RE: [PHP] Session Initially Does Work
> There is a session problem with 4.1 > > If register_globals is ON, then use session_register(). > > If it's off, then use $_SESSION["name"] = "value"; and the value will > automatically be registered. What kind of session problem? I currently have register_globals set to on. I am already using session_register(). > > Hi. I've run into a problem with my PHP session. I'm running PHP > > 4.1.0 on OpenBSD v3.0 using .HTACCESS and mod_mysql. I have > a PHP file > > that > > is referenced every time content is requested on the web site (this > file > > also sets/restores the session). This PHP file includes [include()] > the > > requested content within. When my session is created I register 6 > > variables. > > The problem comes into play when you want to access one of the 6 > > registered > > variables on the initial page (after the user logs in). For some > reason > > the > > registered variables are not recognized. I'm accessing the register > > variables using > > $_SESSION[variable_name]. I've also assigned values to these > variables. > > The > > funny thing about the whole issue is if you reload/refresh > the page or > > load > > something else after the initial page everything works > fine. I require > > this > > to work initially because if someone comes in directly using a link > > certain > > content will render a error message because the registered > variable is > not > > present for some reason. Oh and yes the cookie to set the session is > being > > put on the client's machine properly and at the initial page. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
There is a session problem with 4.1 If register_globals is ON, then use session_register(). If it's off, then use $_SESSION["name"] = "value"; and the value will automatically be registered. ---John Holmes... > -Original Message- > From: Adam Douglas [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, May 01, 2002 1:15 PM > To: PHP-General (mailing list) (E-mail) > Subject: [PHP] Session Initially Does Work > > Hi. I've run into a problem with my PHP session. I'm running PHP > 4.1.0 on OpenBSD v3.0 using .HTACCESS and mod_mysql. I have a PHP file > that > is referenced every time content is requested on the web site (this file > also sets/restores the session). This PHP file includes [include()] the > requested content within. When my session is created I register 6 > variables. > The problem comes into play when you want to access one of the 6 > registered > variables on the initial page (after the user logs in). For some reason > the > registered variables are not recognized. I'm accessing the register > variables using > $_SESSION[variable_name]. I've also assigned values to these variables. > The > funny thing about the whole issue is if you reload/refresh the page or > load > something else after the initial page everything works fine. I require > this > to work initially because if someone comes in directly using a link > certain > content will render a error message because the registered variable is not > present for some reason. Oh and yes the cookie to set the session is being > put on the client's machine properly and at the initial page. > > Am I doing something wrong? Any suggestions would be greatly appreciated! > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
> Alright that's good to hear. In a specific case that I'm having > this problem > the main PHP file is including file (content) that refers to > $_SESSION[nSID_PeopleID] in main. This value is vital in > rendering the page. > So it should be there right? Also about removing session_name(), how can I > do this. It was my understanding that you must call session_name before > session_start() and session_register(). Is this not correct? Ahhh, so that's your problem thenthe include isn't getting the session id. I've never used an include with a session setup before but I would see the easiest thing to do be have the include first echo the session id number and see if it is actually getting passed or not on the first call echo session_id(); if that returns nothing for you then the next step might be to assign a temporary variable in your main script $sess_id = session_id(); and then set that session id in the include file directly session_id($sess_id); This is all uncharted waters for me, I usually don't use includes and functions together so I've never had to deal with such an issue. As far as the session name goesyou actually don't need to specify oneby default the session name is PHPSESSION and really unless you have a real reason for using a different session name there is no real benefit to specifying another session name (afaik). Sincerely, Craig Vincent -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
> That's correct, although the cookie will remain resident it
> requires an
> inital page change/refresh. However after looking at your
> code I'm not
> convinced that is the problem since the first page of a
> session creation
> should still be usable with the session as the session ID is
> still resident
> in memory. Have you tried running the page w/o the use of
> session_name()?
Alright that's good to hear. In a specific case that I'm having this problem
the main PHP file is including file (content) that refers to
$_SESSION[nSID_PeopleID] in main. This value is vital in rendering the page.
So it should be there right? Also about removing session_name(), how can I
do this. It was my understanding that you must call session_name before
session_start() and session_register(). Is this not correct?
> Also as an FYI $REMOTE_USER is an unsecure variable to use for checking
> authentication. Basically because a url parameter will overwrite the
> original $REMOTE_USER.
