Re: [PHP] Session Vars not staying active
On Aug 3, 2013 3:03 PM, dealTek deal...@gmail.com wrote: Hi all, I am having trouble with session vars. I'm trying to implement the credit card direct pay method outlined here... http://developer.authorize.net/api/dpm/ - Basically, page 1 is my form that goes outside my site to the cc gateway company then comes back with a result... (PG2) Problem: if I try to create session vars on page 1 - they don't work on page 2. Am I correct in thinking that when this process leaves my site and goes to the gateway, then returns, it is similar to creating a new session and that is why the session vars don't remain active? Thanks in advance. Are you calling session_start() on both pages or at least using a session auto start? Also, is the API returning the data by redirecting the client (browser) or doing a postback? If the remote server is calling back behind the scenes, then you'll need a workaround and additional processing, or the ability to pass the session ID and assume the client-initiated session (not ideal). If it's all processed by the browser, the redirection should have no bearing, as the session will persist based upon the server-side data and the client-side cookie; the server will have no knowledge of the client's redirection to the payment gateway (nor any remote destination).
Re: [PHP] Session variable not persisting
On Mon, Mar 18, 2013 at 7:46 PM, Éric Oliver Paquette eopaque...@gmail.comwrote: Hi all, I'll be swift in my explanation as I can't find in any way the source of the problem; it seems to be installation-related. At execution, sometimes (randomly it seems at first), variable session aren't properly stored. In fact, when I run this on my server I randomly have empty entries in the $_SESSION array. Any thoughts on this? Is this a known bug (haven't found it…) Thanks! What does phpinfo() show about session stuff? Especially things like save_handler and cookie_lifetime settings. - Matijn
Re: [PHP] Session variable not persisting
On Mon, Mar 18, 2013 at 7:46 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: Hi all, I'll be swift in my explanation as I can't find in any way the source of the problem; it seems to be installation-related. At execution, sometimes (randomly it seems at first), variable session aren't properly stored. In fact, when I run this on my server I randomly have empty entries in the $_SESSION array. Any thoughts on this? Is this a known bug (haven't found it…) Thanks! What does phpinfo() show about session stuff? Especially things like save_handler and cookie_lifetime settings. Note that this seems to occur 3 times out of 1000 on average. Now, about your request : session Session Support enabled Registered save handlersfiles user Registered serializer handlers php php_binary wddx Directive Local Value Master Value session.auto_start Off Off session.bug_compat_42 Off Off session.bug_compat_warn Off Off session.cache_expire180 180 session.cache_limiter nocache nocache session.cookie_domain no valueno value session.cookie_httponly Off Off session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_fileno valueno value session.entropy_length 0 0 session.gc_divisor 10001000 session.gc_maxlifetime 14401440 session.gc_probability 1 1 session.hash_bits_per_character 5 5 session.hash_function 0 0 session.namePHPSESSID PHPSESSID session.referer_check no valueno value session.save_handlerfiles files session.save_path /var/lib/php/session/var/lib/php/session session.serialize_handler php php session.use_cookies On On session.use_only_cookiesOn On session.use_trans_sid 0 0 __ Éric
Re: [PHP] Session variable not persisting
On Mon, Mar 18, 2013 at 8:13 PM, Éric Oliver Paquette eopaque...@gmail.comwrote: On Mon, Mar 18, 2013 at 7:46 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: Hi all, I'll be swift in my explanation as I can't find in any way the source of the problem; it seems to be installation-related. At execution, sometimes (randomly it seems at first), variable session aren't properly stored. In fact, when I run this on my server I randomly have empty entries in the $_SESSION array. Any thoughts on this? Is this a known bug (haven't found it…) Thanks! What does phpinfo() show about session stuff? Especially things like save_handler and cookie_lifetime settings. Note that this seems to occur 3 times out of 1000 on average. Now, about your request : session Session Support enabled Registered save handlers files user Registered serializer handlers php php_binary wddx Directive Local Value Master Value session.auto_start Off Off session.bug_compat_42 Off Off session.bug_compat_warn Off Off session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no value no value session.cookie_httponly Off Off session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_file no value no value session.entropy_length 0 0 session.gc_divisor 1000 1000 session.gc_maxlifetime 1440 1440 session.gc_probability 1 1 session.hash_bits_per_character 5 5 session.hash_function 0 0 session.name PHPSESSID PHPSESSID session.referer_check no value no value session.save_handler files files session.save_path /var/lib/php/session /var/lib/php/session session.serialize_handler php php session.use_cookies On On session.use_only_cookies On On session.use_trans_sid 0 0 Your settings seem to be fine. My best guess would be hardware failure, though it seems unlikely. Did you check apache (or whatever webserver you're using) logs for any errors or warnings? - Matijn
Re: [PHP] Session variable not persisting
Le 2013-03-18 à 15:20, Matijn Woudt a écrit : On Mon, Mar 18, 2013 at 8:13 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: On Mon, Mar 18, 2013 at 7:46 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: Hi all, I'll be swift in my explanation as I can't find in any way the source of the problem; it seems to be installation-related. At execution, sometimes (randomly it seems at first), variable session aren't properly stored. In fact, when I run this on my server I randomly have empty entries in the $_SESSION array. Any thoughts on this? Is this a known bug (haven't found it…) Thanks! What does phpinfo() show about session stuff? Especially things like save_handler and cookie_lifetime settings. Note that this seems to occur 3 times out of 1000 on average. Now, about your request : session Session Support enabled Registered save handlers files user Registered serializer handlersphp php_binary wddx Directive Local Value Master Value session.auto_startOff Off session.bug_compat_42 Off Off session.bug_compat_warn Off Off session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no valueno value session.cookie_httponly Off Off session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_file no valueno value session.entropy_length0 0 session.gc_divisor10001000 session.gc_maxlifetime14401440 session.gc_probability1 1 session.hash_bits_per_character 5 5 session.hash_function 0 0 session.name PHPSESSID PHPSESSID session.referer_check no valueno value session.save_handler files files session.save_path /var/lib/php/session/var/lib/php/session session.serialize_handler php php session.use_cookies On On session.use_only_cookies On On session.use_trans_sid 0 0 Your settings seem to be fine. My best guess would be hardware failure, though it seems unlikely. Did you check apache (or whatever webserver you're using) logs for any errors or warnings? Yes I did. Everyhting seems normal there too.
Re: [PHP] Session variable not persisting
Le 2013-03-18 à 15:24, Éric Oliver Paquette a écrit : Le 2013-03-18 à 15:20, Matijn Woudt a écrit : On Mon, Mar 18, 2013 at 8:13 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: On Mon, Mar 18, 2013 at 7:46 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: Hi all, I'll be swift in my explanation as I can't find in any way the source of the problem; it seems to be installation-related. At execution, sometimes (randomly it seems at first), variable session aren't properly stored. In fact, when I run this on my server I randomly have empty entries in the $_SESSION array. Any thoughts on this? Is this a known bug (haven't found it…) Thanks! What does phpinfo() show about session stuff? Especially things like save_handler and cookie_lifetime settings. Note that this seems to occur 3 times out of 1000 on average. Now, about your request : session Session Support enabled Registered save handlers files user Registered serializer handlers php php_binary wddx DirectiveLocal Value Master Value session.auto_start Off Off session.bug_compat_42Off Off session.bug_compat_warn Off Off session.cache_expire 180 180 session.cache_limiternocache nocache session.cookie_domainno valueno value session.cookie_httponly Off Off session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secureOff Off session.entropy_file no valueno value session.entropy_length 0 0 session.gc_divisor 10001000 session.gc_maxlifetime 14401440 session.gc_probability 1 1 session.hash_bits_per_character 5 5 session.hash_function0 0 session.name PHPSESSID PHPSESSID session.referer_checkno valueno value session.save_handler files files session.save_path/var/lib/php/session/var/lib/php/session session.serialize_handlerphp php session.use_cookies On On session.use_only_cookies On On session.use_trans_sid0 0 Your settings seem to be fine. My best guess would be hardware failure, though it seems unlikely. Did you check apache (or whatever webserver you're using) logs for any errors or warnings? Yes I did. Everyhting seems normal there too. Hm… Just noticed something new in fact; was looking a last time before considering reinstallation on a new server: it seems that the $_GET['push'] is undefined. In the other scripts I use where I have this problem, I'm using $_POST variables though but still don't get stored in $_SESSION. If I'm correct, this may implies that it is apache that is faulty right?
Re: [PHP] Session variable not persisting
On Mon, Mar 18, 2013 at 8:35 PM, Éric Oliver Paquette eopaque...@gmail.comwrote: Le 2013-03-18 à 15:24, Éric Oliver Paquette a écrit : Le 2013-03-18 à 15:20, Matijn Woudt a écrit : On Mon, Mar 18, 2013 at 8:13 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: On Mon, Mar 18, 2013 at 7:46 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: Hi all, I'll be swift in my explanation as I can't find in any way the source of the problem; it seems to be installation-related. At execution, sometimes (randomly it seems at first), variable session aren't properly stored. In fact, when I run this on my server I randomly have empty entries in the $_SESSION array. Any thoughts on this? Is this a known bug (haven't found it…) Thanks! What does phpinfo() show about session stuff? Especially things like save_handler and cookie_lifetime settings. Note that this seems to occur 3 times out of 1000 on average. Now, about your request : session Session Support enabled Registered save handlers files user Registered serializer handlers php php_binary wddx Directive Local Value Master Value session.auto_start Off Off session.bug_compat_42 Off Off session.bug_compat_warn Off Off session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no value no value session.cookie_httponly Off Off session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_file no value no value session.entropy_length 0 0 session.gc_divisor 1000 1000 session.gc_maxlifetime 1440 1440 session.gc_probability 1 1 session.hash_bits_per_character 5 5 session.hash_function 0 0 session.name PHPSESSID PHPSESSID session.referer_check no value no value session.save_handler files files session.save_path /var/lib/php/session /var/lib/php/session session.serialize_handler php php session.use_cookies On On session.use_only_cookies On On session.use_trans_sid 0 0 Your settings seem to be fine. My best guess would be hardware failure, though it seems unlikely. Did you check apache (or whatever webserver you're using) logs for any errors or warnings? Yes I did. Everyhting seems normal there too. Hm… Just noticed something new in fact; was looking a last time before considering reinstallation on a new server: it seems that the $_GET['push'] is undefined. In the other scripts I use where I have this problem, I'm using $_POST variables though but still don't get stored in $_SESSION. If I'm correct, this may implies that it is apache that is faulty right? $_GET['push'] will be undefined if you still have your session stored, but accessing the script directly. It should have nothing to do with faulty Apache.
Re: [PHP] Session variable not persisting
Le 2013-03-18 à 15:37, Matijn Woudt a écrit : On Mon, Mar 18, 2013 at 8:35 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: Le 2013-03-18 à 15:24, Éric Oliver Paquette a écrit : Le 2013-03-18 à 15:20, Matijn Woudt a écrit : On Mon, Mar 18, 2013 at 8:13 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: On Mon, Mar 18, 2013 at 7:46 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: Hi all, I'll be swift in my explanation as I can't find in any way the source of the problem; it seems to be installation-related. At execution, sometimes (randomly it seems at first), variable session aren't properly stored. In fact, when I run this on my server I randomly have empty entries in the $_SESSION array. Any thoughts on this? Is this a known bug (haven't found it…) Thanks! What does phpinfo() show about session stuff? Especially things like save_handler and cookie_lifetime settings. Note that this seems to occur 3 times out of 1000 on average. Now, about your request : session Session Support enabled Registered save handlersfiles user Registered serializer handlers php php_binary wddx Directive Local Value Master Value session.auto_start Off Off session.bug_compat_42 Off Off session.bug_compat_warn Off Off session.cache_expire180 180 session.cache_limiter nocache nocache session.cookie_domain no valueno value session.cookie_httponly Off Off session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_fileno valueno value session.entropy_length 0 0 session.gc_divisor 10001000 session.gc_maxlifetime 14401440 session.gc_probability 1 1 session.hash_bits_per_character 5 5 session.hash_function 0 0 session.namePHPSESSID PHPSESSID session.referer_check no valueno value session.save_handlerfiles files session.save_path /var/lib/php/session/var/lib/php/session session.serialize_handler php php session.use_cookies On On session.use_only_cookiesOn On session.use_trans_sid 0 0 Your settings seem to be fine. My best guess would be hardware failure, though it seems unlikely. Did you check apache (or whatever webserver you're using) logs for any errors or warnings? Yes I did. Everyhting seems normal there too. Hm… Just noticed something new in fact; was looking a last time before considering reinstallation on a new server: it seems that the $_GET['push'] is undefined. In the other scripts I use where I have this problem, I'm using $_POST variables though but still don't get stored in $_SESSION. If I'm correct, this may implies that it is apache that is faulty right? $_GET['push'] will be undefined if you still have your session stored, but accessing the script directly. It should have nothing to do with faulty Apache. Okay, let me paraphrase: when I run the ping pong scripts written up there, I have a blank in var_dump($_SESSION) if and only if I have [Mon Mar 18 13:25:37 2013] [error] [client 184.151.114.111] PHP Notice: Undefined index: push in /home/www/www.ngenioconnect.com/Modules/MPOSurveyTest/pong.php on line 8 on apache log. So my question really is, it is apache that handles the posts and gets requests, as I use both and it seems that the non-persistence of data occurs before the storage in $_SESSION, is it possible that it is Apache that is faulty?
Re: [PHP] Session variable not persisting
Le 2013-03-18 à 15:41, Éric Oliver Paquette a écrit : Le 2013-03-18 à 15:37, Matijn Woudt a écrit : On Mon, Mar 18, 2013 at 8:35 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: Le 2013-03-18 à 15:24, Éric Oliver Paquette a écrit : Le 2013-03-18 à 15:20, Matijn Woudt a écrit : On Mon, Mar 18, 2013 at 8:13 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: On Mon, Mar 18, 2013 at 7:46 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: Hi all, I'll be swift in my explanation as I can't find in any way the source of the problem; it seems to be installation-related. At execution, sometimes (randomly it seems at first), variable session aren't properly stored. In fact, when I run this on my server I randomly have empty entries in the $_SESSION array. Any thoughts on this? Is this a known bug (haven't found it…) Thanks! What does phpinfo() show about session stuff? Especially things like save_handler and cookie_lifetime settings. Note that this seems to occur 3 times out of 1000 on average. Now, about your request : session Session Supportenabled Registered save handlers files user Registered serializer handlers php php_binary wddx Directive Local Value Master Value session.auto_start Off Off session.bug_compat_42 Off Off session.bug_compat_warnOff Off session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no valueno value session.cookie_httponlyOff Off session.cookie_lifetime0 0 session.cookie_path/ / session.cookie_secure Off Off session.entropy_file no valueno value session.entropy_length 0 0 session.gc_divisor 10001000 session.gc_maxlifetime 14401440 session.gc_probability 1 1 session.hash_bits_per_character5 5 session.hash_function 0 0 session.name PHPSESSID PHPSESSID session.referer_check no valueno value session.save_handler files files session.save_path /var/lib/php/session/var/lib/php/session session.serialize_handler php php session.use_cookiesOn On session.use_only_cookies On On session.use_trans_sid 0 0 Your settings seem to be fine. My best guess would be hardware failure, though it seems unlikely. Did you check apache (or whatever webserver you're using) logs for any errors or warnings? Yes I did. Everyhting seems normal there too. Hm… Just noticed something new in fact; was looking a last time before considering reinstallation on a new server: it seems that the $_GET['push'] is undefined. In the other scripts I use where I have this problem, I'm using $_POST variables though but still don't get stored in $_SESSION. If I'm correct, this may implies that it is apache that is faulty right? $_GET['push'] will be undefined if you still have your session stored, but accessing the script directly. It should have nothing to do with faulty Apache. Okay, let me paraphrase: when I run the ping pong scripts written up there, I have a blank in var_dump($_SESSION) if and only if I have [Mon Mar 18 13:25:37 2013] [error] [client 184.151.114.111] PHP Notice: Undefined index: push in /home/www/www.ngenioconnect.com/Modules/MPOSurveyTest/pong.php on line 8 on apache log. So my question really is, it is apache that handles the posts and gets requests, as I use both and it seems that the non-persistence of data occurs before the storage in $_SESSION, is it possible that it is Apache that is faulty? Er… I looked where it caused a problem, it seems that $_GET, $_POST and $_SESSION are indeed all affected. Any clue of a faulty installation that would cause problem for many surperglobals?
