RE: [PHP] Session Initially Does Work
> There is a session problem with 4.1 > > If register_globals is ON, then use session_register(). > > If it's off, then use $_SESSION["name"] = "value"; and the value will > automatically be registered. What kind of session problem? I currently have register_globals set to on. I am already using session_register(). > > Hi. I've run into a problem with my PHP session. I'm running PHP > > 4.1.0 on OpenBSD v3.0 using .HTACCESS and mod_mysql. I have > a PHP file > > that > > is referenced every time content is requested on the web site (this > file > > also sets/restores the session). This PHP file includes [include()] > the > > requested content within. When my session is created I register 6 > > variables. > > The problem comes into play when you want to access one of the 6 > > registered > > variables on the initial page (after the user logs in). For some > reason > > the > > registered variables are not recognized. I'm accessing the register > > variables using > > $_SESSION[variable_name]. I've also assigned values to these > variables. > > The > > funny thing about the whole issue is if you reload/refresh > the page or > > load > > something else after the initial page everything works > fine. I require > > this > > to work initially because if someone comes in directly using a link > > certain > > content will render a error message because the registered > variable is > not > > present for some reason. Oh and yes the cookie to set the session is > being > > put on the client's machine properly and at the initial page. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
There is a session problem with 4.1 If register_globals is ON, then use session_register(). If it's off, then use $_SESSION["name"] = "value"; and the value will automatically be registered. ---John Holmes... > -Original Message- > From: Adam Douglas [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, May 01, 2002 1:15 PM > To: PHP-General (mailing list) (E-mail) > Subject: [PHP] Session Initially Does Work > > Hi. I've run into a problem with my PHP session. I'm running PHP > 4.1.0 on OpenBSD v3.0 using .HTACCESS and mod_mysql. I have a PHP file > that > is referenced every time content is requested on the web site (this file > also sets/restores the session). This PHP file includes [include()] the > requested content within. When my session is created I register 6 > variables. > The problem comes into play when you want to access one of the 6 > registered > variables on the initial page (after the user logs in). For some reason > the > registered variables are not recognized. I'm accessing the register > variables using > $_SESSION[variable_name]. I've also assigned values to these variables. > The > funny thing about the whole issue is if you reload/refresh the page or > load > something else after the initial page everything works fine. I require > this > to work initially because if someone comes in directly using a link > certain > content will render a error message because the registered variable is not > present for some reason. Oh and yes the cookie to set the session is being > put on the client's machine properly and at the initial page. > > Am I doing something wrong? Any suggestions would be greatly appreciated! > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
> Alright that's good to hear. In a specific case that I'm having > this problem > the main PHP file is including file (content) that refers to > $_SESSION[nSID_PeopleID] in main. This value is vital in > rendering the page. > So it should be there right? Also about removing session_name(), how can I > do this. It was my understanding that you must call session_name before > session_start() and session_register(). Is this not correct? Ahhh, so that's your problem thenthe include isn't getting the session id. I've never used an include with a session setup before but I would see the easiest thing to do be have the include first echo the session id number and see if it is actually getting passed or not on the first call echo session_id(); if that returns nothing for you then the next step might be to assign a temporary variable in your main script $sess_id = session_id(); and then set that session id in the include file directly session_id($sess_id); This is all uncharted waters for me, I usually don't use includes and functions together so I've never had to deal with such an issue. As far as the session name goesyou actually don't need to specify oneby default the session name is PHPSESSION and really unless you have a real reason for using a different session name there is no real benefit to specifying another session name (afaik). Sincerely, Craig Vincent -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
> That's correct, although the cookie will remain resident it > requires an > inital page change/refresh. However after looking at your > code I'm not > convinced that is the problem since the first page of a > session creation > should still be usable with the session as the session ID is > still resident > in memory. Have you tried running the page w/o the use of > session_name()? Alright that's good to hear. In a specific case that I'm having this problem the main PHP file is including file (content) that refers to $_SESSION[nSID_PeopleID] in main. This value is vital in rendering the page. So it should be there right? Also about removing session_name(), how can I do this. It was my understanding that you must call session_name before session_start() and session_register(). Is this not correct? > Also as an FYI $REMOTE_USER is an unsecure variable to use for checking > authentication. Basically because a url parameter will overwrite the > original $REMOTE_USER. > > easiest method (for me anyways) is: > > $REMOTE_USER = getenv('REMOTE_USER'); Yes I've never felt good about using REMOTE_USER. I will implement that idea right now, thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
