there is something in $_COOKIE, what does that mean? That there is a cookie somewhere? Or is it appending the Session ID to the URL? Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 15:24:32 +1100 (EST) Is it a non default /tmp ? If so it should be in php.ini or u have to set where it is with an ini_set , hope that helps. AAAGGGH!! I asked my hosting company where they were stored...on the server...I am so mad at myself...all that time wasted. Thanks for the help though...it was much appreciated! Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( ' a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Get a FREE online computer virus scan from McAfee when you click here. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions - Cookies Not Saving
When I thought about what the compay really told me...it didn't make sense. All I know is that that cookie will not save on my WinXP box, but it will save on my Linux box. Are there any special headers that I could use? Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 15:24:32 +1100 (EST) Is it a non default /tmp ? If so it should be in php.ini or u have to set where it is with an ini_set , hope that helps. AAAGGGH!! I asked my hosting company where they were stored...on the server...I am so mad at myself...all that time wasted. Thanks for the help though...it was much appreciated! Paul From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] PHP Sessions - Cookies Not Saving Date: Fri, 5 Mar 2004 14:25:53 +1100 (EST) Are the hosts u looking at the same ? Like is it the very same link ? Check on the XP box if you have cookies disabled, u can always check if the session is being stored on the server too, look in /tmp first. Try a print_r ($_COOKIE); aswell. Hi everyone, I'm trying to create a session with PHP. I'm using the following code: ?php session_start( ); print( session_id( ) ); print( 'HTML'); print( 'BODY' ); print( ' a href = http://www.mysite.com/shopping_cart/Test2.php;Here/a' ); print( '/BODY' ); print( '/HTML' ); ? Now, I'm trying to view this site on a WinXP box. However, the cookies are not being saved onto my machine. I've viewed the site with Mozilla on a Linux box, and it works fine. What could be wrong? Any help would be greatly appreciated. I read somewhere that PHP had some issues with writing cookies to an NTFS box. Could that have anything to do with it? Thanks, Paul _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ FREE pop-up blocking with the new MSN Toolbar get it now! http://clk.atdmt.com/AVE/go/onm00200415ave/direct/01/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ Get business advice and resources to improve your work life, from bCentral. http://special.msn.com/bcentral/loudclear.armx -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions
Hi, Monday, March 1, 2004, 3:04:13 AM, you wrote: PH Hello everyone, PH I'm beginning to experiment with PHP sessions. I was wondering if it is PH possible to place objects into the session? PH Thanks, PH Paul PH _ PH Take off on a romantic weekend or a family adventure to these great U.S. PH locations. http://special.msn.com/local/hotdestinations.armx You can, but you must make sure that the object is declared on the next page before you do session_start(); -- regards, Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
--- S.P.Vimala [EMAIL PROTECTED] wrote: How to create a unique session for every new browser instance? I'm not sure if this fits your definition of new browser instance, but there is no way for a remote Web server to distinguish between two instances of the same browser running on the client machine. Maybe that explains something? Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
Chris Shiflett [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] --- S.P.Vimala [EMAIL PROTECTED] wrote: How to create a unique session for every new browser instance? I'm not sure if this fits your definition of new browser instance, but there is no way for a remote Web server to distinguish between two instances of the same browser running on the client machine. That can't be true. I don't claim to understand exactly how it works, but here is what happens for me. I have an application that I log into. Once I'm logged in, if I open the URL in another browser window, it just gives me the login page. My guess is that the first browser window is passing a cookie identifying the session that the second one doesn't know about. In your case, when you're not using cookies, the session ID must be passed on the URL. I don't know much about using trans_sid, so i can't help you further. -- Rob Maybe that explains something? Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
--- Rob Adams [EMAIL PROTECTED] wrote: I'm not sure if this fits your definition of new browser instance, but there is no way for a remote Web server to distinguish between two instances of the same browser running on the client machine. That can't be true. It can, and it is. The only way a Web server could distinguish between them is if the browsers sent something unique per instance within the HTTP request. So, you could write a browser that does this in theory, but that doesn't really do you much good unless you can convince your users to use it. It would be very unusual behavior, so I doubt anyone would want this. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
Chris Shiflett [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] --- Rob Adams [EMAIL PROTECTED] wrote: I'm not sure if this fits your definition of new browser instance, but there is no way for a remote Web server to distinguish between two instances of the same browser running on the client machine. That can't be true. It can, and it is. The only way a Web server could distinguish between them is if the browsers So there is a way, and it's not true. Test it yourself. Login to a PHP app using a standard browser and session cookies and see for yourself. I understand the philosophy of the web server only seeing what the client sends it, but it looks like my client (IE6, right here) does send different requests per instance. It's not just 'in theory.' sent something unique per instance within the HTTP request. So, you could write a browser that does this in theory, but that doesn't really do you much good unless you can convince your users to use it. It would be very unusual behavior, so I doubt anyone would want this. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
--- Rob Adams [EMAIL PROTECTED] wrote: Test it yourself. With all due respect, it seems you should be doing the testing. Login to a PHP app using a standard browser and session cookies and see for yourself. I understand the philosophy of the web server only seeing what the client sends it, but it looks like my client (IE6, right here) does send different requests per instance. Then show us these requests and point out how they are different. Otherwise, I have to assume you have no idea what you're talking about. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