Re: [PHP] Session variable not persisting
Éric Oliver Paquette eopaque...@gmail.com wrote: Le 2013-03-18 à 15:41, Éric Oliver Paquette a écrit : Le 2013-03-18 à 15:37, Matijn Woudt a écrit : On Mon, Mar 18, 2013 at 8:35 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: Le 2013-03-18 à 15:24, Éric Oliver Paquette a écrit : Le 2013-03-18 à 15:20, Matijn Woudt a écrit : On Mon, Mar 18, 2013 at 8:13 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: On Mon, Mar 18, 2013 at 7:46 PM, Éric Oliver Paquette eopaque...@gmail.com wrote: Hi all, I'll be swift in my explanation as I can't find in any way the source of the problem; it seems to be installation-related. At execution, sometimes (randomly it seems at first), variable session aren't properly stored. In fact, when I run this on my server I randomly have empty entries in the $_SESSION array. Any thoughts on this? Is this a known bug (haven't found it…) Thanks! What does phpinfo() show about session stuff? Especially things like save_handler and cookie_lifetime settings. Note that this seems to occur 3 times out of 1000 on average. Now, about your request : session Session Support enabled Registered save handlers files user Registered serializer handlersphp php_binary wddx Directive Local Value Master Value session.auto_startOff Off session.bug_compat_42 Off Off session.bug_compat_warn Off Off session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no valueno value session.cookie_httponly Off Off session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_file no valueno value session.entropy_length0 0 session.gc_divisor10001000 session.gc_maxlifetime14401440 session.gc_probability1 1 session.hash_bits_per_character 5 5 session.hash_function 0 0 session.name PHPSESSID PHPSESSID session.referer_check no valueno value session.save_handler files files session.save_path /var/lib/php/session/var/lib/php/session session.serialize_handler php php session.use_cookies On On session.use_only_cookies On On session.use_trans_sid 0 0 Your settings seem to be fine. My best guess would be hardware failure, though it seems unlikely. Did you check apache (or whatever webserver you're using) logs for any errors or warnings? Yes I did. Everyhting seems normal there too. Hm… Just noticed something new in fact; was looking a last time before considering reinstallation on a new server: it seems that the $_GET['push'] is undefined. In the other scripts I use where I have this problem, I'm using $_POST variables though but still don't get stored in $_SESSION. If I'm correct, this may implies that it is apache that is faulty right? $_GET['push'] will be undefined if you still have your session stored, but accessing the script directly. It should have nothing to do with faulty Apache. Okay, let me paraphrase: when I run the ping pong scripts written up there, I have a blank in var_dump($_SESSION) if and only if I have [Mon Mar 18 13:25:37 2013] [error] [client 184.151.114.111] PHP Notice: Undefined index: push in /home/www/www.ngenioconnect.com/Modules/MPOSurveyTest/pong.php on line 8 on apache log. So my question really is, it is apache that handles the posts and gets requests, as I use both and it seems that the non-persistence of data occurs before the storage in $_SESSION, is it possible that it is Apache that is faulty? Er… I looked where it caused a problem, it seems that $_GET, $_POST and $_SESSION are indeed all affected. Any clue of a faulty installation that would cause problem for many surperglobals? It sounds like some kind of memory problem. Can you run a memory tester on that server to see if that's the cause? Thanks, Ash http://www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session variable not persisting
Am 18.03.13 19:46, schrieb Éric Oliver Paquette:
Hi all,
I'll be swift in my explanation as I can't find in any way the source of the
problem; it seems to be installation-related.
At execution, sometimes (randomly it seems at first), variable session aren't
properly stored.
=
First things first, about installation :
uname -a -m -p yields :
Linux cl-t180-253cl.privatedns.com 2.6.18-308.1.1.el5 #1 SMP Wed Mar 7
04:16:51 EST 2012 x86_64 x86_64 x86_64 GNU/Linux
php -v yields :
PHP 5.3.3 (cli) (built: Jun 27 2012 12:25:48)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
=
To make sure it is not caused by any other part of my scripts, I just created
two scripts that have replicated the problem :
SCRIPT #1 [ping.php]
?php
session_start();
if(count($_SESSION['in'])==0){
$_SESSION['in'][0]='0-initiate';
} else {
$_SESSION['in'][] = count($_SESSION['in']).$_GET['push'];
}
if(count($_SESSION['in'])1000){
$rand = rand(0, 100);
?
meta http-equiv=refresh content=0;URL='pong.php?push=?php echo
$rand; ?'
?php
} else {
var_dump($_SESSION);
}
?
SCRIPT #2 [pong.php]
?php
session_start();
if(count($_SESSION['in'])==0){
$_SESSION['in'][0]='0-initiate';
} else {
$_SESSION['in'][] = count($_SESSION['in']).$_GET['push'];
}
if(count($_SESSION['in'])1000){
$rand = rand(0, 100);
?
meta http-equiv=refresh content=0;URL='ping.php?push=?php echo
$rand; ?'
?php
} else {
var_dump($_SESSION);
}
?
##
In fact, when I run this on my server I randomly have empty entries in the
$_SESSION array. Any thoughts on this? Is this a known bug (haven't found it…)
Thanks!
Just a thought that came to my mind: Have you disabled browser caching?
And about the push is undefined in the logs: How do you call the
script for the first time? With or with push parameter?
--
Marco Behnke
Dipl. Informatiker (FH), SAE Audio Engineer Diploma
Zend Certified Engineer PHP 5.3
Tel.: 0174 / 9722336
e-Mail: ma...@behnke.biz
Softwaretechnik Behnke
Heinrich-Heine-Str. 7D
21218 Seevetal
http://www.behnke.biz
signature.asc
Description: OpenPGP digital signature
Re: [PHP] Session ?
I've read about passing the session id to a script and using that to opene
up the existing session file. Is this something I could do in this case?
Or am I SOL?
You can pass the session ID and reactivate the session that way,
sure. Not pretty, and it does lead to security considerations, but it
would work.
Hi Daniel,
Your security consideration important for me and I really need to know
what am I missing.
Using your xs(cross-site) request and cookie based authentication with
user-name and password has same level security problems. if you use
tokens they can not reading or using by an other pages. Attacker must
guess a random token(its difficult then guess passwords). if your
browser hacked or your main page has bad js code. This is bigger problem
then using xs request. they can get your password or session id.
I try to clarify my point of view for better discussion,
both servers can use same log-in database or enable to query each other.
after logged-in first.domain or a.first.domain
user has ability to call an other trusted server without password and
user-name.
when hit the page has XS button first.domain server will generate random
key and random value
and send in button code with secure protocol.(before send, you must
check referrer and token for CSRF protection)
detailed client info, secure key and value must store in session
database for later security check.
(you need more 3 columns key value and expire-date)
sample button code in
https://second.domain/need_to_see_without_user_input.php:
//after logged in your-first.domain
echo form
action='https://second.domain/need_to_see_without_user_input.php'
method='post' style='' ;
echo button id='button_1' class='button_1' type='submit'
name='long_random_secure_xs_cookie_name'
value='{$long_random_secure_xs_cookie_value}' style='' ;
echo run script 2 on second.domain ;
echo /button;
echo /form;
clicking that button same as write down password, user name and click
submit. but easier and not less secure then password authentication.
key and value must be long and secure enough (not like unique-id).
second server side:
-check the name and value and expire date IP browser etc.
- if there is any valid session in first server then clear key and value
don't touch server first.domain session data
- create new session on server second.domain width same user.
now same user has different valid session on both servers.
this method looks safe as password and user name authentication
just focus on sending secure key and value to the real client!!!
Of-course some old browsers has security holes
conditions:
-old browsers like Firefox 5
-(not easy but possible; newer browsers with some dangerous add-ons )
-not using tokens every page/form requests (after log-in first.domain)
after logged-in first.domain attacker can use this holes alter the
referrer and can get secure key and value
there is a solution ;they cannot alter post data referrer(if browser not
hacked) if you post back the token you will be quite safe.(check
referrer and token)
I guess this is fit public users who use password authentication.
if you are company user or security guy You must use certificate
authentication with VPN.
There is no absolute security in theory. But we have to discus how will
be improved. Because bad guys already doing that in opposite way.
Thanks,
Hakan Can.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On 12/12/2012 5:25 PM, Marco Behnke wrote:
Am 12.12.12 15:58, schrieb Jim Giner:
On 12/12/2012 8:08 AM, ma...@behnke.biz wrote:
Jim Giner jim.gi...@albanyhandball.com hat am 12. Dezember 2012 um
02:53
geschrieben:
On 12/11/2012 7:27 PM, Marco Behnke wrote:
Am 08.12.12 19:08, schrieb Jim Giner:
All my debugging messages indicagte that I have the same session id,
yet I don't have the same variables, ie, they're missing.
Just to be sure ... the webspace is on the same server and has
access to
the same directory where the session data is stored?
(session_save_path)?
Yes - it points to a folder within my main domain's structure.
which is accessible from your subdomains?
They are all pointing (re the ini file) to the default of /tmp so I
presume that they all have access to that folder.
Ok, that is a different answer from the previous one where you said it
points to a folder within my main domain's structure
Are you running on error_reporting(E_ALL) and ini_set('display_errors',
'On')?
Just to be sure that there are no hidden notices or warnings.
my sub points to a folder within my domain's structure. My session's
store point (?) is \tmp. You asked two different questions.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
Am 13.12.12 14:49, schrieb Jim Giner:
Ok, that is a different answer from the previous one where you said it
points to a folder within my main domain's structure
Are you running on error_reporting(E_ALL) and ini_set('display_errors',
'On')?
Just to be sure that there are no hidden notices or warnings.
my sub points to a folder within my domain's structure. My session's
store point (?) is \tmp. You asked two different questions.
point taken ;)
I will try to do a setup like yours and check which code works for me.
--
Marco Behnke
Dipl. Informatiker (FH), SAE Audio Engineer Diploma
Zend Certified Engineer PHP 5.3
Tel.: 0174 / 9722336
e-Mail: ma...@behnke.biz
Softwaretechnik Behnke
Heinrich-Heine-Str. 7D
21218 Seevetal
http://www.behnke.biz
signature.asc
Description: OpenPGP digital signature
Re: [PHP] Session ?
On 12/13/2012 9:16 AM, Marco Behnke wrote:
Am 13.12.12 14:49, schrieb Jim Giner:
Ok, that is a different answer from the previous one where you said it
points to a folder within my main domain's structure
Are you running on error_reporting(E_ALL) and ini_set('display_errors',
'On')?
Just to be sure that there are no hidden notices or warnings.
my sub points to a folder within my domain's structure. My session's
store point (?) is \tmp. You asked two different questions.
point taken ;)
I will try to do a setup like yours and check which code works for me.
Thanks for the interest. Hope you have better luck than I.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
Jim Giner jim.gi...@albanyhandball.com hat am 12. Dezember 2012 um 02:53 geschrieben: On 12/11/2012 7:27 PM, Marco Behnke wrote: Am 08.12.12 19:08, schrieb Jim Giner: All my debugging messages indicagte that I have the same session id, yet I don't have the same variables, ie, they're missing. Just to be sure ... the webspace is on the same server and has access to the same directory where the session data is stored? (session_save_path)? Yes - it points to a folder within my main domain's structure. which is accessible from your subdomains? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Marco Behnke Dipl. Informatiker (FH), SAE Audio Engineer Diploma Zend Certified Engineer PHP 5.3 Tel.: 0174 / 9722336 e-Mail: ma...@behnke.biz Softwaretechnik Behnke Heinrich-Heine-Str. 7D 21218 Seevetal http://www.behnke.biz -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On 12/12/2012 8:08 AM, ma...@behnke.biz wrote: Jim Giner jim.gi...@albanyhandball.com hat am 12. Dezember 2012 um 02:53 geschrieben: On 12/11/2012 7:27 PM, Marco Behnke wrote: Am 08.12.12 19:08, schrieb Jim Giner: All my debugging messages indicagte that I have the same session id, yet I don't have the same variables, ie, they're missing. Just to be sure ... the webspace is on the same server and has access to the same directory where the session data is stored? (session_save_path)? Yes - it points to a folder within my main domain's structure. which is accessible from your subdomains? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Marco Behnke Dipl. Informatiker (FH), SAE Audio Engineer Diploma Zend Certified Engineer PHP 5.3 Tel.: 0174 / 9722336 e-Mail: ma...@behnke.biz Softwaretechnik Behnke Heinrich-Heine-Str. 7D 21218 Seevetal http://www.behnke.biz They are all pointing (re the ini file) to the default of /tmp so I presume that they all have access to that folder. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
Am 12.12.12 15:58, schrieb Jim Giner:
On 12/12/2012 8:08 AM, ma...@behnke.biz wrote:
Jim Giner jim.gi...@albanyhandball.com hat am 12. Dezember 2012 um
02:53
geschrieben:
On 12/11/2012 7:27 PM, Marco Behnke wrote:
Am 08.12.12 19:08, schrieb Jim Giner:
All my debugging messages indicagte that I have the same session id,
yet I don't have the same variables, ie, they're missing.
Just to be sure ... the webspace is on the same server and has
access to
the same directory where the session data is stored?
(session_save_path)?
Yes - it points to a folder within my main domain's structure.
which is accessible from your subdomains?
They are all pointing (re the ini file) to the default of /tmp so I
presume that they all have access to that folder.
Ok, that is a different answer from the previous one where you said it
points to a folder within my main domain's structure
Are you running on error_reporting(E_ALL) and ini_set('display_errors',
'On')?
Just to be sure that there are no hidden notices or warnings.
--
Marco Behnke
Dipl. Informatiker (FH), SAE Audio Engineer Diploma
Zend Certified Engineer PHP 5.3
Tel.: 0174 / 9722336
e-Mail: ma...@behnke.biz
Softwaretechnik Behnke
Heinrich-Heine-Str. 7D
21218 Seevetal
http://www.behnke.biz
signature.asc
Description: OpenPGP digital signature
Re: [PHP] Session ?
Am 08.12.12 19:08, schrieb Jim Giner: All my debugging messages indicagte that I have the same session id, yet I don't have the same variables, ie, they're missing. Just to be sure ... the webspace is on the same server and has access to the same directory where the session data is stored? (session_save_path)? -- Marco Behnke Dipl. Informatiker (FH), SAE Audio Engineer Diploma Zend Certified Engineer PHP 5.3 Tel.: 0174 / 9722336 e-Mail: ma...@behnke.biz Softwaretechnik Behnke Heinrich-Heine-Str. 7D 21218 Seevetal http://www.behnke.biz signature.asc Description: OpenPGP digital signature
Re: [PHP] Session ?