> Well the cookie is set at the start of the PHP file that gets referenced > each time. I'm not setting any manual cookies just using the > default session > cookie set by PHP. Below is all the code I use for the session. Formatting > is kind of goofed up in e-mail but it's there. So even though the > cookie is > placed in the client's browser it's not used/session is not used or > recognized until you refresh/reload or go to another page?? That's correct, although the cookie will remain resident it requires an inital page change/refresh. However after looking at your code I'm not convinced that is the problem since the first page of a session creation should still be usable with the session as the session ID is still resident in memory. Have you tried running the page w/o the use of session_name()? Also as an FYI $REMOTE_USER is an unsecure variable to use for checking authentication. Basically because a url parameter will overwrite the original $REMOTE_USER. Example say I log into : www.foobar.com/members/index.php with the username of apollo. Typically the script would consider $REMOTE_USER = 'Apollo' However if I changed the link to www.foobar.com/members/index.php?REMOTE_USER=admin Now I still have access via basic authentication but now PHP considered $REMOTE_USER = 'admin' ...or any other username for that matter. To avoid this at the beginning of the page make sure you force $REMOTE_USER to equal the apache authentication username easiest method (for me anyways) is: $REMOTE_USER = getenv('REMOTE_USER'); Sincerely, Craig Vincent -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
> > something else after the initial page everything works fine. I > > require this > > to work initially because if someone comes in directly using a > > link certain > > content will render a error message because the registered > variable is not > > present for some reason. Oh and yes the cookie to set the > session is being > > put on the client's machine properly and at the initial page. > When do you set the session cookie? Keep in mind cookies > don't not function > in the same call they are created so say you create the > cookie on page > A, until the user refreshes page A or goes to page B the cookie won't > actually be in effect. Well the cookie is set at the start of the PHP file that gets referenced each time. I'm not setting any manual cookies just using the default session cookie set by PHP. Below is all the code I use for the session. Formatting is kind of goofed up in e-mail but it's there. So even though the cookie is placed in the client's browser it's not used/session is not used or recognized until you refresh/reload or go to another page?? -- Code Snippet -- session_name("sid"); $nSession = session_start(); if(isset($REMOTE_USER)) { if(!$nSID_PeopleID) { $szQuery = "SELECT WebAccounts.People_ID, WebAccounts.Security_Level, People.Status_Type_ID, Company.Company_Status_ID FROM WebAccounts, People, Company WHERE WebAccounts.People_ID=People.People_ID AND People.Company_ID=Company.Company_ID AND User_Name='$REMOTE_USER'"; $szDBConn = mysql_connect("server_address","user_name","password") or die("could not connect to server for security authentication."); mysql_select_db("venmar", $szDBConn) or die("could not connect to venmar for security // authentication."); $saResults = mysql_query($szQuery, $szDBConn) or die ("could not query venmar for security authentication."); $obResults = mysql_fetch_row($saResults); $nSID_PeopleID = $obResults[0]; $nSID_SecurityLevel = $obResults[1];$nSID_PeopleStatus = $obResults[2]; $nSID_CompanyStatus = $obResults[3]; $szQuery1 = "SELECT PeopleMailing.Country_ID FROM PeopleMailing, WebAccounts WHERE WebAccounts.People_ID=PeopleMailing.People_ID AND WebAccounts.User_Name='$REMOTE_USER'"; $dbConnection = mysql_connect("server_address", "user_name", "password") or die("could not connect to server for security authentication."); mysql_select_db("venmar", $szDBConn) or die("could not connect to venmar for security authentication."); $saResults1 = mysql_query($szQuery1, $szDBConn) or die ("could not query venmar for security authentication."); $obResults1 = mysql_fetch_row($saResults1); $nSID_Country = $obResults1[0]; if(!$obResults1[0]) { $szQuery1 = "SELECT Company.Country_ID FROM Company, WebAccounts, People WHERE WebAccounts.People_ID=People.People_ID AND People.Company_ID=Company.Company_ID AND WebAccounts.User_Name='$REMOTE_USER'"; $saResults1 = mysql_query($szQuery1, $szDBConn) or die ("could not query venmar for security authentication (24)."); $obResults1 = mysql_fetch_row($saResults1); $nSID_Country = $obResults1[0]; } mysql_close(); if($obResults[2] == 1 && $obResults[3] == 1) { if($nSession == 1) { session_register("nSession"); session_register("nSID_PeopleID"); session_register("nSID_SecurityLevel"); session_register("nSID_PeopleStatus"); session_register("nSID_CompanyStatus"); session_register("nSID_Country"); $szQuery = "SELECT First_Login, Last_Login, Creation_Date FROM WebAccounts WHERE User_Name='$REMOTE_USER'"; $dbConnection = mysql_connect("server_address", "user_name", "password") or die("could not connect to server for security authentication."); mysql_select_db("venmar", $dbConnection) or die("could not connect to venmar for security authentication."); $saResults = mysql_query($szQuery, $dbConnection) or die ("could not query venmar for security authentication."); $obResults = mysql_fetch_row($saResults); if($obResults[0] == 00)