I will test it, because it seems I don't understand this issue as much as I could. But I can already tell you results I see right now: I open a web browser (IE) and login to my application. I open another window (IE) and goto the web application, and it asks me to login. This is all on the same computer. (As I've explained all this before.) Now, perhaps I don't know what I'm talking about, and this is a different issue. If so, I'm pretty sure you'll certainly try to set me straight. If not, then it certainly seems relevant to the discussion, and that my one client (IE) is sending two different requests from two different windows on the same computer. -- Rob Chris Shiflett [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] --- Rob Adams [EMAIL PROTECTED] wrote: Test it yourself. With all due respect, it seems you should be doing the testing. Login to a PHP app using a standard browser and session cookies and see for yourself. I understand the philosophy of the web server only seeing what the client sends it, but it looks like my client (IE6, right here) does send different requests per instance. Then show us these requests and point out how they are different. Otherwise, I have to assume you have no idea what you're talking about. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
From: Chris Shiflett [EMAIL PROTECTED] --- Rob Adams [EMAIL PROTECTED] wrote: Test it yourself. With all due respect, it seems you should be doing the testing. Login to a PHP app using a standard browser and session cookies and see for yourself. I understand the philosophy of the web server only seeing what the client sends it, but it looks like my client (IE6, right here) does send different requests per instance. Then show us these requests and point out how they are different. Otherwise, I have to assume you have no idea what you're talking about. If you are not relying on a cookie based session, then this will work. Each login could be assigned a different session ID, so the requests for each browser will be different because of the different session IDs. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] php sessions
Hi Rob. That seems perfectly logical. I've written a Content Management System which (when it's finished in a couple of months ;o) run the website at the university where I work. I can presently open an instance of the CMS in IE, login as admin, then open a new window and request another instance of the CMS, and login as a less-privelidged user. I can then use these two separate instances and work as two individual users in the CMS at the same time. Cheers, Pablo -Original Message- From: Rob Adams [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 28, 2003 11:56 AM To: [EMAIL PROTECTED] Subject: Re: [PHP] php sessions I will test it, because it seems I don't understand this issue as much as I could. But I can already tell you results I see right now: I open a web browser (IE) and login to my application. I open another window (IE) and goto the web application, and it asks me to login. This is all on the same computer. (As I've explained all this before.) Now, perhaps I don't know what I'm talking about, and this is a different issue. If so, I'm pretty sure you'll certainly try to set me straight. If not, then it certainly seems relevant to the discussion, and that my one client (IE) is sending two different requests from two different windows on the same computer. -- Rob Chris Shiflett [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] --- Rob Adams [EMAIL PROTECTED] wrote: Test it yourself. With all due respect, it seems you should be doing the testing. Login to a PHP app using a standard browser and session cookies and see for yourself. I understand the philosophy of the web server only seeing what the client sends it, but it looks like my client (IE6, right here) does send different requests per instance. Then show us these requests and point out how they are different. Otherwise, I have to assume you have no idea what you're talking about. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
So you're saying if the session ID is passed in on the URL it will work. But I'm using cookies. The only thing that gets passed on the URL is a pagename. Perhaps there is something funky about my setup, but it has always worked this way for me. -- Rob Cpt John W. Holmes [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] From: Chris Shiflett [EMAIL PROTECTED] --- Rob Adams [EMAIL PROTECTED] wrote: Test it yourself. With all due respect, it seems you should be doing the testing. Login to a PHP app using a standard browser and session cookies and see for yourself. I understand the philosophy of the web server only seeing what the client sends it, but it looks like my client (IE6, right here) does send different requests per instance. Then show us these requests and point out how they are different. Otherwise, I have to assume you have no idea what you're talking about. If you are not relying on a cookie based session, then this will work. Each login could be assigned a different session ID, so the requests for each browser will be different because of the different session IDs. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
* Thus wrote Rob Adams ([EMAIL PROTECTED]): I will test it, because it seems I don't understand this issue as much as I could. But I can already tell you results I see right now: I open a web browser (IE) and login to my application. I open another window (IE) and goto the web application, and it asks me to login. This is all on the same computer. (As I've explained all this before.) Now, perhaps I don't know what I'm talking about, and this is a different issue. If so, I'm pretty sure you'll certainly try to set me straight. If not, then it certainly seems relevant to the discussion, and that my one client (IE) is sending two different requests from two different windows on the same computer. This is entirely up to the client, deciding to send a cookie or not when opening a new browser window. You can even turn the behaviour, you describe, off in IE. The problem is the php script doesn't know that the browser you opened (that give you back the login screen) is even related to the other browser window. All the php script knows is that you simply don't have a cookie. Curt -- My PHP key is worn out PHP List stats since 1997: http://zirzow.dyndns.org/html/mlists/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
Curt Zirzow [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] * Thus wrote Rob Adams ([EMAIL PROTECTED]): I will test it, because it seems I don't understand this issue as much as I could. But I can already tell you results I see right now: I open a web browser (IE) and login to my application. I open another window (IE) and goto the web application, and it asks me to login. This is all on the same computer. (As I've explained all this before.) Now, perhaps I don't know what I'm talking about, and this is a different issue. If so, I'm pretty sure you'll certainly try to set me straight. If not, then it certainly seems relevant to the discussion, and that my one client (IE) is sending two different requests from two different windows on the same computer. This is entirely up to the client, deciding to send a cookie or not when opening a new browser window. You can even turn the behaviour, you describe, off in IE. The problem is the php script doesn't know that the browser you opened (that give you back the login screen) is even related to the other browser window. All the php script knows is that you simply don't have a cookie. That has been my point all along. Perhaps I misunderstood you: there is no way for a remote Web server to distinguish between two instances of the same browser running on the client machine. vs. The problem is the php script doesn't know that the browser you opened (that give you back the login screen) is even related to the other browser window. Aren't these almost exactly opposite statements? Isn't the web server distinguishing between the two instances? Using the cookie? -- Rob Curt -- My PHP key is worn out PHP List stats since 1997: http://zirzow.dyndns.org/html/mlists/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