On 12/11/2012 7:27 PM, Marco Behnke wrote: Am 08.12.12 19:08, schrieb Jim Giner: All my debugging messages indicagte that I have the same session id, yet I don't have the same variables, ie, they're missing. Just to be sure ... the webspace is on the same server and has access to the same directory where the session data is stored? (session_save_path)? Yes - it points to a folder within my main domain's structure. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On 12/7/2012 3:20 PM, Sebastian Krebs wrote:
2012/12/7 Daniel Brown danbr...@php.net
On Fri, Dec 7, 2012 at 3:04 PM, Jim Giner jim.gi...@albanyhandball.com
wrote:
OK - now that I've messed us all up, help me to understand your proposed
solution. I added the ini-set line to my first script. Then I called my
second one and still had the same problem with a missing session var. Is
there a corresponding line I need in the 'called' script? And does it
matter where this line is place within the script?
From your response to Sebastian, I'm not sure it will work. They
need to be subdomains of the same domain; different domains won't
work. However, proceeding with the presumption that the subdomains
are under the same SLD (e.g. - apple.example.com and
orange.example.com), this should work:
?php
// apple.example.com
ini_set('session.cookie_domain','.example.com');
session_start();
$_SESSION['foo'] = 'bar';
session_write_close();
?
Then
?php
// orange.example.com
ini_set('session.cookie_domain','.example.com');
session_start();
echo isset($_SESSION['foo']) ? $_SESSION['foo'] : 'Session failed to
transfer.';
?
Would be better to put 'session.cookie_domain' into the php.ini. In both
cases: Clear cookies (at least for your site) completely and set
session.auto_start to 0.
--
/Daniel P. Brown
Network Infrastructure Manager
http://www.php.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
What does doing session.auto_start to 0 do to me?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On 12/7/2012 4:02 PM, Jim Giner wrote:
So i need the ini set in both scripts. Thx. Ill try that later
jg
OK - I put the line:
ini_set('session.cookie_domain','.albanyhandball.com');
session_start();
into each of my scripts.
Didn't work.
Let me explain my domain names. My main domain is albanyhandball.com.
I have two subs called x.albanyhandball.com and
y.albanyhandball.com. Attached to each of these is what my isp calls
an add-on domain name. These two names are not similar at all. As in
addon1.net and myothersub.com, but each is tied to one of the
sub-domain names. Looking at a phpinfo dump, the true sub-domain names
(*.albanyhandball.com) show up only in the SERVER_ADMIN setting, while
my add-on domain names show up in the SERVER_NAME settings.
I've read about passing the session id to a script and using that to
opene up the existing session file. Is this something I could do in
this case? Or am I SOL?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On Sat, Dec 8, 2012 at 10:52 AM, Jim Giner jim.gi...@albanyhandball.com wrote: Didn't work. Let me explain my domain names. My main domain is albanyhandball.com. I have two subs called x.albanyhandball.com and y.albanyhandball.com. Attached to each of these is what my isp calls an add-on domain name. These two names are not similar at all. As in addon1.net and myothersub.com, but each is tied to one of the sub-domain names. Looking at a phpinfo dump, the true sub-domain names (*.albanyhandball.com) show up only in the SERVER_ADMIN setting, while my add-on domain names show up in the SERVER_NAME settings. That won't work and should not work. You could technically do it, but you'd be deliberately creating an XSS for your sites. If it worked that way on its own, it would either be (a) a horrible browser or (b) 1995. It'll work for the subdomains, but not addon or parked domains. I've read about passing the session id to a script and using that to opene up the existing session file. Is this something I could do in this case? Or am I SOL? You can pass the session ID and reactivate the session that way, sure. Not pretty, and it does lead to security considerations, but it would work. -- /Daniel P. Brown Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On 12/8/2012 11:04 AM, Daniel Brown wrote:
You can pass the session ID and reactivate the session that way,
sure. Not pretty, and it does lead to security considerations, but it
would work.
OK - I've done this in script 1:
if (isset($_REQUEST['sess']))
$sess_id = $_REQUEST['sess'];
else
$sess_id = '';
if ($sess_id '')
{
session_start($sess_id);
$errmsg .= started sess id is: $sess_id ;
}
else
{
session_start();
$errmsg .= started new sess ;
}
Then my process creates a Session array and calls script 2
In script 2 I have:
if (isset($_GET['sess']) $_GET['sess'] '')
{
$sess_id = $_GET['sess'];
session_start($sess_id);
$errmsg .= started sess $sess_id ;
}
else
{
session_start();
$sess_id = session_id();
$errmsg = started NEW sess with id of $sess_id ;
}
My $errmsg shows me the same sess id in both scripts, and it would
appear that I have managed to pass my session across the sub-domains.
But when script 2 attempts to access the contents of the Session array
created in script 1 it doesn't find it. What am I not doing?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On 12/8/2012 11:41 AM, Jim Giner wrote:
On 12/8/2012 11:04 AM, Daniel Brown wrote:
You can pass the session ID and reactivate the session that way,
sure. Not pretty, and it does lead to security considerations, but it
would work.
OK - I've done this in script 1:
if (isset($_REQUEST['sess']))
$sess_id = $_REQUEST['sess'];
else
$sess_id = '';
if ($sess_id '')
{
session_start($sess_id);
$errmsg .= started sess id is: $sess_id ;
}
else
{
session_start();
$errmsg .= started new sess ;
}
Then my process creates a Session array and calls script 2
In script 2 I have:
if (isset($_GET['sess']) $_GET['sess'] '')
{
$sess_id = $_GET['sess'];
session_start($sess_id);
$errmsg .= started sess $sess_id ;
}
else
{
session_start();
$sess_id = session_id();
$errmsg = started NEW sess with id of $sess_id ;
}
My $errmsg shows me the same sess id in both scripts, and it would
appear that I have managed to pass my session across the sub-domains.
But when script 2 attempts to access the contents of the Session array
created in script 1 it doesn't find it. What am I not doing?
Forgot to mention that when I do header(...) to go to script 2 that I do
append the session id to my url
Same on the return from script 2 back to script 1.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On Sat, Dec 8, 2012 at 12:10 PM, Jim Giner jim.gi...@albanyhandball.comwrote:
On 12/8/2012 11:41 AM, Jim Giner wrote:
On 12/8/2012 11:04 AM, Daniel Brown wrote:
You can pass the session ID and reactivate the session that way,
sure. Not pretty, and it does lead to security considerations, but it
would work.
OK - I've done this in script 1:
if (isset($_REQUEST['sess']))
$sess_id = $_REQUEST['sess'];
else
$sess_id = '';
if ($sess_id '')
{
session_start($sess_id);
$errmsg .= started sess id is: $sess_id ;
}
else
{
session_start();
$errmsg .= started new sess ;
}
Then my process creates a Session array and calls script 2
In script 2 I have:
if (isset($_GET['sess']) $_GET['sess'] '')
{
$sess_id = $_GET['sess'];
session_start($sess_id);
$errmsg .= started sess $sess_id ;
}
else
{
session_start();
$sess_id = session_id();
$errmsg = started NEW sess with id of $sess_id ;
}
My $errmsg shows me the same sess id in both scripts, and it would
appear that I have managed to pass my session across the sub-domains.
But when script 2 attempts to access the contents of the Session array
created in script 1 it doesn't find it. What am I not doing?
Forgot to mention that when I do header(...) to go to script 2 that I do
append the session id to my url
Same on the return from script 2 back to script 1.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I know i'm late to the party here but I had to do something similar
I used something similar to
http://www.nczonline.net/blog/2010/09/07/learning-from-xauth-cross-domain-localstorage/
ie storing the session state in html localstorage objects then using the
methods in that link to read them thru iframes on the other domain...
Re: [PHP] Session ?
On 12/8/2012 12:10 PM, Jim Giner wrote:
On 12/8/2012 11:41 AM, Jim Giner wrote:
On 12/8/2012 11:04 AM, Daniel Brown wrote:
You can pass the session ID and reactivate the session that way,
sure. Not pretty, and it does lead to security considerations, but it
would work.
OK - I've done this in script 1:
if (isset($_REQUEST['sess']))
$sess_id = $_REQUEST['sess'];
else
$sess_id = '';
if ($sess_id '')
{
session_start($sess_id);
$errmsg .= started sess id is: $sess_id ;
}
else
{
session_start();
$errmsg .= started new sess ;
}
Then my process creates a Session array and calls script 2
In script 2 I have:
if (isset($_GET['sess']) $_GET['sess'] '')
{
$sess_id = $_GET['sess'];
session_start($sess_id);
$errmsg .= started sess $sess_id ;
}
else
{
session_start();
$sess_id = session_id();
$errmsg = started NEW sess with id of $sess_id ;
}
My $errmsg shows me the same sess id in both scripts, and it would
appear that I have managed to pass my session across the sub-domains.
But when script 2 attempts to access the contents of the Session array
created in script 1 it doesn't find it. What am I not doing?
Forgot to mention that when I do header(...) to go to script 2 that I do
append the session id to my url
Same on the return from script 2 back to script 1.
Plugging away at my problem still. Here is something interesting.
Apparently I don't understand how some of these session settings work.
In my script 2 (the called one) I have this code:
if (isset($_REQUEST['sess']))
$sess_id = $_REQUEST['sess'];
else
$sess_id = '';
if ($sess_id '')
{
session_start($sess_id);
$errmsg .= started sess with id of $sess_id ;
}
else
{
session_start();
$errmsg .= started a NEW sess ;
}
$sid = session_id();
$errmsg .= started sess actual id is: $sid ;
Now - there is a 'sess' argument in my url string that calls this, so I
am using the branch of the logic that shows me that I started sess with
id of . But I've added the last two lines to check on that and I
get started sess actual id is: zz - NOT the right id.
Can someone explain the use of session ids and the right commands to
use? From my understanding my thinking is:
in script 1 after establishing the initial session wiht a session_start():
1 - get the session id save it in a hidden field on my screen
2 - when script 1 starts again, retrieve the id and when going to my
script 2 (in the other sub-dom) attach it as an argument
3 - in the called script 2, retrieve the argument from the url and start
the session with:
session_start($sessid)
4 - save the sessid in this screen's fields
5 - when script 2 gets control again, retrieve the id from the hidden
field and if the user has opted to return to script 1, attach the
session id to the url again.
All my debugging messages indicagte that I have the same session id, yet
I don't have the same variables, ie, they're missing.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On Fri, Dec 7, 2012 at 2:33 PM, Jim Giner jim.gi...@albanyhandball.com wrote: Something new for me - working with scripts on two of my sub-domains. I want to call script 2 in my B domain from script 1 in my A domain. It appears that the session vars established in script 1 do not show up in script 2. Is that because the domain name is different? Is this where one must grab the session id and use it in another script in order to retain the original session and its vars? If this is so, can someone elaborate on the capture of the session id process? Are both domains on the same physical (or virtual) server? -- /Daniel P. Brown Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On 12/7/2012 2:36 PM, Daniel Brown wrote: On Fri, Dec 7, 2012 at 2:33 PM, Jim Giner jim.gi...@albanyhandball.com wrote: Something new for me - working with scripts on two of my sub-domains. I want to call script 2 in my B domain from script 1 in my A domain. It appears that the session vars established in script 1 do not show up in script 2. Is that because the domain name is different? Is this where one must grab the session id and use it in another script in order to retain the original session and its vars? If this is so, can someone elaborate on the capture of the session id process? Are both domains on the same physical (or virtual) server? Yes - they are sub-domains of my main one. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On Fri, Dec 7, 2012 at 2:38 PM, Jim Giner jim.gi...@albanyhandball.com wrote:
On 12/7/2012 2:36 PM, Daniel Brown wrote:
On Fri, Dec 7, 2012 at 2:33 PM, Jim Giner jim.gi...@albanyhandball.com
wrote:
Something new for me - working with scripts on two of my sub-domains.
I want to call script 2 in my B domain from script 1 in my A domain.
It appears that the session vars established in script 1 do not show up
in
script 2. Is that because the domain name is different? Is this where
one
must grab the session id and use it in another script in order to retain
the
original session and its vars? If this is so, can someone elaborate on
the
capture of the session id process?
Are both domains on the same physical (or virtual) server?
Yes - they are sub-domains of my main one.
?php ini_set('session.cookie_domain','.example.com'); ?
The preceding dot before the SLD allow the session cookie to be
accessible on *.example.com.
--
/Daniel P. Brown
Network Infrastructure Manager
http://www.php.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On 12/7/2012 2:41 PM, Daniel Brown wrote:
On Fri, Dec 7, 2012 at 2:38 PM, Jim Giner jim.gi...@albanyhandball.com wrote:
On 12/7/2012 2:36 PM, Daniel Brown wrote:
On Fri, Dec 7, 2012 at 2:33 PM, Jim Giner jim.gi...@albanyhandball.com
wrote:
Something new for me - working with scripts on two of my sub-domains.
I want to call script 2 in my B domain from script 1 in my A domain.
It appears that the session vars established in script 1 do not show up
in
script 2. Is that because the domain name is different? Is this where
one
must grab the session id and use it in another script in order to retain
the
original session and its vars? If this is so, can someone elaborate on
the
capture of the session id process?
Are both domains on the same physical (or virtual) server?
Yes - they are sub-domains of my main one.
?php ini_set('session.cookie_domain','.example.com'); ?
The preceding dot before the SLD allow the session cookie to be
accessible on *.example.com.
What if my sub-domain names are not in the form of 'a.domain.com' and
'b.domain.com'.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
2012/12/7 Jim Giner jim.gi...@albanyhandball.com
On 12/7/2012 2:41 PM, Daniel Brown wrote:
On Fri, Dec 7, 2012 at 2:38 PM, Jim Giner jim.gi...@albanyhandball.com
wrote:
On 12/7/2012 2:36 PM, Daniel Brown wrote:
On Fri, Dec 7, 2012 at 2:33 PM, Jim Giner jim.gi...@albanyhandball.com
wrote:
Something new for me - working with scripts on two of my sub-domains.
I want to call script 2 in my B domain from script 1 in my A domain.
It appears that the session vars established in script 1 do not show up
in
script 2. Is that because the domain name is different? Is this where
one
must grab the session id and use it in another script in order to
retain
the
original session and its vars? If this is so, can someone elaborate on
the
capture of the session id process?
Are both domains on the same physical (or virtual) server?
Yes - they are sub-domains of my main one.
?php ini_set('session.cookie_**domain','.example.com'); ?
The preceding dot before the SLD allow the session cookie to be
accessible on *.example.com.
What if my sub-domain names are not in the form of 'a.domain.com' and '
b.domain.com'.
What do you mean? Subdomains are always in the form *.example.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
github.com/KingCrunch
Re: [PHP] Session ?
On Fri, Dec 7, 2012 at 2:54 PM, Jim Giner jim.gi...@albanyhandball.com wrote: What if my sub-domain names are not in the form of 'a.domain.com' and 'b.domain.com'. A subdomain is a subdomain. Unless you've discovered a new magical form of subdomain that is not, you should be fine. And if you have, in fact, made that discovery, you're probably the reason the Mayans predicted a very short winter this year. Thanks for screwing us, Jim. -- /Daniel P. Brown Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On 12/7/2012 2:58 PM, Sebastian Krebs wrote:
2012/12/7 Jim Giner jim.gi...@albanyhandball.com
On 12/7/2012 2:41 PM, Daniel Brown wrote:
On Fri, Dec 7, 2012 at 2:38 PM, Jim Giner jim.gi...@albanyhandball.com
wrote:
On 12/7/2012 2:36 PM, Daniel Brown wrote:
On Fri, Dec 7, 2012 at 2:33 PM, Jim Giner jim.gi...@albanyhandball.com
wrote:
Something new for me - working with scripts on two of my sub-domains.