>
> easiest method (for me anyways) is:
>
> $REMOTE_USER = getenv('REMOTE_USER');
Yes I've never felt good about using REMOTE_USER. I will implement that idea
right now, thanks!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
> Well the cookie is set at the start of the PHP file that gets referenced
> each time. I'm not setting any manual cookies just using the
> default session
> cookie set by PHP. Below is all the code I use for the session. Formatting
> is kind of goofed up in e-mail but it's there. So even though the
> cookie is
> placed in the client's browser it's not used/session is not used or
> recognized until you refresh/reload or go to another page??
That's correct, although the cookie will remain resident it requires an
inital page change/refresh. However after looking at your code I'm not
convinced that is the problem since the first page of a session creation
should still be usable with the session as the session ID is still resident
in memory. Have you tried running the page w/o the use of session_name()?
Also as an FYI $REMOTE_USER is an unsecure variable to use for checking
authentication. Basically because a url parameter will overwrite the
original $REMOTE_USER.
Example say I log into : www.foobar.com/members/index.php with the username
of apollo.
Typically the script would consider $REMOTE_USER = 'Apollo'
However if I changed the link to
www.foobar.com/members/index.php?REMOTE_USER=admin
Now I still have access via basic authentication but now PHP considered
$REMOTE_USER = 'admin' ...or any other username for that matter.
To avoid this at the beginning of the page make sure you force $REMOTE_USER
to equal the apache authentication username
easiest method (for me anyways) is:
$REMOTE_USER = getenv('REMOTE_USER');
Sincerely,
Craig Vincent
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
> > something else after the initial page everything works fine. I
> > require this
> > to work initially because if someone comes in directly using a
> > link certain
> > content will render a error message because the registered
> variable is not
> > present for some reason. Oh and yes the cookie to set the
> session is being
> > put on the client's machine properly and at the initial page.
> When do you set the session cookie? Keep in mind cookies
> don't not function
> in the same call they are created so say you create the
> cookie on page
> A, until the user refreshes page A or goes to page B the cookie won't
> actually be in effect.
Well the cookie is set at the start of the PHP file that gets referenced
each time. I'm not setting any manual cookies just using the default session
cookie set by PHP. Below is all the code I use for the session. Formatting
is kind of goofed up in e-mail but it's there. So even though the cookie is
placed in the client's browser it's not used/session is not used or
recognized until you refresh/reload or go to another page??
-- Code Snippet --
session_name("sid");
$nSession = session_start();
if(isset($REMOTE_USER))
{
if(!$nSID_PeopleID)
{
$szQuery = "SELECT WebAccounts.People_ID,
WebAccounts.Security_Level, People.Status_Type_ID, Company.Company_Status_ID
FROM WebAccounts, People, Company
WHERE WebAccounts.People_ID=People.People_ID AND
People.Company_ID=Company.Company_ID AND User_Name='$REMOTE_USER'";
$szDBConn =
mysql_connect("server_address","user_name","password") or die("could not
connect to server for security authentication.");
mysql_select_db("venmar", $szDBConn) or die("could
not connect to venmar for security // authentication.");
$saResults = mysql_query($szQuery, $szDBConn) or die
("could not query venmar for security authentication.");
$obResults = mysql_fetch_row($saResults);
$nSID_PeopleID = $obResults[0]; $nSID_SecurityLevel
= $obResults[1];$nSID_PeopleStatus = $obResults[2];
$nSID_CompanyStatus = $obResults[3];
$szQuery1 = "SELECT PeopleMailing.Country_ID FROM
PeopleMailing, WebAccounts WHERE
WebAccounts.People_ID=PeopleMailing.People_ID AND
WebAccounts.User_Name='$REMOTE_USER'";
$dbConnection = mysql_connect("server_address",
"user_name", "password") or die("could not connect to server for security
authentication.");
mysql_select_db("venmar", $szDBConn) or die("could
not connect to venmar for security authentication.");
$saResults1 = mysql_query($szQuery1, $szDBConn) or
die ("could not query venmar for security authentication.");
$obResults1 = mysql_fetch_row($saResults1);
$nSID_Country = $obResults1[0];
if(!$obResults1[0])
{
$szQuery1 = "SELECT Company.Country_ID FROM
Company, WebAccounts, People WHERE WebAccounts.People_ID=People.People_ID
AND People.Company_ID=Company.Company_ID AND
WebAccounts.User_Name='$REMOTE_USER'";
$saResults1 = mysql_query($szQuery1,
$szDBConn) or die ("could not query venmar for security authentication
(24).");
$obResults1 = mysql_fetch_row($saResults1);
$nSID_Country = $obResults1[0];
}
mysql_close();
if($obResults[2] == 1 && $obResults[3] == 1)
{
if($nSession == 1)
{
session_register("nSession");
session_register("nSID_PeopleID");
session_register("nSID_SecurityLevel");
session_register("nSID_PeopleStatus");
session_register("nSID_CompanyStatus");
session_register("nSID_Country");
$szQuery = "SELECT First_Login,
Last_Login, Creation_Date FROM WebAccounts WHERE User_Name='$REMOTE_USER'";
$dbConnection =
mysql_connect("server_address", "user_name", "password") or die("could not
connect to server for security authentication.");
mysql_select_db("venmar",
$dbConnection) or die("could not connect to venmar for security