Another test: I just downloaded and installed Mozilla (1.5). I logged into my site, opened another window, and was logged in there also. I logged out of the second window, hit a Home link on the first window, and got a login screen. This is new behavior for a browser for me, but now I understand how it works. Thanks for the discussion. -- Rob Rob Adams [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Curt Zirzow [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] * Thus wrote Rob Adams ([EMAIL PROTECTED]): I will test it, because it seems I don't understand this issue as much as I could. But I can already tell you results I see right now: I open a web browser (IE) and login to my application. I open another window (IE) and goto the web application, and it asks me to login. This is all on the same computer. (As I've explained all this before.) Now, perhaps I don't know what I'm talking about, and this is a different issue. If so, I'm pretty sure you'll certainly try to set me straight. If not, then it certainly seems relevant to the discussion, and that my one client (IE) is sending two different requests from two different windows on the same computer. This is entirely up to the client, deciding to send a cookie or not when opening a new browser window. You can even turn the behaviour, you describe, off in IE. The problem is the php script doesn't know that the browser you opened (that give you back the login screen) is even related to the other browser window. All the php script knows is that you simply don't have a cookie. That has been my point all along. Perhaps I misunderstood you: there is no way for a remote Web server to distinguish between two instances of the same browser running on the client machine. vs. The problem is the php script doesn't know that the browser you opened (that give you back the login screen) is even related to the other browser window. Aren't these almost exactly opposite statements? Isn't the web server distinguishing between the two instances? Using the cookie? -- Rob Curt -- My PHP key is worn out PHP List stats since 1997: http://zirzow.dyndns.org/html/mlists/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
--- CPT John W. Holmes [EMAIL PROTECTED] wrote: If you are not relying on a cookie based session, then this will work. Each login could be assigned a different session ID, so the requests for each browser will be different because of the different session IDs. What John is explaining here is that the URLs could be different if that is how the session ID is propogated, thus making the requests different (they're for different URLs). So, if you click a link from: http://example.org/foo.php?PHPSESSID=12345 it could be for: http://example.org/bar.php?PHPSESSID=12345 Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
Chris Shiflett [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] --- CPT John W. Holmes [EMAIL PROTECTED] wrote: If you are not relying on a cookie based session, then this will work. Each login could be assigned a different session ID, so the requests for each browser will be different because of the different session IDs. What John is explaining here is that the URLs could be different if that is how the session ID is propogated, thus making the requests different (they're for different URLs). So, if you click a link from: That doesn't seem to be what he's saying. because of the different session IDs. It seems to me a better example of what he is saying would be: http://example.org/foo.php?PHPSESSID=12345 vs. http://example.org/foo.php?PHPSESSID=67890 But I was talking about cookies anyway. Which is where different browsers have different behaviors. In IE, by default, it will not pass a cookie from a new browser window. In Mozilla, by default, a new window keeps all the cookies currently set. I've mostly used IE, so I've always thought that it never passed cookies from a new browser window. Apparently, it just depends on which browser you're using and how it is setup. -- Rob http://example.org/foo.php?PHPSESSID=12345 it could be for: http://example.org/bar.php?PHPSESSID=12345 Hope that helps. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
--- Rob Adams [EMAIL PROTECTED] wrote: That doesn't seem to be what he's saying. because of the different session IDs. It seems to me a better example of what he is saying would be: http://example.org/foo.php?PHPSESSID=12345 vs. http://example.org/foo.php?PHPSESSID=67890 Perhaps I should have elaborated a bit more. Browser instance A: 1. Request http://example.org/foo.php 2. PHP assigns PHPSESSID of 12345 3. Returned page has a link for http://example.org/bar.php?PHPSESSID=12345 4. Request http://example.org/bar.php?PHPSESSID=12345 Browser instance B: 1. Request http://example.org/foo.php 2. PHP assigns PHPSESSID of 67890 3. Returned page has a link for http://example.org/bar.php?PHPSESSID=67890 4. Request http://example.org/bar.php?PHPSESSID=67890 Because A4 and B4 are different requests, they get different responses. So, in a way, the server is able to distinguish between the two instances, but only because of that. If instance A sends the request in B4, it will get the same response as instance B would have. That wasn't a great explanation, but maybe it is at least better than my last attempt. But I was talking about cookies anyway. Which is where different browsers have different behaviors. In IE, by default, it will not pass a cookie from a new browser window. This is very interesting. I might try to research this a bit more and see what the motivation was for doing this. From a user perspective, it seems very counterintuitive. Thanks for the info. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php sessions
From: Chris Shiflett [EMAIL PROTECTED] But I was talking about cookies anyway. Which is where different browsers have different behaviors. In IE, by default, it will not pass a cookie from a new browser window. This is very interesting. I might try to research this a bit more and see what the motivation was for doing this. From a user perspective, it seems very counterintuitive. Thanks for the info. It may depend upon how you open the second window, too. Control-N may use the same cookies whereas starting a whole new instance may not. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] php sessions
On Tuesday, October 28, 2003 2:13 PM CPT John W. Holmes wrote: It may depend upon how you open the second window, too. Control-N may use the same cookies whereas starting a whole new instance may not. This is the case with IE. If I'm in my CMS and ctrl-N to get a new window, I can operate under both windows using the same session. If I open a new instance of IE and go to a page in the CMS beyond the login screen, it boots me back to the login screen. Cheers, Pablo -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions Not Saving