I want to call script 2 in my B domain from script 1 in my A domain.
It appears that the session vars established in script 1 do not show up
in
script 2. Is that because the domain name is different? Is this where
one
must grab the session id and use it in another script in order to
retain
the
original session and its vars? If this is so, can someone elaborate on
the
capture of the session id process?
Are both domains on the same physical (or virtual) server?
Yes - they are sub-domains of my main one.
?php ini_set('session.cookie_**domain','.example.com'); ?
The preceding dot before the SLD allow the session cookie to be
accessible on *.example.com.
What if my sub-domain names are not in the form of 'a.domain.com' and '
b.domain.com'.
What do you mean? Subdomains are always in the form *.example.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
My bad - I was referencing the add-on domain name which is not. Yes -
there are subs in the correct format which I forgot about.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On 12/7/2012 2:59 PM, Daniel Brown wrote: On Fri, Dec 7, 2012 at 2:54 PM, Jim Giner jim.gi...@albanyhandball.com wrote: What if my sub-domain names are not in the form of 'a.domain.com' and 'b.domain.com'. A subdomain is a subdomain. Unless you've discovered a new magical form of subdomain that is not, you should be fine. And if you have, in fact, made that discovery, you're probably the reason the Mayans predicted a very short winter this year. Thanks for screwing us, Jim. OK - now that I've messed us all up, help me to understand your proposed solution. I added the ini-set line to my first script. Then I called my second one and still had the same problem with a missing session var. Is there a corresponding line I need in the 'called' script? And does it matter where this line is place within the script? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On Fri, Dec 7, 2012 at 3:04 PM, Jim Giner jim.gi...@albanyhandball.com wrote:
OK - now that I've messed us all up, help me to understand your proposed
solution. I added the ini-set line to my first script. Then I called my
second one and still had the same problem with a missing session var. Is
there a corresponding line I need in the 'called' script? And does it
matter where this line is place within the script?
From your response to Sebastian, I'm not sure it will work. They
need to be subdomains of the same domain; different domains won't
work. However, proceeding with the presumption that the subdomains
are under the same SLD (e.g. - apple.example.com and
orange.example.com), this should work:
?php
// apple.example.com
ini_set('session.cookie_domain','.example.com');
session_start();
$_SESSION['foo'] = 'bar';
session_write_close();
?
Then
?php
// orange.example.com
ini_set('session.cookie_domain','.example.com');
session_start();
echo isset($_SESSION['foo']) ? $_SESSION['foo'] : 'Session failed to transfer.';
?
--
/Daniel P. Brown
Network Infrastructure Manager
http://www.php.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
2012/12/7 Daniel Brown danbr...@php.net
On Fri, Dec 7, 2012 at 3:04 PM, Jim Giner jim.gi...@albanyhandball.com
wrote:
OK - now that I've messed us all up, help me to understand your proposed
solution. I added the ini-set line to my first script. Then I called my
second one and still had the same problem with a missing session var. Is
there a corresponding line I need in the 'called' script? And does it
matter where this line is place within the script?
From your response to Sebastian, I'm not sure it will work. They
need to be subdomains of the same domain; different domains won't
work. However, proceeding with the presumption that the subdomains
are under the same SLD (e.g. - apple.example.com and
orange.example.com), this should work:
?php
// apple.example.com
ini_set('session.cookie_domain','.example.com');
session_start();
$_SESSION['foo'] = 'bar';
session_write_close();
?
Then
?php
// orange.example.com
ini_set('session.cookie_domain','.example.com');
session_start();
echo isset($_SESSION['foo']) ? $_SESSION['foo'] : 'Session failed to
transfer.';
?
Would be better to put 'session.cookie_domain' into the php.ini. In both
cases: Clear cookies (at least for your site) completely and set
session.auto_start to 0.
--
/Daniel P. Brown
Network Infrastructure Manager
http://www.php.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
github.com/KingCrunch
Re: [PHP] Session ?
On Fri, Dec 7, 2012 at 3:20 PM, Sebastian Krebs krebs@gmail.com wrote: Would be better to put 'session.cookie_domain' into the php.ini. In both cases: Clear cookies (at least for your site) completely and set session.auto_start to 0. If it's configured on the server for overrides, sure, a local one. Otherwise, the system php.ini will break all other domains on the server. -- /Daniel P. Brown Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
So i need the ini set in both scripts. Thx. Ill try that later jg -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session ?
On Fri, Dec 7, 2012 at 2:04 PM, Jim Giner jim.gi...@albanyhandball.com wrote: On 12/7/2012 2:59 PM, Daniel Brown wrote: On Fri, Dec 7, 2012 at 2:54 PM, Jim Giner jim.gi...@albanyhandball.com wrote: What if my sub-domain names are not in the form of 'a.domain.com' and 'b.domain.com'. A subdomain is a subdomain. Unless you've discovered a new magical form of subdomain that is not, you should be fine. And if you have, in fact, made that discovery, you're probably the reason the Mayans predicted a very short winter this year. Thanks for screwing us, Jim. OK - now that I've messed us all up, help me to understand your proposed solution. I added the ini-set line to my first script. Then I called my second one and still had the same problem with a missing session var. Is there a corresponding line I need in the 'called' script? And does it matter where this line is place within the script? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php also remember to clear cookies (on browser), and session caches (on server) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session data lost in Firefox
On Fri, Oct 26, 2012 at 8:49 AM, John Boy serv...@greenholdings.co.ukwrote: Hi I have a wesite where PHP session data is passed page to page then shells out to Paypal for payment then back to my website for completion of transaction and update of mysql file. When using Firefox our session data and POST data from Paypal is lost. This has happend only recently and has worked happily in the past. Works in other browsers too. Anyone heard of same problems? mywebpage - session data-mywebpage2-session data-paypal page-POST data + session data-mywebpage3 -- Johniboy Just a thought - does this depend on using third party cookies between your site and PayPal? If so, do you have them disabled in Firefox? Andrew
Re: [PHP] Session data lost in Firefox
Looks like it was a corrupted Paypal cookie lurking about on my test machine. Clearing all Paypal cookies cured the problem. Hours can be spent looking for needles like this in a very complex haystack and it turns out to be the simplest solution that's not even related directly to the programming. Thanks, Andrew for the prompting! However if this happened on a punter's computer the same would happen - so is there a way of coding the removal of third party cookies to avoid this problem? Andrew Ballard aball...@gmail.com wrote in message news:cac1b6rsbydmopeulin0fjmax-vap_uas_1w6e-nr-1shwm+...@mail.gmail.com... On Fri, Oct 26, 2012 at 8:49 AM, John Boy serv...@greenholdings.co.ukwrote: Hi I have a wesite where PHP session data is passed page to page then shells out to Paypal for payment then back to my website for completion of transaction and update of mysql file. When using Firefox our session data and POST data from Paypal is lost. This has happend only recently and has worked happily in the past. Works in other browsers too. Anyone heard of same problems? mywebpage - session data-mywebpage2-session data-paypal page-POST data + session data-mywebpage3 -- Johniboy Just a thought - does this depend on using third party cookies between your site and PayPal? If so, do you have them disabled in Firefox? Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session data lost in Firefox
On Fri, Oct 26, 2012 at 12:12 PM, John Boy serv...@greenholdings.co.ukwrote: Looks like it was a corrupted Paypal cookie lurking about on my test machine. Clearing all Paypal cookies cured the problem. Hours can be spent looking for needles like this in a very complex haystack and it turns out to be the simplest solution that's not even related directly to the programming. Thanks, Andrew for the prompting! However if this happened on a punter's computer the same would happen - so is there a way of coding the removal of third party cookies to avoid this problem? As far as I know, if you can set a cookie you can also clear it. I don't like the approach, though. I have 3rd party cookies disabled on purpose. Andrew
[PHP] Re: PHP session variables
On 8/8/2012 11:24 AM, Ansry User 01 wrote: I am setting the _SESSION variables in one of my file, but whenever I leave the php page session variables are not accessible. Not sure what I need to do additionally other then defining _SESSION[]. Any pointer. You must make it a habit to start each script with session_start(); so that any thing you did in the last script is returned for use in the new script. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Checking
On Jul 9, 2012, at 2:40 PM, Floyd Resler fres...@adex-intl.com wrote: I want to have an alert pop up to let the user know their session is about to expire. Would the best approach be to do a timer in Javascript or check it in PHP. I'm storing session data in a MySQL database so I can know when a session will expire. If I check it through PHP will the session expiration refresh when I check it? Thanks! Floyd Floyd: If this was my problem, my solution would be: 1. A PHP script that recorded (via MySQL) the date/time when the user successfully accessed something private (i.e., password protected). 2. The next time the user requested protected-access again, I would have the script look at the last time the user accessed this data and see IF the time period between accesses (then and now) exceeded an established time limit. If so, then deny access. If not, then reset the timer and allow access. That's the way it would work on the server-side. However, the server-side really has no efficient way to notify the user their session is about to expire -- instead that should take place client-side and without question, you'll need a client-side JavaScript timer. The client-side timer simply preforms a count-down and notifies the user when their session is about to expire. The important thing to realize here is that the client-side and server-side scripts have no communication between each other nor is any needed other than when to start the count-down. The two scripts are separate, but are working in apparent concert. The server-side script will be the ultimate decider of IF the user's session has timed out or not. The client-side script only notifies the user of the count-down and nothing else. HTH's tedd PS: Arby's? _ t...@sperling.com http://sperling.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Checking
On Mon, Jul 9, 2012 at 2:40 PM, Floyd Resler fres...@adex-intl.com wrote: I want to have an alert pop up to let the user know their session is about to expire. Would the best approach be to do a timer in Javascript or check it in PHP. I'm storing session data in a MySQL database so I can know when a session will expire. If I check it through PHP will the session expiration refresh when I check it? If the browser is accessing the script, even in the background (such as via AJAX calls), it'll renew the session. What you could do is populate some JavaScript to count down to the expiry, or - if you're storing sessions via MySQL or something similar - check the record manually via a non-session-enabled script. BTW, is Arby's having a roast beef sale or something? Everyone on the list seems to be gone! Better not be. I just had lunch 90 minutes ago. (Though, since it was homemade wood-smoked barbecue beef brisket with pickles and red onions on a kaiser roll, I guess I can't complain.) -- /Daniel P. Brown Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session lost problem
On Tue, Apr 24, 2012 at 12:58 AM, bug zhu bugw...@gmail.com wrote:
there are tow php files a.php and b.php,
content of a.php as follows:
?php
session_start();
if (!isset($_GET['flag']))
{
header('Location: b.php');
}
else
{
var_dump($_SESSION);
}
content of b.php as follows:
?php
session_start();
session_commit();
$_SESSION['test'] = 'test';
session_commit();
header('Location: a.php?flag=1');
when i visit a.php, the dumped $_SESSION array is empty
but if i commented the first session_commit() in b.php and then visit
a.php, i cound see the $_SESSION array,which is not empty
i wish i have descibed clear about my problem and someone could give me a
feedback~
Hi,
So, you:
1) Visit page a.php (I'm assuming without the flag)
2) Are forwarded to page b.php, which you're expecting to store a
session variable 'test'.
3) Then forwarded back to page a.php.
You're likely expecting that you're return visit to page a.php should
reveal the 'test' variable.
The issue is that you're calling session_commit(), which is actually
an alias for session_write_close(). This function actually stops the
current session. So, when you hit the line $_SESSION['test'] = 'test',
your session has already terminated.
Try removing the session_commit() calls (or at least permanently
remove the first call.) You only want to call session_commit() when
you're done accessing/updating $_SESSION variables.
Adam
--
Nephtali: A simple, flexible, fast, and security-focused PHP framework
http://nephtaliproject.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session lost problem
thank you for your explanation,
when i write to $_SESSION after session_commit(),$_SESSION is just a
regular array
2012/4/24 Stuart Dallas stu...@3ft9.com
Please don't top-post, and please include the list when replying.
On 24 Apr 2012, at 06:35, bug zhu wrote:
2012/4/24 Stuart Dallas stu...@3ft9.com
On 24 Apr 2012, at 05:58, bug zhu wrote:
there are tow php files a.php and b.php,
content of a.php as follows:
?php
session_start();
if (!isset($_GET['flag']))
{
header('Location: b.php');
}
else
{
var_dump($_SESSION);
}
content of b.php as follows:
?php
session_start();
session_commit();
$_SESSION['test'] = 'test';
session_commit();
header('Location: a.php?flag=1');
when i visit a.php, the dumped $_SESSION array is empty
but if i commented the first session_commit() in b.php and then visit
a.php, i cound see the $_SESSION array,which is not empty
i wish i have descibed clear about my problem and someone could give
me a
feedback~
I'm really not clear on what you're trying to do here, but the
behaviour you're describing is as designed. When you call session_commit()
you are saving and closing the session, so nothing done to $_SESSION after
that point will be saved, even if you call session_commit() again.
but in a single file without redirect, code as follows
?php
session_start();
session_commit();
$_SESSION['test'] = 'test';
session_commit();
var_dump($_SESSION);
could dump the $_SESSION array.
Yes, because $_SESSION is not special in any way other than that it's used
by the session system; it's no more than a superglobal array. So within one
request that array contains whatever you put into it, but that doesn't mean
it is stored in whatever session storage mechanism you're using (files by
default). When you redirect to another URL that's a whole new request so
the contents of $_SESSION have to be loaded from the session storage.
-Stuart
--
Stuart Dallas
3ft9 Ltd
http://3ft9.com/
--
thanks,
bugzhu
Re: [PHP] session lost problem
bug zhu bugw...@gmail.com hat am 24. April 2012 um 08:28 geschrieben: thank you for your explanation, when i write to $_SESSION after session_commit(),$_SESSION is just a regular array Yes. Actually session_commit does not terminate the session as mentioned earlier but is closes it for writing. You cann still read session values. The benefit of using session_commit is that the server saved associated session file is no longer locked, so that parallel requests can both access the values. The approach ist as follows: Call session_commit() as early in you code (after session_open) as possible to avoid locking. So first do all the writing to the $_SESSION array, then do write close (or commit). After that you can still read all session relevant information. If you want to write afterwards to your $_SESSIOn array you simply have to call session_start to re-open the write context. Afterwards you can commit it again to remove the lock. But be careful! session_start and session_commit perform write operations on your harddisk or whatever storage you use. Many calls to start and commit will result in losing performance. Regards, Marco -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session lost problem
2012/4/24 ma...@behnke.biz ma...@behnke.biz bug zhu bugw...@gmail.com hat am 24. April 2012 um 08:28 geschrieben: thank you for your explanation, when i write to $_SESSION after session_commit(),$_SESSION is just a regular array Yes. Actually session_commit does not terminate the session as mentioned earlier but is closes it for writing. You cann still read session values. The benefit of using session_commit is that the server saved associated session file is no longer locked, so that parallel requests can both access the values. The approach ist as follows: Call session_commit() as early in you code (after session_open) as possible to avoid locking. So first do all the writing to the $_SESSION array, then do write close (or commit). After that you can still read all session relevant information. If you want to write afterwards to your $_SESSIOn array you simply have to call session_start to re-open the write context. Afterwards you can commit it again to remove the lock. But be careful! session_start and session_commit perform write operations on your harddisk or whatever storage you use. Many calls to start and commit will result in losing performance. Regards, Marco -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php got it, very appreciate you explanation:-) -- thanks, bugzhu
Re: [PHP] session lost problem
On 24 Apr 2012, at 05:58, bug zhu wrote:
there are tow php files a.php and b.php,
content of a.php as follows:
?php
session_start();
if (!isset($_GET['flag']))
{
header('Location: b.php');
}
else
{
var_dump($_SESSION);
}
content of b.php as follows:
?php
session_start();
session_commit();
$_SESSION['test'] = 'test';
session_commit();
header('Location: a.php?flag=1');
when i visit a.php, the dumped $_SESSION array is empty
but if i commented the first session_commit() in b.php and then visit
a.php, i cound see the $_SESSION array,which is not empty
i wish i have descibed clear about my problem and someone could give me a
feedback~
I'm really not clear on what you're trying to do here, but the behaviour you're
describing is as designed. When you call session_commit() you are saving and
closing the session, so nothing done to $_SESSION after that point will be
saved, even if you call session_commit() again.