authentication.");
$saResults = mysql_query($szQuery,
$dbConnection) or die ("could not query venmar for security
authentication.");
$obResults =
mysql_fetch_row($saResults);
if($obResults[0] == 00)
RE: [PHP] Session Initially Does Work
I already have this setup. The session works just not on the initial page after login. > Add > > At the top of each page, before anything else is done. > > -Original Message- > From: Adam Douglas [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, May 01, 2002 3:15 PM > To: PHP-General (mailing list) (E-mail) > Subject: [PHP] Session Initially Does Work > > > Hi. I've run into a problem with my PHP session. I'm running PHP > 4.1.0 on OpenBSD v3.0 using .HTACCESS and mod_mysql. I have a > PHP file that > is referenced every time content is requested on the web site > (this file > also sets/restores the session). This PHP file includes > [include()] the > requested content within. When my session is created I > register 6 variables. > The problem comes into play when you want to access one of > the 6 registered > variables on the initial page (after the user logs in). For > some reason the > registered variables are not recognized. I'm accessing the register > variables using > $_SESSION[variable_name]. I've also assigned values to these > variables. The > funny thing about the whole issue is if you reload/refresh > the page or load > something else after the initial page everything works fine. > I require this > to work initially because if someone comes in directly using > a link certain > content will render a error message because the registered > variable is not > present for some reason. Oh and yes the cookie to set the > session is being > put on the client's machine properly and at the initial page. > > Am I doing something wrong? Any suggestions would be greatly > appreciated! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
> something else after the initial page everything works fine. I > require this > to work initially because if someone comes in directly using a > link certain > content will render a error message because the registered variable is not > present for some reason. Oh and yes the cookie to set the session is being > put on the client's machine properly and at the initial page. > > Am I doing something wrong? Any suggestions would be greatly appreciated! When do you set the session cookie? Keep in mind cookies don't not function in the same call they are created so say you create the cookie on page A, until the user refreshes page A or goes to page B the cookie won't actually be in effect. A snippet of your code would be helpful as well Sincerely, Craig Vincent -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
Add At the top of each page, before anything else is done. Jay -Original Message- From: Adam Douglas [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 3:15 PM To: PHP-General (mailing list) (E-mail) Subject: [PHP] Session Initially Does Work Hi. I've run into a problem with my PHP session. I'm running PHP 4.1.0 on OpenBSD v3.0 using .HTACCESS and mod_mysql. I have a PHP file that is referenced every time content is requested on the web site (this file also sets/restores the session). This PHP file includes [include()] the requested content within. When my session is created I register 6 variables. The problem comes into play when you want to access one of the 6 registered variables on the initial page (after the user logs in). For some reason the registered variables are not recognized. I'm accessing the register variables using $_SESSION[variable_name]. I've also assigned values to these variables. The funny thing about the whole issue is if you reload/refresh the page or load something else after the initial page everything works fine. I require this to work initially because if someone comes in directly using a link certain content will render a error message because the registered variable is not present for some reason. Oh and yes the cookie to set the session is being put on the client's machine properly and at the initial page. Am I doing something wrong? Any suggestions would be greatly appreciated! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Session Initially Does Work
Hi. I've run into a problem with my PHP session. I'm running PHP 4.1.0 on OpenBSD v3.0 using .HTACCESS and mod_mysql. I have a PHP file that is referenced every time content is requested on the web site (this file also sets/restores the session). This PHP file includes [include()] the requested content within. When my session is created I register 6 variables. The problem comes into play when you want to access one of the 6 registered variables on the initial page (after the user logs in). For some reason the registered variables are not recognized. I'm accessing the register variables using $_SESSION[variable_name]. I've also assigned values to these variables. The funny thing about the whole issue is if you reload/refresh the page or load something else after the initial page everything works fine. I require this to work initially because if someone comes in directly using a link certain content will render a error message because the registered variable is not present for some reason. Oh and yes the cookie to set the session is being put on the client's machine properly and at the initial page. Am I doing something wrong? Any suggestions would be greatly appreciated! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