At around Tue, Feb 04, 2003 at 02:06:35PM +0800, Jason Wong constructed the following notation: Recompile, why? How about a link? ln -s /sbin/sendmail /usr/sbin/sendmail During the ./configure part of the installation, PHP checks for sendmail, but only in /sbin/sendmail. If it doesn't find it, the function mail() isn't complied in. I just get 'call to undefined function mail()' in x/y.php on z. But according to the manual configure should check both locations? I can't remember where i saw it (i think it was on a mailing list), but someone said it'll only check /sbin/sendmail, which seams to be the case. sendmail.path is set to '/usr/sbin/sendmail' in php.ini, but that doesn't has an effect. well, either way it hasn't been compiled in so a recompile will be needed. it's only a 10 minute job anyway. -- jonathan wright [EMAIL PROTECTED] | www.djnauk.co.uk -- life has no meaning unless we can enjoy what we've been given -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions Not Saving
--- Jonathan Wright [EMAIL PROTECTED] wrote: i'm having problems with sessions. I've set up the server (httpd-2.0.44) with php (4.3.0) and switched on sessions. I would recommend not using Apache 2 with PHP right now. Stick with the latest stable 1.3.x version. Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions Not Saving
At around Mon, Feb 03, 2003 at 10:42:47AM -0800, Chris Shiflett constructed the following notation: --- Jonathan Wright [EMAIL PROTECTED] wrote: i'm having problems with sessions. I've set up the server (httpd-2.0.44) with php (4.3.0) and switched on sessions. I would recommend not using Apache 2 with PHP right now. Stick with the latest stable 1.3.x version. Chris Aside from this, PHP's running like a dream. I haven't had a single problem (other than mail() not working, but I found that's because I use /usr/sbin/sendmail, not /sbin/sendmail, so I'll just need to recompile). Although it's running under httpd, surley the fact that PHP's not writing to the files on the drive (only 'touch'ing them so to speak) is more of a PHP problem than an Apache problem? Thanks, -- jonathan wright [EMAIL PROTECTED] | www.djnauk.co.uk -- life has no meaning unless we can enjoy what we've been given -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions Not Saving
On Mon, 3 Feb 2003, Jonathan Wright wrote: Aside from this, PHP's running like a dream. I haven't had a single problem (other than mail() not working, but I found that's because I use /usr/sbin/sendmail, not /sbin/sendmail, so I'll just need to recompile). Recompile, why? How about a link? ln -s /sbin/sendmail /usr/sbin/sendmail -- Greg Donald http://destiney.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions Not Saving
At around Mon, Feb 03, 2003 at 04:20:03PM -0600, Greg Donald constructed the following notation: On Mon, 3 Feb 2003, Jonathan Wright wrote: Aside from this, PHP's running like a dream. I haven't had a single problem (other than mail() not working, but I found that's because I use /usr/sbin/sendmail, not /sbin/sendmail, so I'll just need to recompile). Recompile, why? How about a link? ln -s /sbin/sendmail /usr/sbin/sendmail During the ./configure part of the installation, PHP checks for sendmail, but only in /sbin/sendmail. If it doesn't find it, the function mail() isn't complied in. I just get 'call to undefined function mail()' in x/y.php on z. -- jonathan wright [EMAIL PROTECTED] | www.djnauk.co.uk -- life has no meaning unless we can enjoy what we've been given -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions Not Saving
During the ./configure part of the installation, PHP checks for sendmail, but only in /sbin/sendmail. If it doesn't find it, the function mail() isn't complied in. I just get 'call to undefined function mail()' in x/y.php on z. Ok, make your link this way then: ln -s /usr/sbin/sendmail /sbin/sendmail -- Greg Donald -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions Not Saving
On Tuesday 04 February 2003 06:30, Jonathan Wright wrote: At around Mon, Feb 03, 2003 at 04:20:03PM -0600, Greg Donald constructed the following notation: On Mon, 3 Feb 2003, Jonathan Wright wrote: Aside from this, PHP's running like a dream. I haven't had a single problem (other than mail() not working, but I found that's because I use /usr/sbin/sendmail, not /sbin/sendmail, so I'll just need to recompile). Recompile, why? How about a link? ln -s /sbin/sendmail /usr/sbin/sendmail During the ./configure part of the installation, PHP checks for sendmail, but only in /sbin/sendmail. If it doesn't find it, the function mail() isn't complied in. I just get 'call to undefined function mail()' in x/y.php on z. But according to the manual configure should check both locations? -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* Romeo wasn't bilked in a day. -- Walt Kelly, Ten Ever-Lovin' Blue-Eyed Years With Pogo */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: Re: [PHP] PHP Sessions Not Saving
This is a system automated E-Mail reply. If you email is a request for support then please visit the below URL and lodge your support request. If you cannot access the below URL, then please email [EMAIL PROTECTED] for prompt support. http://www.wildcomm.net/support.php If this is not a support related E-Mail then disregard this E-Mail. Regards. Support Response Wildthing Communications Mob: 0421 556847 PO Box 1841 SUNSHINE PLAZA Maroochydore QLD 4558 http://www.wildcomm.net ICQ# 64851373 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions generates Segment Faults
Hey, I'm back =) I was unable to get it to run, I've setup the most basic session handler i could think of, a simple counter, if any of you could test it, I'd be very thankful, the URL is http://fatboy.blaster.nu/~blaster/sess_test/ Now, it does not cut the content, not sure why it doesn't do that, but I'm pretty sure it generates segment faults, cause at several occations when you click Destroy Session and then return, it will display Cannot find server in MSIE, and I've checked with my sniffer, Apache simply closes the TCP connection as soon as my request is sent which probably means the child handling my request segment faulted. Still, if ANYONE has ANYTHING on Segment faults with PHP session, I'd like to hear about it, I'm willing to try pretty much anything! I've already tried several different DB libs and Session handler libs, I'm aware of the MM lib which many have had problems with before, I don't use that. One thing that really bugs me though, is that if I don't touch the session.save_handler option and leave it to files, EVERYTHING works just great! This kinda makes me think all the DB libs I have tried is invalid, but that cannot possible be the case, I've even tried PEAR sessionlib, which is coded by a team supported by the PHP group (?). Is it possible that the way PHP handles the files session and user sessions is different? Like, they patched one of the methods but forgot to fix the user mode? :) Also, while searching google, I came across a very interesting URL, http://www.phpbuilder.com/mail/php-developer-list/21/0600.php However, the BUG description ID to http://bugs.php.net/ seems to be invalid, it only takes me to the frontpage, and searching for it gives me nothing, is this bug fixed? If so, in what version? Thanks for your time, again, anything related to PHP session and possible segment faults is MUCH appreciated! At 21:15 2003-01-21 +1100, you wrote: I don't really have an