-Stuart
--
Stuart Dallas
3ft9 Ltd
http://3ft9.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session lost problem
Please don't top-post, and please include the list when replying.
On 24 Apr 2012, at 06:35, bug zhu wrote:
2012/4/24 Stuart Dallas stu...@3ft9.com
On 24 Apr 2012, at 05:58, bug zhu wrote:
there are tow php files a.php and b.php,
content of a.php as follows:
?php
session_start();
if (!isset($_GET['flag']))
{
header('Location: b.php');
}
else
{
var_dump($_SESSION);
}
content of b.php as follows:
?php
session_start();
session_commit();
$_SESSION['test'] = 'test';
session_commit();
header('Location: a.php?flag=1');
when i visit a.php, the dumped $_SESSION array is empty
but if i commented the first session_commit() in b.php and then visit
a.php, i cound see the $_SESSION array,which is not empty
i wish i have descibed clear about my problem and someone could give me a
feedback~
I'm really not clear on what you're trying to do here, but the behaviour
you're describing is as designed. When you call session_commit() you are
saving and closing the session, so nothing done to $_SESSION after that
point will be saved, even if you call session_commit() again.
but in a single file without redirect, code as follows
?php
session_start();
session_commit();
$_SESSION['test'] = 'test';
session_commit();
var_dump($_SESSION);
could dump the $_SESSION array.
Yes, because $_SESSION is not special in any way other than that it's used by
the session system; it's no more than a superglobal array. So within one
request that array contains whatever you put into it, but that doesn't mean it
is stored in whatever session storage mechanism you're using (files by
default). When you redirect to another URL that's a whole new request so the
contents of $_SESSION have to be loaded from the session storage.
-Stuart
--
Stuart Dallas
3ft9 Ltd
http://3ft9.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSION var and Objects problem
On 2 Mar 2012, at 20:07, Jim Giner wrote:
My first foray into classes objects.
When retrieving a set of records, I'm using a class to build an object. At
this time I save each record/object into a Session array by doing this:
$rows = mysql_num_rows($qrslts);
if ($rows 0)
for ($i=1;$i=$rows;$i++)
{
$row = mysql_fetch_array($qrslts);
$e = new Entry;
if ($e-GetAnEntry($row['recordkey'],$row['Eventcode']))
{
$evts[] = $e;
array_push($_SESSION['TMScurr_evts'],$e); // THIS DOESN'T
$cls_errs .= Stored $e-event in sess var $i-1; ; // THIS
WORKS
}
else
$cls_errs .= Could not retrieve event record for
.$row['recordkey']. .$row['Eventcode'];
}
What is the type of $e (i.e. what's the class called)?
Side note... it looks like GetAnEntry fetches the entry into internal data.
This isn't really how objects are supposed to work. To be more OO-like you
should be passing the recordkey and Eventcode values into the constructor. But
that's not relevant to your issue.
The above code works AFAIK - the line above the array_push correctly stores
my retreived record data in the $evts array just fine and I can see the
data when I use that array to display my page.
Note also that the var $cls_errs following the array_push does show me that
valid values are being stored in $e
Later on, in my main process I attempt to retreive the contents of my
Session var to use to re-display the data. The code for that doesn't
display any values. In trying to debug this here is what I've done:
$cnt = count($_SESSION['TMScurr_evts']);
echo In Display process with $cnt recs in session var TMScurr_evts. ;
// THIS WORKS
reset($_SESSION['TMScurr_evts']);
$e = new Entry;
for ($i=0;$icount($_SESSION['TMScurr_evts']);$i++)
{
$e = array_pop($_SESSION['TMScurr_evts']);
echo in Display process - sess event $i is $e-eventbr;//
THIS DOESN'T
}
This debugging code correctly tells me how many entries are in the Session
array variable, but the attempt to echo the values stored in the first field
of each object contained in it shows blank for each one.
What am I doing wrong when I try to pull the contents of my session array
out and store them back into an Entry object, one at a time, so that I can
display the object on my webpage??
In the above script, the one that gets the objects out of the session, has the
class been declared? IOW, have you included the PHP file that defines that
class? If not then it won't be able to recreate the object.
If that was the problem then I suggest you make sure you have error_reporting
set to at least E_ALL, and display_errors set on, because this issue will be
causing a fatal error, the text of which would make it obvious what's going
wrong.
-Stuart
--
Stuart Dallas
3ft9 Ltd
http://3ft9.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSION var and Objects problem
Yes I ahve the class defined. The classes work in most cases - just this one place where I want to save the objects in a sess var for re-use fails me. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSION var and Objects problem
Please quote the pertinent bit of the message you're replying to, it makes
using the list a halluvalot easier and improves SEO for the archives.
On 2 Mar 2012, at 20:55, Jim Giner wrote:
Yes I ahve the class defined. The classes work in most cases - just this one
place where I want to save the objects in a sess var for re-use fails me.
Put the following line at the top of the code that you posted and post the
output.
echo 'pre'; var_dump($_SESSION['TMScurr_evts']); die('/pre');
Have you checked your error log, or your error settings? Scripts generally
don't stop executing for no reason or without saying why.
-Stuart
--
Stuart Dallas
3ft9 Ltd
http://3ft9.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSION var and Objects problem
ok - In examinig the objects in the Session after the data has been displayed and the user has hit triggered a re-entry into my script (just one script involved here), the objects in the session array now say [__PHP_Incomplete_Class_Name and __PHP_Incomplete_Class Object . They didn't say that during my examiniation of the sess var before exiting the script. Also with All error reporting on (a great tip that I never think of) I get many messages indicating that the object may not have been loaded. I don't know what this means. The include file for my class is present in my script and is always loaded. But at this point in the process no functions of the class have been called. Is that a problem? In trying to re-display my data stored in the Sessioin array I instantiate a var of the class and then pop an array off the session var and assign it to the object and then call my display function to show the data on the webpage - that is where I get the errors. Here is one of these messages: Notice: DisplayAnEntry() [function.displayanentry]: The script tried to execute a method or access a property of an incomplete object. Please ensure that the class definition Entry of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide a __autoload() function to load the class definition in /home/albany/public_html/tms/php/tmsentry.php on line 372 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSION var and Objects problem
On 2 Mar 2012, at 21:09, Jim Giner wrote: ok - In examinig the objects in the Session after the data has been displayed and the user has hit triggered a re-entry into my script (just one script involved here), the objects in the session array now say [__PHP_Incomplete_Class_Name and __PHP_Incomplete_Class Object . They didn't say that during my examiniation of the sess var before exiting the script. Also with All error reporting on (a great tip that I never think of) I get many messages indicating that the object may not have been loaded. I don't know what this means. The include file for my class is present in my script and is always loaded. But at this point in the process no functions of the class have been called. Is that a problem? In trying to re-display my data stored in the Sessioin array I instantiate a var of the class and then pop an array off the session var and assign it to the object and then call my display function to show the data on the webpage - that is where I get the errors. Here is one of these messages: Notice: DisplayAnEntry() [function.displayanentry]: The script tried to execute a method or access a property of an incomplete object. Please ensure that the class definition Entry of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide a __autoload() function to load the class definition in /home/albany/public_html/tms/php/tmsentry.php on line 372 Make sure the class is declared before you call session_start. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSION var and Objects problem
Stuart Dallas stu...@3ft9.com wrote in message news:7eeba658-c7f6-4449-87bd-aac71b41e...@3ft9.com... Make sure the class is declared before you call session_start. * You Da Man!! I see now why it makes a difference. The session tries to bring back the data but doesn't know how to handle the objects in the session vars since the objects haven't been defined. Never would of thought of that! Thank you for being there! :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] SESSION var and Objects problem
Hi, Jim To avoid this kind of problem it would also help to provide an autoloader-function as PHP then tries to load the class-definition by this autoloader ;) Using that you'd bind yourself to have a pretty good system for php-classes and you'd avoid having problems like that. I'd in fact have never thought about a solution like that - but that may comes from the fact that I always use auto-loader-scripts ;) One additional info: I had some problems putting an instance of *SimpleXmlElement *into the session ... The only valuable info I found was this error: *Fatal error: Exception thrown without a stack frame in Unknown on line 0* Here's the solution and description why: http://stackoverflow.com/questions/4624223/object-in-session-fatal-error-exception-thrown-without-a-stack-frame-in-unknow#answer-4624256 Bye Simon 2012/3/2 Jim Giner jim.gi...@albanyhandball.com Stuart Dallas stu...@3ft9.com wrote in message news:7eeba658-c7f6-4449-87bd-aac71b41e...@3ft9.com... Make sure the class is declared before you call session_start. * You Da Man!! I see now why it makes a difference. The session tries to bring back the data but doesn't know how to handle the objects in the session vars since the objects haven't been defined. Never would of thought of that! Thank you for being there! :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session treating
Andre Polykanine an...@oire.org wrote:
Hi guys and girls,
I'm completely stuck at a really stupid thing.
For some reason my session id doesn't pass through the links.
Here is the code:
index.php:
?php
// Checking if the admin was ever authorized
if ($_SESSION['PSS']!=session_id()) $auth=0; else $auth=1;
if ($_SESSION['Editor']!=Voice of Istanor) $auth=0; else $auth=1;
if ($auth==0) {
if (!@$_POST) {
// If there's no POST values, including the login form
include login.php;
// For debugging only, outputs: Session name: PHPSESSID, session id:
;
printf(Session name: %s, Session Id: %s, session_name(),
session_id());
} else {
// Here go real values
if (($_POST['uname']!=Tralala) ||
(sha1($_POST['upass'])!=abcdeftralala)) {
echo h3Invalid login or password!/h3;
include login.php;
} else {
// Attention!
session_name(PalantirSessId);
session_start();
// Everything goes Ok here
printf(Session name: %s, Session Id: %s, session_name(),
session_id());
$_SESSION['PSS']=session_id();
$_SESSION['Editor']=$_POST['uname'];
$auth=1;
}
}
}
if ($auth==1) {
echo !DOCTYPE HTMLhtml
head
meta charset=\utf-8\
/head
body bgcolor=#CCBBFF;
include header.html;
// Still ok! the same name, the same Id
printf(Session name: %s, Session Id: %s, session_name(),
session_id());
end of code.
But now go the links such as
a href=articles.phpArticles management/a
And there, in the articles.php, I write the following:
?php
session_name(PalantirSessId);
session_start();
printf(Session name: %s, Session Id: %s, session_name(),
session_id());
And here (!) the session name is correct, but the session id is
changed.
My question is: why?
Thanks!
--
With best regards from Ukraine,
Andre
Skype: Francophile
Twitter: http://twitter.com/m_elensule
Facebook: http://facebook.com/menelion
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
One thing sticks out a little bit to me. In your index.php file, you're
accessing an element of the $_SESSION array, but without calling
session_start() first. I believe this may be causing the issue you are seeing.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--
Sent from my Android phone with K-9 Mail. Please excuse my brevity.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session treating
Hello Ashley, One thing sticks out a little bit to me. In your index.php file, you're accessing an element of the $_SESSION array, but without calling session_start() first. I believe this may be causing the issue you are seeing. I tried using it without success. I'm having now 3 separate session IDs: 1. Before the login form is processed, 2. After the login form is processed, 3. When clicking the Articles link, on the articles.php page. -- With best regards from Ukraine, Andre Skype: Francophile My blog: http://oire.org/menelion (mostly in Russian) Twitter: http://twitter.com/m_elensule Facebook: http://facebook.com/menelion -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session question
Paul Halliday wrote: Is it OK to have session_start as an include? Yes. -- Per Jessen, Zürich (18.1°C) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session question
Unless your adding more code to your included file it isn't worth having it as an include as there is more typing/text involved. For management purposes also it would also look ugly if you were just having one file purely for session_start(); From: p...@computer.org Date: Tue, 17 May 2011 13:01:19 +0200 To: php-general@lists.php.net Subject: Re: [PHP] Session question Paul Halliday wrote: Is it OK to have session_start as an include? Yes. -- Per Jessen, Zürich (18.1°C) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session question
You can have a session start in an htaccess file. .htaccess php_value session.auto_start 1 Do not scream at me if you do not like this approach or it does not work for you. I use it and it works well for me. Simply a suggestion. Richard L. Buskirk -Original Message- From: Ross Hansen [mailto:hansen.r...@live.com.au] Sent: Tuesday, May 17, 2011 11:16 PM To: php-general@lists.php.net Subject: RE: [PHP] Session question Unless your adding more code to your included file it isn't worth having it as an include as there is more typing/text involved. For management purposes also it would also look ugly if you were just having one file purely for session_start(); From: p...@computer.org Date: Tue, 17 May 2011 13:01:19 +0200 To: php-general@lists.php.net Subject: Re: [PHP] Session question Paul Halliday wrote: Is it OK to have session_start as an include? Yes. -- Per Jessen, Zürich (18.1°C) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session variable problem
On 3/25/2011 3:55 PM, Peter Lind wrote: More info (including some code) would be needed to get to the bottom of this, I'd say. Hard to diagnose what's happening otherwise. Regards Peter So I guess there is no list of things to check for sessions? I'll try to pair down the code to something postable, but it does work on the old server.let me see what I can come up with. -- Mark B -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session variable problem
call session_destroy(); then start the session again
Re: [PHP] session variable problem
At 01:09 PM 3/25/2011, markb wrote: Very rusty with PHP. We moved our web site to a new hosting service (godaddy). PHP changed from 4x to 5.2.17. I can no longer change $_SESSION variables after the first use. First call to form - start session create variables Second call - can read variables, change existing ones (but they do not persist to next call) - cannot create new variable without an error What's the error you're getting? Also, do you have a call to session_start() at the beginning of each script before any output is sent to the browser? Ken -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session variable problem
On 3/25/2011 12:13 PM, Ken Robinson wrote: At 01:09 PM 3/25/2011, markb wrote: Very rusty with PHP. We moved our web site to a new hosting service (godaddy). PHP changed from 4x to 5.2.17. I can no longer change $_SESSION variables after the first use. First call to form - start session create variables Second call - can read variables, change existing ones (but they do not persist to next call) - cannot create new variable without an error What's the error you're getting? Also, do you have a call to session_start() at the beginning of each script before any output is sent to the browser? Ken No error messages at all. error_reporting(E_ALL ^ E_NOTICE ); (I thought I was getting an error when creating new variables but that must have been a typo.) Session_start() called before any output (script was working on old host). -- Mark B -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session variable problem
On 3/25/2011 12:13 PM, Ken Robinson wrote: At 01:09 PM 3/25/2011, markb wrote: Very rusty with PHP. We moved our web site to a new hosting service (godaddy). PHP changed from 4x to 5.2.17. I can no longer change $_SESSION variables after the first use. First call to form - start session create variables Second call - can read variables, change existing ones (but they do not persist to next call) - cannot create new variable without an error What's the error you're getting? Also, do you have a call to session_start() at the beginning of each script before any output is sent to the browser? Ken More info perhaps. Changes I make using the page's form are persevered. Any changes made with php are not saved. Checking the session file confirms this. I'm missing something obvious here. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session variable problem
More info (including some code) would be needed to get to the bottom of this, I'd say. Hard to diagnose what's happening otherwise. Regards Peter -- hype WWW: plphp.dk / plind.dk LinkedIn: plind BeWelcome/Couchsurfing: Fake51 Twitter: kafe15 /hype -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP session replication
Hi Florin, thank you for your write up, actually the main reason why I asked the original question was because I mainly write servlet based webapps currently but I've decided to use PHP for my next project mainly for exploratory reasons. On Sat, Mar 19, 2011 at 10:06 AM, Florin Jurcovici florin.jurcov...@gmail.com wrote: Hi. Just for comparison: PHP does not provide sessions in the same way a servlet-based platform provides. PHP actually destroys the in-mem representation of sessions after each request is served, whereas a servlet-based platform caches the sessions in mem between requests. ASP.Net also serializes session state, but not into a cookie - it uses a hidden field instead. Which works around cookie size limitation. You don't even have a choice of database sessions with ASP.Net. OTOH, even if performance might suffer, scalability, as far as the sessions mechanism is concerned, is excellent - you don't need session replication. Servlet-based platforms provide the most complicated solution, when compared to the other two. They keep sessions in mem, which improves performance (no serialization/deserialization for each request), but creates potential scalability problems. You won't hit the wall at a few thousands of users, but replicating maybe a million sessions among no more than a hundred servers causes the replication process to consume quite a lot of resources, the resources being used for replication increasing faster than linearly with each added server (not quite exponentially, though). You can use sticky sessions with most servlet-based platforms, but these come with their own problems (already described by a previous poster). Nevertheless, in mem sessions a la servlets are a very convenient mechanism to use - the session replication is provided by the platform, and the app programmer doesn't have to worry about it. All three approaches rely on every piece of data in the session being serializable, so you can't store interesting objects, like an open file or the like, in sessions. Does anybody know of any fundamentally different session sharing/replication mechanism? br, flj -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Signed, Alessandro Ferrucci
Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
On Fri, Sep 17, 2010 at 10:50 AM, Cheryl Sullivan csull...@shh.org wrote:
Hi there - just to clear things up, I didn't mean your answer was irrelevant.