RE: [PHP] Session Initially Does Work
I already have this setup. The session works just not on the initial page after login. > Add > > At the top of each page, before anything else is done. > > -Original Message- > From: Adam Douglas [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, May 01, 2002 3:15 PM > To: PHP-General (mailing list) (E-mail) > Subject: [PHP] Session Initially Does Work > > > Hi. I've run into a problem with my PHP session. I'm running PHP > 4.1.0 on OpenBSD v3.0 using .HTACCESS and mod_mysql. I have a > PHP file that > is referenced every time content is requested on the web site > (this file > also sets/restores the session). This PHP file includes > [include()] the > requested content within. When my session is created I > register 6 variables. > The problem comes into play when you want to access one of > the 6 registered > variables on the initial page (after the user logs in). For > some reason the > registered variables are not recognized. I'm accessing the register > variables using > $_SESSION[variable_name]. I've also assigned values to these > variables. The > funny thing about the whole issue is if you reload/refresh > the page or load > something else after the initial page everything works fine. > I require this > to work initially because if someone comes in directly using > a link certain > content will render a error message because the registered > variable is not > present for some reason. Oh and yes the cookie to set the > session is being > put on the client's machine properly and at the initial page. > > Am I doing something wrong? Any suggestions would be greatly > appreciated! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
> something else after the initial page everything works fine. I > require this > to work initially because if someone comes in directly using a > link certain > content will render a error message because the registered variable is not > present for some reason. Oh and yes the cookie to set the session is being > put on the client's machine properly and at the initial page. > > Am I doing something wrong? Any suggestions would be greatly appreciated! When do you set the session cookie? Keep in mind cookies don't not function in the same call they are created so say you create the cookie on page A, until the user refreshes page A or goes to page B the cookie won't actually be in effect. A snippet of your code would be helpful as well Sincerely, Craig Vincent -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Initially Does Work
Add At the top of each page, before anything else is done. Jay -Original Message- From: Adam Douglas [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 3:15 PM To: PHP-General (mailing list) (E-mail) Subject: [PHP] Session Initially Does Work Hi. I've run into a problem with my PHP session. I'm running PHP 4.1.0 on OpenBSD v3.0 using .HTACCESS and mod_mysql. I have a PHP file that is referenced every time content is requested on the web site (this file also sets/restores the session). This PHP file includes [include()] the requested content within. When my session is created I register 6 variables. The problem comes into play when you want to access one of the 6 registered variables on the initial page (after the user logs in). For some reason the registered variables are not recognized. I'm accessing the register variables using $_SESSION[variable_name]. I've also assigned values to these variables. The funny thing about the whole issue is if you reload/refresh the page or load something else after the initial page everything works fine. I require this to work initially because if someone comes in directly using a link certain content will render a error message because the registered variable is not present for some reason. Oh and yes the cookie to set the session is being put on the client's machine properly and at the initial page. Am I doing something wrong? Any suggestions would be greatly appreciated! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Session Initially Does Work
Hi. I've run into a problem with my PHP session. I'm running PHP 4.1.0 on OpenBSD v3.0 using .HTACCESS and mod_mysql. I have a PHP file that is referenced every time content is requested on the web site (this file also sets/restores the session). This PHP file includes [include()] the requested content within. When my session is created I register 6 variables. The problem comes into play when you want to access one of the 6 registered variables on the initial page (after the user logs in). For some reason the registered variables are not recognized. I'm accessing the register variables using $_SESSION[variable_name]. I've also assigned values to these variables. The funny thing about the whole issue is if you reload/refresh the page or load something else after the initial page everything works fine. I require this to work initially because if someone comes in directly using a link certain content will render a error message because the registered variable is not present for some reason. Oh and yes the cookie to set the session is being put on the client's machine properly and at the initial page. Am I doing something wrong? Any suggestions would be greatly appreciated! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php