answer... try to get the REALLY basic session example from the manual to work... this will ruke out your save handler and all sorts of other stuff, if you're still getting the errors with basic code and default handlers. Justin on 21/01/03 9:01 PM, Blaster ([EMAIL PROTECTED]) wrote: Okay, I'm not using mm as my session handler, in PHP.ini, I still have files, but in my script, I temporariliy modify this with if (!ini_set(session.save_handler, user)) echo(Unable to switch to Session User mode.); if (!session_set_save_handler(db_session_open, db_session_close, db_session_read, db_session_write, db_session_destroy, db_session_garbage)) echo(Unable to init custom session handlers!); These are my own handlers, working with MySQL. I have however also tried setting it to user and only doing the session_set_save_handler() part, but gives me random segment faults either way. The strange part is that it doesn't always crash, i can view the same page 10 times, and it only segment faults on one of the views,.. how is this possible? Please advice =) At 12:51 2003-01-21 +1100, you wrote: Hi, I had this problem a few weeks back. The host changed the sessions from 'mm' to 'files' in php.ini and restarted, and all was ok... not sure of the reasons behind the faults, but I had this EXACT problem (with standard session stuff). Justin on 21/01/03 2:29 AM, Blaster ([EMAIL PROTECTED]) wrote: Hi OS: Debian Linux (Woody), kernel 2.2.20 PHP: v4.1.2 I'm having some troubles with my sessions, when the page is sent to the visitor, it sometimes stops after ½ the page or so. 90% of the times, it works perfectly to visit the page, so this appears to be totally random. However, I have reason to believe it has something to do with my sessions, I have written a custom session lib which works with MySQL, and then set it up with session_set_save_handler() Now, I checked the error logs of my Apache HTTP, and it's filled with [Mon Jan 20 15:20:54 2003] [notice] child pid 19500 exit signal Segmentation fault (11) [Mon Jan 20 15:20:54 2003] [notice] child pid 19399 exit signal Segmentation fault (11) FATAL: emalloc(): Unable to allocate -916562933 bytes [Mon Jan 20 15:21:02 2003] [notice] child pid 19499 exit signal Segmentation fault (11) [Mon Jan 20 15:21:20 2003] [notice] child pid 19401 exit signal Segmentation fault (11) [Mon Jan 20 15:21:32 2003] [notice] child pid 19514 exit signal Segmentation fault (11) [Mon Jan 20 15:21:35 2003] [notice] child pid 19403 exit signal Segmentation fault (11) The reason to why I'm sure it's PHP is the emalloc() line, which I'm told only can be generated by PHP. Now, I'm wondering if this is a know bug, or am I doing something wrong? In short: The content stream (HTML stream) is interrupted, probably because of a segment fault caused by PHP Session functions. Is there a way to work around this bug without performing a complete upgrade? If this has already been fixed in a newer version, which version do
Re: [PHP] PHP Sessions generates Segment Faults
I can say with near certainty that there is a problem with the session handler you've chosen, for you to be getting these segfaults. As I pointed out, and as you've stated, if the sessions work fine with the 'files' handler type, then the issue must be with the alternate handler. So, if you wrote it yourself, perhaps it's got a bug. If it's a library script, perhaps it has a bug, or has a FAQ, or some support. There's also the option that there's a bug with PHP in this/these version(s) which is causing the problems. Is there a reason why you can't just use 'files'??? Justin French on 23/01/03 3:17 AM, Blaster ([EMAIL PROTECTED]) wrote: Hey, I'm back =) I was unable to get it to run, I've setup the most basic session handler i could think of, a simple counter, if any of you could test it, I'd be very thankful, the URL is http://fatboy.blaster.nu/~blaster/sess_test/ Now, it does not cut the content, not sure why it doesn't do that, but I'm pretty sure it generates segment faults, cause at several occations when you click Destroy Session and then return, it will display Cannot find server in MSIE, and I've checked with my sniffer, Apache simply closes the TCP connection as soon as my request is sent which probably means the child handling my request segment faulted. Still, if ANYONE has ANYTHING on Segment faults with PHP session, I'd like to hear about it, I'm willing to try pretty much anything! I've already tried several different DB libs and Session handler libs, I'm aware of the MM lib which many have had problems with before, I don't use that. One thing that really bugs me though, is that if I don't touch the session.save_handler option and leave it to files, EVERYTHING works just great! This kinda makes me think all the DB libs I have tried is invalid, but that cannot possible be the case, I've even tried PEAR sessionlib, which is coded by a team supported by the PHP group (?). Is it possible that the way PHP handles the files session and user sessions is different? Like, they patched one of the methods but forgot to fix the user mode? :) Also, while searching google, I came across a very interesting URL, http://www.phpbuilder.com/mail/php-developer-list/21/0600.php However, the BUG description ID to http://bugs.php.net/ seems to be invalid, it only takes me to the frontpage, and searching for it gives me nothing, is this bug fixed? If so, in what version? Thanks for your time, again, anything related to PHP session and possible segment faults is MUCH appreciated! At 21:15 2003-01-21 +1100, you wrote: I don't really have an answer... try to get the REALLY basic session example from the manual to work... this will ruke out your save handler and all sorts of other stuff, if you're still getting the errors with basic code and default handlers. Justin on 21/01/03 9:01 PM, Blaster ([EMAIL PROTECTED]) wrote: Okay, I'm not using mm as my session handler, in PHP.ini, I still have files, but in my script, I temporariliy modify this with if (!ini_set(session.save_handler, user)) echo(Unable to switch to Session User mode.); if (!session_set_save_handler(db_session_open, db_session_close, db_session_read, db_session_write, db_session_destroy, db_session_garbage)) echo(Unable to init custom session handlers!); These are my own handlers, working with MySQL. I have however also tried setting it to user and only doing the session_set_save_handler() part, but gives me random segment faults either way. The strange part is that it doesn't always crash, i can view the same page 10 times, and it only segment faults on one of the views,.. how is this possible? Please advice =) At 12:51 2003-01-21 +1100, you wrote: Hi, I had this problem a few weeks back. The host changed the sessions from 'mm' to 'files' in php.ini and restarted, and all was ok... not sure of the reasons behind the faults, but I had this EXACT problem (with standard session stuff). Justin on 21/01/03 2:29 AM, Blaster ([EMAIL PROTECTED]) wrote: Hi OS: Debian Linux (Woody), kernel 2.2.20 PHP: v4.1.2 I'm having some troubles with my sessions, when the page is sent to the visitor, it sometimes stops after ½ the page or so. 90% of the times, it works perfectly to visit the page, so this appears to be totally random. However, I have reason to believe it has something to do with my sessions, I have written a custom session lib which works with MySQL, and then set it up with session_set_save_handler() Now, I checked the error logs of my Apache HTTP, and it's filled with [Mon Jan 20 15:20:54 2003] [notice] child pid 19500 exit signal Segmentation fault (11) [Mon Jan 20 15:20:54 2003] [notice] child pid 19399 exit signal Segmentation fault (11) FATAL: emalloc(): Unable to allocate -916562933 bytes [Mon Jan 20 15:21:02 2003] [notice] child pid 19499 exit signal Segmentation fault (11) [Mon Jan 20 15:21:20