It was an excellent point - I just took the function call encompassing the
query string out of the code I posted to avoid people having to read too
much. I thought showing the function call was irrelevant. Hope that makes
sense - I did not intend to insult people who are taking the time to try to
help me!
Anyhoo - at the risk of going off the deep end in the other directions here
are is everything - the three pages that currently encompass this
application. You can see by the output I posted that appears on empForm.php
that the SSN and Cost Center session vars come up blank, while the other
three session vars and the hidden form fields do not. Thank you!
Default.php
-
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;
html xmlns=http://www.w3.org/1999/xhtml;
head
meta http-equiv=Content-Type content=text/html; charset=utf-8 /
titleEmployee Illness - Injury Report/title
link href=injury.css rel=stylesheet type=text/css /
script language=javascript src=functions.js/script
/head
body onload=javascript:frmValidateMe.txtLastName.focus();
div id=mainContainer
div id=topHeader/div
div id=middle
div class=helpNoteFor information or questions for this system, please
contact Linda Williams x5984/div
/div
div id=contentContainer
div id=contentText
div class=sectionHeadingEnter the system by validating, below./div
form name=frmValidateMe method=post action=mainRedirect.php
table
tr
td width=150nbsp;/tdtdYour Last Name/tdtdinput
type=text maxlength=100 name=txtLastName id=txtLastName //td
/tr
tr
td width=150nbsp;/tdtdYour SHH Badge ID
#/tdtdinput type=text maxlength=10 name=txtBadgeID id=txtBadgeID
//td
/tr
tr
td width=150nbsp;/tdtd valign=topI need
to/tdtdinput type=radio name=rdoAction id=rdoAction value=0
checked/Report my Injury/Illnessbr /input type=radio name=rdoAction
id=rdoAction value=1 /Check the Status/Update my Report/td
/tr
/table
centerimg src=images/btnSubmitBevel.gif width=80 height=26
onclick=validateValidate();//center
/form
/div
/div
div id=footer/div
/div
/body
/html
--
mainRedirect.php (as you can see I now have it set up to submit a form, but I
also have commented out the code I used to try to do a redirect.)
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;
html xmlns=http://www.w3.org/1999/xhtml;
head
meta http-equiv=Content-Type content=text/html; charset=utf-8 /
titleEmployee Illness - Injury Report Submit/title
link href=injury.css rel=stylesheet type=text/css /
script language=javascript src=functions.js/script
/head
body
?php session_start(); ?
?php
function hitMSSQL($query,$server,$db,$login,$pass,$senditback){
$conn = new COM (ADODB.Connection) or die(Cannot start ADO);
$connStr =
PROVIDER=SQLOLEDB;SERVER=.$server.,1433;UID=.$login.;PWD=.$pass.;DATABASE=.$db;
$conn-open($connStr);
if($senditback==1){
return $conn-execute($query);
}else{
$conn-execute($query);
}}
function GetSQLValueString($theValue, $theType, $database, $theDefinedValue =
, $theNotDefinedValue = )
{
if (PHP_VERSION 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
if($database==1){
$theValue = mysql_real_escape_string($theValue);
}else{
$theValue = str_replace(','',$theValue);
}
switch ($theType) {
case text:
$theValue = ($theValue != ) ? ' . $theValue . ' : NULL;
break;
case long:
case int:
$theValue = ($theValue != ) ? intval($theValue) : NULL;
break;
case double:
$theValue = ($theValue != ) ? doubleval($theValue) : NULL;
break;
case date:
$theValue = ($theValue != ) ? ' . $theValue . ' : NULL;
break;
case defined:
$theValue = ($theValue != ) ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$_SESSION['UserLastName'] = strtolower(trim($_POST['txtLastName']));
$_SESSION['BadgeID'] = trim($_POST['txtBadgeID']);
$q = sprintf(select * from emps where emp_last = %s and emp_badge = %s,
GetSQLValueString($_SESSION['UserLastName'], text, 1),
GetSQLValueString($_SESSION['BadgeID'],int, 1));
$q1 = select * from emps where emp_last = '.$_SESSION['UserLastName'].'
and emp_badge = '.$_SESSION['BadgeID'].';
$rs_emp_info = hitMSSQL($q1,intra_sql,employees,emps,e!mps,1);
$_SESSION['SSN'] = $rs_emp_info-fields(emp_ssn);
$_SESSION['CostCenter'] = $rs_emp_info-fields(emp_costcenter);
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick (SOLVED)
FANTASTIC!!! This did the trick!
By explicitly typecasting the value to a string when you assign it to the
session, you'll get the value rather than its wrapper.
Thank you all for your help! I will pass the comments on about employing the
MS's SQL Server Driver for PHP as well -
Thanks again -
-Original Message-
From: Andrew Ballard [mailto:aball...@gmail.com]
Sent: Friday, September 17, 2010 11:15 AM
To: Cheryl Sullivan
Cc: Peter Lind; tommy...@gmail.com; a...@ashleysheridan.co.uk;
php-general@lists.php.net
Subject: Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from
MYSQL Query stick
On Fri, Sep 17, 2010 at 10:50 AM, Cheryl Sullivan csull...@shh.org wrote:
Hi there - just to clear things up, I didn't mean your answer was irrelevant.
It was an excellent point - I just took the function call encompassing the
query string out of the code I posted to avoid people having to read too
much. I thought showing the function call was irrelevant. Hope that makes
sense - I did not intend to insult people who are taking the time to try to
help me!
Anyhoo - at the risk of going off the deep end in the other directions here
are is everything - the three pages that currently encompass this
application. You can see by the output I posted that appears on empForm.php
that the SSN and Cost Center session vars come up blank, while the other
three session vars and the hidden form fields do not. Thank you!
Default.php
-
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;
html xmlns=http://www.w3.org/1999/xhtml;
head
meta http-equiv=Content-Type content=text/html; charset=utf-8 /
titleEmployee Illness - Injury Report/title
link href=injury.css rel=stylesheet type=text/css /
script language=javascript src=functions.js/script
/head
body onload=javascript:frmValidateMe.txtLastName.focus();
div id=mainContainer
div id=topHeader/div
div id=middle
div class=helpNoteFor information or questions for this system, please
contact Linda Williams x5984/div
/div
div id=contentContainer
div id=contentText
div class=sectionHeadingEnter the system by validating, below./div
form name=frmValidateMe method=post action=mainRedirect.php
table
tr
td width=150nbsp;/tdtdYour Last Name/tdtdinput
type=text maxlength=100 name=txtLastName id=txtLastName //td
/tr
tr
td width=150nbsp;/tdtdYour SHH Badge ID
#/tdtdinput type=text maxlength=10 name=txtBadgeID id=txtBadgeID
//td
/tr
tr
td width=150nbsp;/tdtd valign=topI need
to/tdtdinput type=radio name=rdoAction id=rdoAction value=0
checked/Report my Injury/Illnessbr /input type=radio name=rdoAction
id=rdoAction value=1 /Check the Status/Update my Report/td
/tr
/table
centerimg src=images/btnSubmitBevel.gif width=80 height=26
onclick=validateValidate();//center
/form
/div
/div
div id=footer/div
/div
/body
/html
--
mainRedirect.php (as you can see I now have it set up to submit a form, but I
also have commented out the code I used to try to do a redirect.)
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;
html xmlns=http://www.w3.org/1999/xhtml;
head
meta http-equiv=Content-Type content=text/html; charset=utf-8 /
titleEmployee Illness - Injury Report Submit/title
link href=injury.css rel=stylesheet type=text/css /
script language=javascript src=functions.js/script
/head
body
?php session_start(); ?
?php
function hitMSSQL($query,$server,$db,$login,$pass,$senditback){
$conn = new COM (ADODB.Connection) or die(Cannot start ADO);
$connStr =
PROVIDER=SQLOLEDB;SERVER=.$server.,1433;UID=.$login.;PWD=.$pass.;DATABASE=.$db;
$conn-open($connStr);
if($senditback==1){
return $conn-execute($query);
}else{
$conn-execute($query);
}}
function GetSQLValueString($theValue, $theType, $database, $theDefinedValue =
, $theNotDefinedValue = )
{
if (PHP_VERSION 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
if($database==1){
$theValue = mysql_real_escape_string($theValue);
}else{
$theValue = str_replace(','',$theValue);
}
switch ($theType) {
case text:
$theValue = ($theValue != ) ? ' . $theValue . ' : NULL;
break;
case long:
case int:
$theValue = ($theValue != ) ? intval($theValue) : NULL;
break;
case double:
$theValue = ($theValue != ) ? doubleval($theValue) : NULL;
break;
case date:
$theValue = ($theValue != ) ? ' . $theValue . ' : NULL;
break;
case defined:
$theValue = ($theValue != ) ? $theDefinedValue : $theNotDefinedValue;
break;
}
return
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
-Original Message-
From: Cheryl Sullivan [mailto:csull...@shh.org]
Sent: Friday, September 17, 2010 7:51 AM
To: Peter Lind; tommy...@gmail.com
Cc: a...@ashleysheridan.co.uk; php-general@lists.php.net
Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those
loaded from MYSQL Query stick
Hi there - just to clear things up, I didn't mean your answer was
irrelevant. It
was an excellent point - I just took the function call encompassing the
query
string out of the code I posted to avoid people having to read too much.
I
thought showing the function call was irrelevant. Hope that makes sense -
I
did not intend to insult people who are taking the time to try to help me!
Anyhoo - at the risk of going off the deep end in the other directions
here
are is everything - the three pages that currently encompass this
application. You can see by the output I posted that appears on
empForm.php that the SSN and Cost Center session vars come up blank,
while the other three session vars and the hidden form fields do not.
Thank
you!
Default.php
-
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;
html xmlns=http://www.w3.org/1999/xhtml;
head
meta http-equiv=Content-Type content=text/html; charset=utf-8 /
titleEmployee Illness - Injury Report/title link href=injury.css
rel=stylesheet type=text/css / script language=javascript
src=functions.js/script /head body
onload=javascript:frmValidateMe.txtLastName.focus();
div id=mainContainer
div id=topHeader/div
div id=middle
div class=helpNoteFor information or questions for this system,
please contact Linda Williams x5984/div
/div
div id=contentContainer
div id=contentText
div class=sectionHeadingEnter the system by validating,
below./div
form name=frmValidateMe method=post
action=mainRedirect.php
table
tr
td width=150nbsp;/tdtdYour Last Name/tdtdinput
type=text maxlength=100 name=txtLastName id=txtLastName
//td
/tr
tr
td width=150nbsp;/tdtdYour SHH Badge ID
#/tdtdinput type=text maxlength=10 name=txtBadgeID
id=txtBadgeID //td
/tr
tr
td width=150nbsp;/tdtd valign=topI need
to/tdtdinput type=radio name=rdoAction id=rdoAction
value=0 checked/Report my Injury/Illnessbr /input type=radio
name=rdoAction id=rdoAction value=1 /Check the Status/Update my
Report/td
/tr
/table
centerimg src=images/btnSubmitBevel.gif width=80
height=26
onclick=validateValidate();//center
/form
/div
/div
div id=footer/div
/div
/body
/html
--
mainRedirect.php (as you can see I now have it set up to submit a form,
but I
also have commented out the code I used to try to do a redirect.)
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;
html xmlns=http://www.w3.org/1999/xhtml;
head
meta http-equiv=Content-Type content=text/html; charset=utf-8 /
titleEmployee Illness - Injury Report Submit/title link
href=injury.css
rel=stylesheet type=text/css / script language=javascript
src=functions.js/script /head
body
?php session_start(); ?
?php
function hitMSSQL($query,$server,$db,$login,$pass,$senditback){
$conn = new COM (ADODB.Connection) or die(Cannot start ADO);
$connStr =
PROVIDER=SQLOLEDB;SERVER=.$server.,1433;UID=.$login.;PWD=.$pass
.;DATABASE=.$db;
$conn-open($connStr);
if($senditback==1){
return $conn-execute($query);
}else{
$conn-execute($query);
}}
function GetSQLValueString($theValue, $theType, $database,
$theDefinedValue = , $theNotDefinedValue = ) {
if (PHP_VERSION 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) :
$theValue;
}
if($database==1){
$theValue = mysql_real_escape_string($theValue);
}else{
$theValue = str_replace(','',$theValue);
}
switch ($theType) {
case text:
$theValue = ($theValue != ) ? ' . $theValue . ' : NULL;
break;
case long:
case int:
$theValue = ($theValue != ) ? intval($theValue) : NULL;
break;
case double:
$theValue = ($theValue != ) ? doubleval($theValue) : NULL;
break;
case date:
$theValue = ($theValue != ) ? ' . $theValue . ' : NULL;
break;
case defined:
$theValue = ($theValue != ) ? $theDefinedValue :
$theNotDefinedValue;
break;
}
return $theValue;
}
$_SESSION['UserLastName'] = strtolower(trim($_POST['txtLastName']));
$_SESSION['BadgeID'] = trim($_POST['txtBadgeID']);
$q = sprintf(select * from emps where emp_last = %s and emp_badge =
%s, GetSQLValueString($_SESSION['UserLastName'], text, 1),
GetSQLValueString($_SESSION['BadgeID'],int, 1));
This may cause you problems since I see
Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
On Thu, 2010-09-16 at 10:11 -0400, Cheryl Sullivan wrote: Hi there – I’m new to this news group. Any help with this is appreciated – When I populate session vars from a MYSQL query, they are still there when I change pages. If I populate them from an MSSQL query, they drop. It doesn't matter if I get to the next page using a header redirect or a form submit. I have two session vars I'm loading from a MYSQL query and they remain, the two loaded from MSSQL disappear. I have confirmed that all four session vars are loading ok initially and I can echo them out to the page, but when the application moves to the next page via redirect or form submit, the two vars loaded from MSSQL are empty. Any ideas? Cheryl L. Sullivan Interface Analyst / Web Developer Sacred Heart Hospital (www.shh.org) 421 Chew Street • Allentown, PA 18102 Office: 610-776-4784 • Cell: 484-544-2416 Please consider the environment before printing this e-mail Notice: This communication, including attachments, may contain information that is confidential and protected. It constitutes non-public information intended to be conveyed only to the designated recipient(s). If you believe that you have received this communication in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is prohibited and may be unlawful. Thank you. There should be no difference. Can we see some examples of the MySQL and the MSSQL code to see what you're doing differently? Thanks, Ash http://www.ashleysheridan.co.uk
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
Absolutely - This is from the first page ?php $_SESSION['UserLastName'] = strtolower(trim($_POST['txtLastName'])); $_SESSION['BadgeID'] = trim($_POST['txtBadgeID']); //access MS SQL Server database $q1 = select * from emps where emp_last = '.$_SESSION['UserLastName'].' and emp_badge = '.$_SESSION['BadgeID'].'; $rs_emp_info = hitMSSQL($q1,_sql,database,table,password,1); $_SESSION['SSN'] = $rs_emp_info-fields(emp_ssn); $_SESSION['CostCenter'] = $rs_emp_info-fields(emp_costcenter); //access mySQL database $cnx = mysql_connect(localhost,userID,password); $db = mysql_select_db(database_name); $q1 = select * from tblmainempreport where empUUID = 'sdfsfs920090528131'; $result = mysql_query($q1); $recArray = mysql_fetch_array($result); $_SESSION['empFName'] = $recArray['EmpFName']; ? When I echo all five $_SESSION vars from here, they are all populated. Then I can either redirect or form post to the next page. In either case, the $_SESSION vars populated from SQL Server ( the SSN and Cost Center vars) are blank when I echo them on the destination page. From: Ashley Sheridan [mailto:a...@ashleysheridan.co.uk] Sent: Thursday, September 16, 2010 10:14 AM To: Cheryl Sullivan Cc: php-general@lists.php.net Subject: Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick On Thu, 2010-09-16 at 10:11 -0400, Cheryl Sullivan wrote: Hi there - I'm new to this news group. Any help with this is appreciated - When I populate session vars from a MYSQL query, they are still there when I change pages. If I populate them from an MSSQL query, they drop. It doesn't matter if I get to the next page using a header redirect or a form submit. I have two session vars I'm loading from a MYSQL query and they remain, the two loaded from MSSQL disappear. I have confirmed that all four session vars are loading ok initially and I can echo them out to the page, but when the application moves to the next page via redirect or form submit, the two vars loaded from MSSQL are empty. Any ideas? Cheryl L. Sullivan Interface Analyst / Web Developer Sacred Heart Hospital (www.shh.org) 421 Chew Street * Allentown, PA 18102 Office: 610-776-4784 * Cell: 484-544-2416 P Please consider the environment before printing this e-mail Notice: This communication, including attachments, may contain information that is confidential and protected. It constitutes non-public information intended to be conveyed only to the designated recipient(s). If you believe that you have received this communication in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is prohibited and may be unlawful. Thank you. There should be no difference. Can we see some examples of the MySQL and the MSSQL code to see what you're doing differently? Thanks, Ash http://www.ashleysheridan.co.uk
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
-Original Message- From: Cheryl Sullivan [mailto:csull...@shh.org] Sent: Thursday, September 16, 2010 7:12 AM To: php-general@lists.php.net Subject: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick Hi there – I’m new to this news group. Any help with this is appreciated – When I populate session vars from a MYSQL query, they are still there when I change pages. If I populate them from an MSSQL query, they drop. It doesn't matter if I get to the next page using a header redirect or a form submit. I have two session vars I'm loading from a MYSQL query and they remain, the two loaded from MSSQL disappear. What SQL Server version? What PHP extension are you using? MSSQL? sqlsrv? Regards, Tommy I have confirmed that all four session vars are loading ok initially and I can echo them out to the page, but when the application moves to the next page via redirect or form submit, the two vars loaded from MSSQL are empty. Any ideas? Cheryl L. Sullivan Interface Analyst / Web Developer Sacred Heart Hospital (www.shh.org) 421 Chew Street • Allentown, PA 18102 Office: 610-776-4784 • Cell: 484-544-2416 P Please consider the environment before printing this e-mail Notice: This communication, including attachments, may contain information that is confidential and protected. It constitutes non-public information intended to be conveyed only to the designated recipient(s). If you believe that you have received this communication in error, please notify the sender immediately by return e-mail and promptly delete this e- mail, including attachments without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is prohibited and may be unlawful. Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
On Thu, Sep 16, 2010 at 10:26 AM, Cheryl Sullivan csull...@shh.org wrote: Absolutely - This is from the first page ?php $_SESSION['UserLastName'] = strtolower(trim($_POST['txtLastName'])); $_SESSION['BadgeID'] = trim($_POST['txtBadgeID']); //access MS SQL Server database $q1 = select * from emps where emp_last = '.$_SESSION['UserLastName'].' and emp_badge = '.$_SESSION['BadgeID'].'; $rs_emp_info = hitMSSQL($q1,_sql,database,table,password,1); $_SESSION['SSN'] = $rs_emp_info-fields(emp_ssn); $_SESSION['CostCenter'] = $rs_emp_info-fields(emp_costcenter); //access mySQL database $cnx = mysql_connect(localhost,userID,password); $db = mysql_select_db(database_name); $q1 = select * from tblmainempreport where empUUID = 'sdfsfs920090528131'; $result = mysql_query($q1); $recArray = mysql_fetch_array($result); $_SESSION['empFName'] = $recArray['EmpFName']; ? When I echo all five $_SESSION vars from here, they are all populated. Then I can either redirect or form post to the next page. In either case, the $_SESSION vars populated from SQL Server ( the SSN and Cost Center vars) are blank when I echo them on the destination page. The fact that you can echo the $_SESSION information on the same page and they contain the correct values suggest to me that the issue of MySQL/MSSQL is a red herring. I would look into things like the value for register_globals to make sure you don't have a global variable stepping on some of your session variables. Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
SQL Server 8.00.818 - SP3 (Enterprise Edition) Unfortunately I am fairly new to PHP and my boss just went home sick for the day, so I don't know how to answer the question about the extension. Can you tell me where I can find that? -Original Message- From: Tommy Pham [mailto:tommy...@gmail.com] Sent: Thursday, September 16, 2010 11:00 AM To: php-general@lists.php.net Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick -Original Message- From: Cheryl Sullivan [mailto:csull...@shh.org] Sent: Thursday, September 16, 2010 7:12 AM To: php-general@lists.php.net Subject: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick Hi there - I'm new to this news group. Any help with this is appreciated - When I populate session vars from a MYSQL query, they are still there when I change pages. If I populate them from an MSSQL query, they drop. It doesn't matter if I get to the next page using a header redirect or a form submit. I have two session vars I'm loading from a MYSQL query and they remain, the two loaded from MSSQL disappear. What SQL Server version? What PHP extension are you using? MSSQL? sqlsrv? Regards, Tommy I have confirmed that all four session vars are loading ok initially and I can echo them out to the page, but when the application moves to the next page via redirect or form submit, the two vars loaded from MSSQL are empty. Any ideas? Cheryl L. Sullivan Interface Analyst / Web Developer Sacred Heart Hospital (www.shh.org) 421 Chew Street * Allentown, PA 18102 Office: 610-776-4784 * Cell: 484-544-2416 P Please consider the environment before printing this e-mail Notice: This communication, including attachments, may contain information that is confidential and protected. It constitutes non-public information intended to be conveyed only to the designated recipient(s). If you believe that you have received this communication in error, please notify the sender immediately by return e-mail and promptly delete this e- mail, including attachments without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is prohibited and may be unlawful. Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Notice: This communication, including attachments, may contain information that is confidential and protected. It constitutes non-public information intended to be conveyed only to the designated recipient(s). If you believe that you have received this communication in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is prohibited and may be unlawful. Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
-Original Message- From: Cheryl Sullivan [mailto:csull...@shh.org] Sent: Thursday, September 16, 2010 8:33 AM To: Tommy Pham; php-general@lists.php.net Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick SQL Server 8.00.818 - SP3 (Enterprise Edition) 8? I think that's SQL 2000. If that's the case, you're 1 service pack behind. The latest service pack for SQL 2000 is 4. Unfortunately I am fairly new to PHP and my boss just went home sick for the day, so I don't know how to answer the question about the extension. Can you tell me where I can find that? phpinfo(); will give all the information pertaining to your PHP environment. Regards, Tommy -Original Message- From: Tommy Pham [mailto:tommy...@gmail.com] Sent: Thursday, September 16, 2010 11:00 AM To: php-general@lists.php.net Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick -Original Message- From: Cheryl Sullivan [mailto:csull...@shh.org] Sent: Thursday, September 16, 2010 7:12 AM To: php-general@lists.php.net Subject: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick Hi there - I'm new to this news group. Any help with this is appreciated - When I populate session vars from a MYSQL query, they are still there when I change pages. If I populate them from an MSSQL query, they drop. It doesn't matter if I get to the next page using a header redirect or a form submit. I have two session vars I'm loading from a MYSQL query and they remain, the two loaded from MSSQL disappear. What SQL Server version? What PHP extension are you using? MSSQL? sqlsrv? Regards, Tommy I have confirmed that all four session vars are loading ok initially and I can echo them out to the page, but when the application moves to the next page via redirect or form submit, the two vars loaded from MSSQL are empty. Any ideas? Cheryl L. Sullivan Interface Analyst / Web Developer Sacred Heart Hospital (www.shh.org) 421 Chew Street * Allentown, PA 18102 Office: 610-776-4784 * Cell: 484-544-2416 P Please consider the environment before printing this e-mail Notice: This communication, including attachments, may contain information that is confidential and protected. It constitutes non-public information intended to be conveyed only to the designated recipient(s). If you believe that you have received this communication in error, please notify the sender immediately by return e-mail and promptly delete this e- mail, including attachments without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is prohibited and may be unlawful. Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Notice: This communication, including attachments, may contain information that is confidential and protected. It constitutes non-public information intended to be conveyed only to the designated recipient(s). If you believe that you have received this communication in error, please notify the sender immediately by return e-mail and promptly delete this e- mail, including attachments without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is prohibited and may be unlawful. Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
On 16 September 2010 16:26, Cheryl Sullivan csull...@shh.org wrote: Absolutely - This is from the first page ?php $_SESSION['UserLastName'] = strtolower(trim($_POST['txtLastName'])); $_SESSION['BadgeID'] = trim($_POST['txtBadgeID']); //access MS SQL Server database $q1 = select * from emps where emp_last = '.$_SESSION['UserLastName'].' and emp_badge = '.$_SESSION['BadgeID'].'; $rs_emp_info = hitMSSQL($q1,_sql,database,table,password,1); $_SESSION['SSN'] = $rs_emp_info-fields(emp_ssn); $_SESSION['CostCenter'] = $rs_emp_info-fields(emp_costcenter); You're sticking values from $_POST into an SQL query without sanitizing them first. That spells out SQL INJECTION VULNERABILITY. Regards Peter -- hype WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 /hype -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
We are actually running the query through a function that removes single ticks, etc to avoid this, but I didn't think that was relevant to the question so I didn't include it. Thanks, though! -Original Message- From: Peter Lind [mailto:peter.e.l...@gmail.com] Sent: Thursday, September 16, 2010 12:03 PM To: Cheryl Sullivan Cc: a...@ashleysheridan.co.uk; php-general@lists.php.net Subject: Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick On 16 September 2010 16:26, Cheryl Sullivan csull...@shh.org wrote: Absolutely - This is from the first page ?php $_SESSION['UserLastName'] = strtolower(trim($_POST['txtLastName'])); $_SESSION['BadgeID'] = trim($_POST['txtBadgeID']); //access MS SQL Server database $q1 = select * from emps where emp_last = '.$_SESSION['UserLastName'].' and emp_badge = '.$_SESSION['BadgeID'].'; $rs_emp_info = hitMSSQL($q1,_sql,database,table,password,1); $_SESSION['SSN'] = $rs_emp_info-fields(emp_ssn); $_SESSION['CostCenter'] = $rs_emp_info-fields(emp_costcenter); You're sticking values from $_POST into an SQL query without sanitizing them first. That spells out SQL INJECTION VULNERABILITY. Regards Peter -- hype WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 /hype Notice: This communication, including attachments, may contain information that is confidential and protected. It constitutes non-public information intended to be conveyed only to the designated recipient(s). If you believe that you have received this communication in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is prohibited and may be unlawful. Thank you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