RE: [PHP] PHP Sessions
What version of PHP are you using and do you have globals turned on? Timothy Hitchens (HiTCHO) Open Source Consulting e-mail: [EMAIL PROTECTED] -Original Message- From: Tim Thorburn [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 21 January 2003 6:59 PM To: [EMAIL PROTECTED] Subject: [PHP] PHP Sessions Hi, After a day and a half of pounding my head against the wall I believe I've identified the source of the problem. When I create and register the session in my login page - it does not carry forward to any other pages. I've found this by going through several different tutorials for making password protected areas using PHP and Sessions that I've found both online and in books - all produce the same result on the server with attitude - yet all work on all other servers I'm currently using for my hosting. So, since this is an eCommerce site for my client and they're getting increasingly impatient with the progress made I'm left with little choice in this matter - as moving the site now would be unthinkable, and tech support at the hosting company is less than stellar, and generally not in English. Are there any obvious PHP settings that I'd need to adjust to ensure that Sessions can be carried forward to additional pages? My only other option now is to force my client to login to each screen in the admin area (conceivably this could mean the client would need to log in to a minimum of 8 different pages to observe their records and make changes to the site). I'm at the point of desperation and sleep deprivation ... If there are no obvious PHP settings that need to be altered - what else could be producing this problem? Thanks -Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions
On Tuesday 21 January 2003 16:58, Tim Thorburn wrote: Hi, After a day and a half of pounding my head against the wall I believe I've identified the source of the problem. When I create and register the session in my login page - it does not carry forward to any other pages. I've found this by going through several different tutorials for making password protected areas using PHP and Sessions that I've found both online and in books - all produce the same result on the server with attitude - yet all work on all other servers I'm currently using for my hosting. Does the simple example from the manual work? If not, what does the php.log say? If it does work then what does your code look like? What is the config of the server with an attitude? phpinfo()? Did you check for any differences between that and the servers that do work? -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* lisp, v.: To call a spade a thpade. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions
Hi, I'm using PHP 4.1.2 on the server with problems - it's hosted on a shared server and thus I have no direct access to much of anything. I have had this script running on versions 4.0.6 thru 4.2.2 with no problems until now. Here are the settings attained from phpinfo(); for the server that does not work - 4.1.2 ... and from the server that does work 4.2.2 After the Configure Command of each is a list of settings that differ. Much thanks for responding so quickly and at such a late hour!! Thanks -Tim PHP 4.2.2 (works fine) './configure' '--with-apxs=/usr/local/apache/bin/apxs' '--with-mcrypt' '--enable-bcmath' '--enable-calendar' '--with-xml' '--with-swf=/usr/local/flash' '--with-gd=../gd-1.8.4' '--with-jpeg-dir=/usr/local' '--with-imap=../imap-2001.BETA.SNAP-0107112053' '--with-ming=../ming-0.1.1' '--enable-magic-quotes' '--with-mysql' '--enable-safe-mode' '--enable-track-vars' '--with-ttf' '--enable-versioning' '--with-curl' '--with-zlib' Settings: allow_call_time_pass_reference ON extension_dir ./ magic_quotes_gpc ON register_argc_argv ON sendmail_from no value unserialize_callback_func no value variables_order EGPCS PHP 4.1.2 (doesn't work) './configure' '--prefix=/usr' '--with-apxs=/usr/sbin/apxs' '--with-gd' '--with-gettext=/usr' '--enable-safe-mode' '--with-config-file-path=/etc/httpd' '--with-exec-dir=/usr/bin' '--with-zlib' '--enable-magic-quotes' '--with-regex=system' '--with-ttf' '--with-db' '--with-gdbm' '--enable-mbstring' '--enable-mbstr-enc-trans' '--enable-track-vars' '--enable-wddx=shared' '--enable-mm=shared' '--enable-xml' '--enable-ftp' '--disable-debug' '--with-libdir=/usr/lib' '--with-db3' '--with-interbase=shared' '--with-pgsql=shared' '--with-ldap' '--with-imap' '--with-curl=shared' '--with-pdflib=shared' Settings: allow_call_time_pass_reference OFF extension_dir /usr/lib/apache/php magic_quotes_gpc OFF register_argc_argv OFF sendmail_from [EMAIL PROTECTED] variables_order GPCS At 07:11 PM 1/21/2003 +1000, Timothy Hitchens \(HiTCHO\) wrote: What version of PHP are you using and do you have globals turned on? Timothy Hitchens (HiTCHO) Open Source Consulting e-mail: [EMAIL PROTECTED] -Original Message- From: Tim Thorburn [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 21 January 2003 6:59 PM To: [EMAIL PROTECTED] Subject: [PHP] PHP Sessions Hi, After a day and a half of pounding my head against the wall I believe I've identified the source of the problem. When I create and register the session in my login page - it does not carry forward to any other pages. I've found this by going through several different tutorials for making password protected areas using PHP and Sessions that I've found both online and in books - all produce the same result on the server with attitude - yet all work on all other servers I'm currently using for my hosting. So, since this is an eCommerce site for my client and they're getting increasingly impatient with the progress made I'm left with little choice in this matter - as moving the site now would be unthinkable, and tech support at the hosting company is less than stellar, and generally not in English. Are there any obvious PHP settings that I'd need to adjust to ensure that Sessions can be carried forward to additional pages? My only other option now is to force my client to login to each screen in the admin area (conceivably this could mean the client would need to log in to a minimum of 8 different pages to observe their records and make changes to the site). I'm at the point of desperation and sleep deprivation ... If there are no obvious PHP settings that need to be altered - what else could be producing this problem? Thanks -Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions
Are globals turned on or off.. I don't see that setting in your copy and paste. Are you trying to access the session vars as $name or $_SESSION['name']?? Timothy Hitchens (HiTCHO) Open Source Consulting e-mail: [EMAIL PROTECTED] -Original Message- From: Tim Thorburn [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 21 January 2003 7:39 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [PHP] PHP Sessions Hi, I'm using PHP 4.1.2 on the server with problems - it's hosted on a shared server and thus I have no direct access to much of anything. I have had this script running on versions 4.0.6 thru 4.2.2 with no problems until now. Here are the settings attained from phpinfo(); for the server that does not work - 4.1.2 ... and from the server that does work 4.2.2 After the Configure Command of each is a list of settings that differ. Much thanks for responding so quickly and at such a late hour!! Thanks -Tim PHP 4.2.2 (works fine) './configure' '--with-apxs=/usr/local/apache/bin/apxs' '--with-mcrypt' '--enable-bcmath' '--enable-calendar' '--with-xml' '--with-swf=/usr/local/flash' '--with-gd=../gd-1.8.4' '--with-jpeg-dir=/usr/local' '--with-imap=../imap-2001.BETA.SNAP-0107112053' '--with-ming=../ming-0.1.1' '--enable-magic-quotes' '--with-mysql' '--enable-safe-mode' '--enable-track-vars' '--with-ttf' '--enable-versioning' '--with-curl' '--with-zlib' Settings: allow_call_time_pass_reference ON extension_dir ./ magic_quotes_gpc ON register_argc_argv ON sendmail_from no value unserialize_callback_func no value variables_order EGPCS PHP 4.1.2 (doesn't work) './configure' '--prefix=/usr' '--with-apxs=/usr/sbin/apxs' '--with-gd' '--with-gettext=/usr' '--enable-safe-mode' '--with-config-file-path=/etc/httpd' '--with-exec-dir=/usr/bin' '--with-zlib' '--enable-magic-quotes' '--with-regex=system' '--with-ttf' '--with-db' '--with-gdbm' '--enable-mbstring' '--enable-mbstr-enc-trans' '--enable-track-vars' '--enable-wddx=shared' '--enable-mm=shared' '--enable-xml' '--enable-ftp' '--disable-debug' '--with-libdir=/usr/lib' '--with-db3' '--with-interbase=shared' '--with-pgsql=shared' '--with-ldap' '--with-imap' '--with-curl=shared' '--with-pdflib=shared' Settings: allow_call_time_pass_reference OFF extension_dir /usr/lib/apache/php magic_quotes_gpc OFF register_argc_argv OFF sendmail_from [EMAIL PROTECTED] variables_order GPCS At 07:11 PM 1/21/2003 +1000, Timothy Hitchens \(HiTCHO\) wrote: What version of PHP are you using and do you have als turned on? Timothy Hitchens (HiTCHO) Open Source Consulting e-mail: [EMAIL PROTECTED] -Original Message- From: Tim Thorburn [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 21 January 2003 6:59 PM To: [EMAIL PROTECTED] Subject: [PHP] PHP Sessions Hi, After a day and a half of pounding my head against the wall I believe I've identified the source of the problem. When I create and register the session in my login page - it does not carry forward to any other pages. I've found this by going through several different tutorials for making password protected areas using PHP and Sessions that I've found both online and in books - all produce the same result on the server with attitude - yet all work on all other servers I'm currently using for my hosting. So, since this is an eCommerce site for my client and they're getting increasingly impatient with the progress made I'm left with little choice in this matter - as moving the site now would be unthinkable, and tech support at the hosting company is less than stellar, and generally not in English. Are there any obvious PHP settings that I'd need to adjust to ensure that Sessions can be carried forward to additional pages? My only other option now is to force my client to login to each screen in the admin area (conceivably this could mean the client would need to log in to a minimum of 8 different pages to observe their records and make changes to the site). I'm at the point of desperation and sleep deprivation ... If there are no obvious PHP settings that need to be altered - what else could be producing this problem? Thanks -Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions
On Tuesday 21 January 2003 17:39, Tim Thorburn wrote: Hi, I'm using PHP 4.1.2 on the server with problems - it's hosted on a shared server and thus I have no direct access to much of anything. I have had this script running on versions 4.0.6 thru 4.2.2 with no problems until now. Here are the settings attained from phpinfo(); for the server that does not work - 4.1.2 ... and from the server that does work 4.2.2 After the Configure Command of each is a list of settings that differ. Again, does the simple example from the manual work? If it works we can eliminate config settings and concentrate on your code. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Endless the world's turn, endless the sun's spinning Endless the quest; I turn again, back to my own beginning, And here, find rest. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions
Yes, the examples from the manual do work on the server using PHP 4.2.2 - however they do not work on the server using PHP 4.1.2. I've been using this same script for many sites with PHP versions 4.0.6 thru 4.2.2 with no problems until now which leads me to believe that I must attempt to change a PHP setting through .htaccess since it is hosted on a shared server. I've tried the example from the manual on several other sites - works everywhere but on this problem server. Thanks -Tim At 05:56 PM 1/21/2003 +0800, you wrote: On Tuesday 21 January 2003 17:39, Tim Thorburn wrote: Hi, I'm using PHP 4.1.2 on the server with problems - it's hosted on a shared server and thus I have no direct access to much of anything. I have had this script running on versions 4.0.6 thru 4.2.2 with no problems until now. Here are the settings attained from phpinfo(); for the server that does not work - 4.1.2 ... and from the server that does work 4.2.2 After the Configure Command of each is a list of settings that differ. Again, does the simple example from the manual work? If it works we can eliminate config settings and concentrate on your code. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Endless the world's turn, endless the sun's spinning Endless the quest; I turn again, back to my own beginning, And here, find rest. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions
Yes, the examples from the manual do work on the server using PHP 4.2.2 - however they do not work on the server using PHP 4.1.2. I've been using this same script for many sites with PHP versions 4.0.6 thru 4.2.2 with no problems until now which leads me to believe that I must attempt to change a PHP setting through .htaccess since it is hosted on a shared server. I've tried the example from the manual on several other sites - works everywhere but on this problem server. Wasn't it 4.1.2 that had broken sessions? I remember one version that came out that was just broke and you had to do a bunch of workarounds to get things to work normally. Was that it? Are you using the $_SESSION array or relying on register_globals? ---John W. Holmes... PHP Architect - A monthly magazine for PHP Professionals. Get your copy today. http://www.phparch.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions
There is some discussion as to whether my globals are on or not ... I am using session_register to name my sessions, and then the global command later on on the individual pages to remember which session it is we're looking for. It would be simply priceless if sessions were broken in 4.1.2 - and make much sense in the long run. Thanks -Tim At 05:19 AM 1/21/2003 -0500, you wrote: Yes, the examples from the manual do work on the server using PHP 4.2.2 - however they do not work on the server using PHP 4.1.2. I've been using this same script for many sites with PHP versions 4.0.6 thru 4.2.2 with no problems until now which leads me to believe that I must attempt to change a PHP setting through .htaccess since it is hosted on a shared server. I've tried the example from the manual on several other sites - works everywhere but on this problem server. Wasn't it 4.1.2 that had broken sessions? I remember one version that came out that was just broke and you had to do a bunch of workarounds to get things to work normally. Was that it? Are you using the $_SESSION array or relying on register_globals? ---John W. Holmes... PHP Architect - A monthly magazine for PHP Professionals. Get your copy today. http://www.phparch.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions
On Tuesday 21 January 2003 17:59, Tim Thorburn wrote: Yes, the examples from the manual do work on the server using PHP 4.2.2 - however they do not work on the server using PHP 4.1.2. I've been using this same script for many sites with PHP versions 4.0.6 thru 4.2.2 with no problems until now which leads me to believe that I must attempt to change a PHP setting through .htaccess since it is hosted on a shared server. I've tried the example from the manual on several other sites - works everywhere but on this problem server. It's time to see some code :) Does sessions work at all for the other people on your shared server? Ask your host whether anybody else has complained. PHP 4.1.2 (doesn't work) '--enable-mm=shared' Would this have anything to do with it? Apparently there could be problems with storing sessions in mm: http://marc.theaimsgroup.com/?l=php-generalm=104311365417871w=2 Check in php.ini whether sessions are file based or using mm. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Goals... Plans... they're fantasies, they're part of a dream world... -- Wally Shawn */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions
on 21/01/03 9:25 PM, Tim Thorburn ([EMAIL PROTECTED]) wrote: There is some discussion as to whether my globals are on or not ... I am using session_register to name my sessions, and then the global command later on on the individual pages to remember which session it is we're looking for. No no no... check the output of phpinfo(), or check your php.ini file to see if the directive register_globals has a value of ON or OFF. This is more than likely the problem I think. Also check the same value on your local machine. Justin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions
-Original Message- From: John W. Holmes [mailto:[EMAIL PROTECTED]] Sent: 21 January 2003 10:20 Wasn't it 4.1.2 that had broken sessions? I remember one version that came out that was just broke and you had to do a bunch of workarounds to get things to work normally. Was that it? Yes, I believe you're right -- but on Windows only. Sessions in that specific version of PHP were accidentally read-only -- so you could appear to set values in the session, but they'd never show up in subsequent pages...! Bug reports http://bugs.php.net/bug.php?id=16043, http://bugs.php.net/bug.php?id=16102 and http://bugs.php.net/bug.php?id=16202 are relevant. Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP Sessions
Sorry I'm a bit late in on this thread but I know there is a problem with sessions with 4.1.2 with IIS 5 over Win2K... is that your platform? I encountered it a while back and there is a hack/workaround which I can dig up if you need it... HTH Rich -Original Message- From: Tim Thorburn [mailto:[EMAIL PROTECTED]] Sent: 21 January 2003 10:26 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [PHP] PHP Sessions There is some discussion as to whether my globals are on or not ... I am using session_register to name my sessions, and then the global command later on on the individual pages to remember which session it is we're looking for. It would be simply priceless if sessions were broken in 4.1.2 - and make much sense in the long run. Thanks -Tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Sessions
Ok, here's the sample code I found in one of my PHP books - it doesn't work
exactly like my original script for checking passwords, but it does a close
enough job to let me know that the sessions aren't staying registered.
I could ask my host if anyone else has had problems, but that would mean
being able to get them on the phone, find someone who speaks English, and
then hope that person has any kind of experience with Linux/PHP - which I'm
quickly finding does not exist.
As it is a shared hosting situation, and I have no shell access (through
telnet or SSH), I cannot check the php.ini file to see.
authmain.php
?
session_start();
if ($userid $password)
{
// if the user has just tried to log in
$db_conn = mysql_connect(localhost, login, passWord);
mysql_select_db(databaseName, $db_conn);
$query = SELECT * FROM userlogin WHERE user='$userid' AND
passwd=password('$password');
$result = mysql_query($query, $db_conn);
if (mysql_num_rows($result) 0)
{
// if they are in the database register the user id
$valid_user = $userid;
session_register(valid_user);
}
}
?
html
head
titleTest Sessions/title
meta http-equiv=Content-Type content=text/html; charset=iso-8859-1
/head
body
?
if (session_is_registered(valid_user))
{
echo You are logged in as: $valid_user bra
href=\logout.php\Log out/abr;
}
else
{
if (isset($userid))
{
// if they've tried and failed to log in
echo Could not log you in;
}
else
{
// they have not tried to log in yet or have
logged out
echo You are not logged in.br;
}
// provide form to log in
echo form method=post action=\authmain.php\;
echo table;
echo trtdUserid:/td;
echo tdinput type=text name=userid/td/tr;
echo trtdPassword:/td;
echo tdinput type=password name=password/td/tr;
echo trtd colspan=2 align=center;
echo input type=submit value=\log in\/td/tr;
echo /table/form;
}
?
br
a href=members_only.phpMembers section/a
/body
/html
members_only.php
?
global $userid;
session_start();
echo h1Members only/h1;
// check session variable
if (session_is_registered(valid_user))
{
echo pYou are logged in as $valid_user./p;
echo pMembers only content goes here/p;
}
else
{
echo pYou are not logged in./p;
echo pOnly logged in members may see this page./p;
}
echo a href=\authmain.php\Back to main page/a;
?
At 06:29 PM 1/21/2003 +0800, Jason Wong wrote:
On Tuesday 21 January 2003 17:59, Tim Thorburn wrote:
Yes, the examples from the manual do work on the server using PHP 4.2.2 -
however they do not work on the server using PHP 4.1.2.
I've been using this same script for many sites with PHP versions 4.0.6
thru 4.2.2 with no problems until now which leads me to believe that I must
attempt to change a PHP setting through .htaccess since it is hosted on a
shared server.
I've tried the example from the manual on several other sites - works
everywhere but on this problem server.
It's time to see some code :)
Does sessions work at all for the other people on your shared server? Ask
your
host whether anybody else has complained.
PHP 4.1.2 (doesn't work)
'--enable-mm=shared'
Would this have anything to do with it? Apparently there could be problems
with storing sessions in mm:
http://marc.theaimsgroup.com/?l=php-generalm=104311365417871w=2
Check in php.ini whether sessions are file based or using mm.
--
Jason Wong - Gremlins Associates - www.gremlins.biz
Open Source Software Systems Integrators
* Web Design Hosting * Internet Intranet Applications Development *
/*
Goals... Plans... they're fantasies, they're part of a dream world...
-- Wally Shawn
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