Tommy - I ran phpinfo() but I don't see anything in it referencing MSSQL or SQLSRV. I have included all the references to sql I see below, but the only references I see to databases are to mySQL and SQLLite. Unfortunately I don't have any control over how service-packed the database server is. Is there something in SP 4 for SQL Server 2000 that is supposed to fix the issue I'm having, I may be able to plead my case for getting the latest SP. Is this the case, do you know? mysql MySQL Support enabled Active Persistent Links 0 Active Links 0 Client API version mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $ Persistent cache enabled put_hits 0 put_misses 0 get_hits 0 get_misses 0 size 2000 free_items 2000 references 2 Directive Local Value Master Value mysql.allow_local_infile On On mysql.allow_persistent On On mysql.cache_size 2000 2000 mysql.connect_timeout 60 60 mysql.default_host no value no value mysql.default_password no value no value mysql.default_port no value no value mysql.default_socket no value no value mysql.default_user no value no value mysql.max_links Unlimited Unlimited mysql.max_persistent Unlimited Unlimited mysql.trace_mode Off Off mysqli MysqlI Support enabled Client API library version mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $ Active Persistent Links 0 Inactive Persistent Links 0 Active Links 0 Persistent cache enabled put_hits 0 put_misses 0 get_hits 0 get_misses 0 size 2000 free_items 2000 references 2 Directive Local Value Master Value mysqli.allow_local_infile On On mysqli.allow_persistent On On mysqli.cache_size 2000 2000 mysqli.default_host no value no value mysqli.default_port 3306 3306 mysqli.default_pw no value no value mysqli.default_socket no value no value mysqli.default_user no value no value mysqli.max_links Unlimited Unlimited mysqli.max_persistent Unlimited Unlimited mysqli.reconnect Off Off mysqlnd mysqlnd enabled Version mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $ Command buffer size 2048 Read buffer size 32768 Collecting statistics Yes Collecting memory statistics Yes PDO PDO support enabled PDO drivers mysql, sqlite pdo_mysql PDO Driver for MySQL enabled Client API version mysqlnd 5.0.5-dev - 081106 - $Revision: 1.3.2.27 $ Persistent cache enabled put_hits 0 put_misses 0 get_hits 0 get_misses 0 size 2000 free_items 2000 references 2 Directive Local Value Master Value pdo_mysql.cache_size 2000 2000 pdo_sqlite PDO Driver for SQLite 3.x enabled SQLite Library 3.6.15 -Original Message- From: Tommy Pham [mailto:tommy...@gmail.com] Sent: Thursday, September 16, 2010 11:39 AM To: php-general@lists.php.net Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick -Original Message- From: Cheryl Sullivan [mailto:csull...@shh.org] Sent: Thursday, September 16, 2010 8:33 AM To: Tommy Pham; php-general@lists.php.net Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick SQL Server 8.00.818 - SP3 (Enterprise Edition) 8? I think that's SQL 2000. If that's the case, you're 1 service pack behind. The latest service pack for SQL 2000 is 4. Unfortunately I am fairly new to PHP and my boss just went home sick for the day, so I don't know how to answer the question about the extension. Can you tell me where I can find that? phpinfo(); will give all the information pertaining to your PHP environment. Regards, Tommy -Original Message- From: Tommy Pham [mailto:tommy...@gmail.com] Sent: Thursday, September 16, 2010 11:00 AM To: php-general@lists.php.net Subject: RE: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick -Original Message- From: Cheryl Sullivan [mailto:csull...@shh.org] Sent: Thursday, September 16, 2010 7:12 AM To: php-general@lists.php.net Subject: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick Hi there - I'm new to this news group. Any help with this is appreciated - When I populate session vars from a MYSQL query, they are still there when I change pages. If I populate them from an MSSQL query, they drop. It doesn't matter if I get to the next page using a header redirect or a form submit. I have two session vars I'm loading from a MYSQL query and they remain, the two loaded from MSSQL disappear. What SQL Server version? What PHP extension are you using? MSSQL? sqlsrv? Regards, Tommy I have confirmed that all four session vars are loading ok initially and I can echo them out to the page, but when the application moves to the next page via redirect or form submit, the two vars loaded from MSSQL are empty. Any ideas? Cheryl L. Sullivan Interface Analyst / Web Developer Sacred Heart Hospital (www.shh.org
Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
On Thu, Sep 16, 2010 at 10:26 AM, Cheryl Sullivan csull...@shh.org wrote: [snip] When I echo all five $_SESSION vars from here, they are all populated. Then I can either redirect or form post to the next page. In either case, the $_SESSION vars populated from SQL Server ( the SSN and Cost Center vars) are blank when I echo them on the destination page. On Thu, Sep 16, 2010 at 2:12 PM, Cheryl Sullivan csull...@shh.org wrote: Tommy - I ran phpinfo() but I don't see anything in it referencing MSSQL or SQLSRV. I have included all the references to sql I see below, but the only references I see to databases are to mySQL and SQLLite. Unfortunately I don't have any control over how service-packed the database server is. Is there something in SP 4 for SQL Server 2000 that is supposed to fix the issue I'm having, I may be able to plead my case for getting the latest SP. Is this the case, do you know? [snip] Again, I ask - based on what you said earlier - are you sure this is even a database issue? You said that when you echo the values in your $_SESSION array AFTER reading them from the database they are there, and you only lose them on the next request after either a redirect or a manual form POST. If the values are getting into $_SESSION correctly within this page, your issue is not related to the database at all. Am I misunderstanding you? Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Vars loaded from MSSQL Query drop, those loaded from MYSQL Query stick
On 16 September 2010 20:03, Cheryl Sullivan csull...@shh.org wrote: We are actually running the query through a function that removes single ticks, etc to avoid this, but I didn't think that was relevant to the question so I didn't include it. Thanks, though! You're the one with the problem you don't understand, which means you don't get to make decisions as what is or is not relevant. Rather: you have no idea what seems relevant to us trying to pinpoint the error. That said, if - like Andrew points out - you see the values directly after storing them, then the problem is not database related. What exactly happens between the two pages and on the second page? Regards Peter -- hype WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 /hype -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session variables in tmp
Hi Stephen, you can try setting the session path using session_save_path http://www.php.net/manual/en/function.session-save-path.php. Gerardo www.webseficientes.com.ar On Sat, Jun 5, 2010 at 2:18 AM, Stephen Sunderlin stephen.sunder...@verizon.net wrote: trying out a CentOS release 5.2 (Final) V4_1_0 on AWS. Was working fine and now it seems that php has stopped writing any session variable to /tmp. I was cleaning up the user table in mysql and limiting permissions. Not sure that this would have anything to do with it. Restarted apache/mysql. tmp is set to drwxrwxrwt 4 root root 4096 Jun 5 00:46 tmp PHP 5.2.4 MySQL 5.0.45 any thought on where else to look. Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Gerardo Benitez
Re: [PHP] session variables in tmp
Thanks Gerardo. I send a large dump.sql file to my /tmp dir and filled up the remaining space so PHP was not able to write any more session variable. Took me a little while to figure that one out. Thanks for your response. On Tue, 08 Jun 2010 12:00:23 -0400, Gerardo Benitez gerardobeni...@gmail.com wrote: Hi Stephen, you can try setting the session path using session_save_path http://www.php.net/manual/en/function.session-save-path.php. Gerardo www.webseficientes.com.ar On Sat, Jun 5, 2010 at 2:18 AM, Stephen Sunderlin stephen.sunder...@verizon.net wrote: trying out a CentOS release 5.2 (Final) V4_1_0 on AWS. Was working fine and now it seems that php has stopped writing any session variable to /tmp. I was cleaning up the user table in mysql and limiting permissions. Not sure that this would have anything to do with it. Restarted apache/mysql. tmp is set to drwxrwxrwt 4 root root 4096 Jun 5 00:46 tmp PHP 5.2.4 MySQL 5.0.45 any thought on where else to look. Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Using Opera's revolutionary e-mail client: http://www.opera.com/mail/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session variables in tmp
Ok, that usually happens. Gerardo www.webseficientes.com.ar On Tue, Jun 8, 2010 at 1:48 PM, Stephen Sunderlin stephen.sunder...@verizon.net wrote: Thanks Gerardo. I send a large dump.sql file to my /tmp dir and filled up the remaining space so PHP was not able to write any more session variable. Took me a little while to figure that one out. Thanks for your response. On Tue, 08 Jun 2010 12:00:23 -0400, Gerardo Benitez gerardobeni...@gmail.com wrote: Hi Stephen, you can try setting the session path using session_save_path http://www.php.net/manual/en/function.session-save-path.php. Gerardo www.webseficientes.com.ar On Sat, Jun 5, 2010 at 2:18 AM, Stephen Sunderlin stephen.sunder...@verizon.net wrote: trying out a CentOS release 5.2 (Final) V4_1_0 on AWS. Was working fine and now it seems that php has stopped writing any session variable to /tmp. I was cleaning up the user table in mysql and limiting permissions. Not sure that this would have anything to do with it. Restarted apache/mysql. tmp is set to drwxrwxrwt 4 root root 4096 Jun 5 00:46 tmp PHP 5.2.4 MySQL 5.0.45 any thought on where else to look. Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Using Opera's revolutionary e-mail client: http://www.opera.com/mail/ -- Gerardo Benitez
Re: [PHP] session data
On Tue, 2010-06-01 at 21:54 +0100, Colin Finnis wrote: I'm having a problem with session data. I have a login setup which holds the user ID and password in the session data once the user has initially logged in. When the user goes to a new page or accesses a pop up window the users session data is validated against a list of IDs and passwords held on the system rather than forcing them to log in each time. As far as I can work out this is fairly standard stuff for this sort of process. It works fine in Firefox but is very inconsistent when used in IE 7. On occasions when a new page is accessed the users is forced to login again. The reason for this appears to be that the variables in which the ID and password are stored don't exist. I have a whole load of trace code which gives me various information and session ID is apparently being picked up correctly. The weird thing is that if you reload the page it will then work correctly. I have tried adding session_write_close as I thought the data was not being written out correctly during the initial login. This code has been developed in eclipse using an Apache web serve and works just fine in this environment. I am trying to deploy it to an IIS serve to which I only have limited access and cant debug it in this environment. Do you have an example of the code you're using, like a bare bones script? Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] Session Variable Problem
tedd Please accept my apologies for not thanking you sooner, I am going over you code and learning great stuff. Again, thank you. And thank you to Adam as well. gary tedd tedd.sperl...@gmail.com wrote in message news:p06240804c7cbe9aa1...@[192.168.1.102]... At 10:14 AM -0400 3/21/10, Gary wrote: Thanks again for all the help, however the plot thickens. Gary : It doesn't have to thicken. Here's an example of using $_SESSION that works and you can have as many fields as you want: http://www.webbytedd.com/aa/step-form-sessions/index.php All the code is there. Plus, it will give you a way to go from page to page without leaving the gathering page. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com __ Information from ESET Smart Security, version of virus signature database 4962 (20100321) __ The message was checked by ESET Smart Security. http://www.eset.com __ Information from ESET Smart Security, version of virus signature database 4965 (20100322) __ The message was checked by ESET Smart Security. http://www.eset.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Variable Problem
At 2:22 PM -0400 3/20/10, Gary wrote:
I have this perplexing issue of session varibles getting dropped. It is a 4
page form, the last page being a review page incase the submitter wants to
change any of the information.If you go through the form, all of the
information carries forward, and from the review page if you go back to
edit, it is there, however is you go back to page 2, then to page 1, page
one info is gone.It gets worse in that page 2 sessions drop (more likely
over written) if you go from page 3 to 2.
Each page is started with
?php if(!isset($_SESSION)) {
session_start();
}
Session varible:
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
Calling the session varible to the input field for review
?php if (isset($_SESSION['lend_fname'])) {echo
'value='.htmlentities($_SESSION['lend_fname']).'';}?
The page starts at http://www.paulgdesigns.com/one2one/lend_bor_input.php
Im confused as to why they keep getting dropped and how to stop it.
Hopefully I have given enough information.
Thank you
Gary
Gary:
I think I know what the problem is. When you revisit previous pages,
you write over the previous data from an empty $_POST. Here's a way
to stop that.
?php session_start();
if (isset($_POST ['lend_fname'])
{
$_SESSION['lend_fname'] = $_POST['lend_fname'];
}
As far as using strip_slashes() and htmlentities() I wait until I am
going to use the variables in some manner and then clean/scrub them
all at one time. That makes the process simpler for me -- plus I can
then keep all my security checks in one location.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Variable Problem
Thanks again for all the help, however the plot thickens.
I have put:
?php if(!isset($_SESSION)) {
session_start();
}
if (isset($_POST['lend_fname'])){
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
}
if (isset($_POST['lend_lname'])){
$_SESSION['lend_lname']=stripslashes($_POST['lend_lname']);
}
if (isset($_POST['lend_street'])){
$_SESSION['lend_street']=stripslashes($_POST['lend_street']);
}
if (isset($_POST['lend_city'])){
$_SESSION['lend_city']=stripslashes($_POST['lend_city']);
}
if (isset($_POST['lend_state'])){
$_SESSION['lend_state']=stripslashes($_POST['lend_state']);
}
if (isset($_POST['lend_lname'])){
$_SESSION['lend_zip']=stripslashes($_POST['lend_zip']);
}
if (isset($_POST['lend_email'])){
$_SESSION['lend_email']=stripslashes($_POST['lend_email']);
}
if (isset($_POST['lend_phone'])){
$_SESSION['lend_phone']=stripslashes($_POST['lend_phone']);
}
?
On the first page, Now what happens is it only sticks to the first two
(lend_fname and lend_lname), the others still get lost. Any idea how or why
the exact code works differently?
Thanks Again.
gary
tedd tedd.sperl...@gmail.com wrote in message
news:p06240800c7cbc0927...@[192.168.1.102]...
At 2:22 PM -0400 3/20/10, Gary wrote:
I have this perplexing issue of session varibles getting dropped. It is a
4
page form, the last page being a review page incase the submitter wants to
change any of the information.If you go through the form, all of the
information carries forward, and from the review page if you go back to
edit, it is there, however is you go back to page 2, then to page 1, page
one info is gone.It gets worse in that page 2 sessions drop (more likely
over written) if you go from page 3 to 2.
Each page is started with
?php if(!isset($_SESSION)) {
session_start();
}
Session varible:
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
Calling the session varible to the input field for review
?php if (isset($_SESSION['lend_fname'])) {echo
'value='.htmlentities($_SESSION['lend_fname']).'';}?
The page starts at http://www.paulgdesigns.com/one2one/lend_bor_input.php
Im confused as to why they keep getting dropped and how to stop it.
Hopefully I have given enough information.
Thank you
Gary
Gary:
I think I know what the problem is. When you revisit previous pages, you
write over the previous data from an empty $_POST. Here's a way to stop
that.
?php session_start();
if (isset($_POST ['lend_fname'])
{
$_SESSION['lend_fname'] = $_POST['lend_fname'];
}
As far as using strip_slashes() and htmlentities() I wait until I am going
to use the variables in some manner and then clean/scrub them all at one
time. That makes the process simpler for me -- plus I can then keep all my
security checks in one location.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
__ Information from ESET Smart Security, version of virus
signature database 4962 (20100321) __
The message was checked by ESET Smart Security.
http://www.eset.com
__ Information from ESET Smart Security, version of virus signature
database 4962 (20100321) __
The message was checked by ESET Smart Security.
http://www.eset.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Variable Problem
At 10:14 AM -0400 3/21/10, Gary wrote: Thanks again for all the help, however the plot thickens. Gary : It doesn't have to thicken. Here's an example of using $_SESSION that works and you can have as many fields as you want: http://www.webbytedd.com/aa/step-form-sessions/index.php All the code is there. Plus, it will give you a way to go from page to page without leaving the gathering page. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Variable Problem
On Sat, Mar 20, 2010 at 2:22 PM, Gary gwp...@ptd.net wrote:
I have this perplexing issue of session varibles getting dropped. It is a
4
page form, the last page being a review page incase the submitter wants to
change any of the information.If you go through the form, all of the
information carries forward, and from the review page if you go back to
edit, it is there, however is you go back to page 2, then to page 1, page
one info is gone.It gets worse in that page 2 sessions drop (more likely
over written) if you go from page 3 to 2.
Each page is started with
?php if(!isset($_SESSION)) {
session_start();
}
Session varible:
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
Calling the session varible to the input field for review
?php if (isset($_SESSION['lend_fname'])) {echo
'value='.htmlentities($_SESSION['lend_fname']).'';}?
The page starts at http://www.paulgdesigns.com/one2one/lend_bor_input.php
Im confused as to why they keep getting dropped and how to stop it.
Hopefully I have given enough information.
Thank you
Gary
__ Information from ESET Smart Security, version of virus signature
database 4961 (20100320) __
The message was checked by ESET Smart Security.
http://www.eset.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Are you checking to see if the post variable is set in the code that handles
saving the form values to session variables? I can't tell if you're doing
this from the code you provided. If not, it's possible that when you are
returning to one of the earlier pages, you're attempting to again save the
form values even though the corresponding $_POST vars are empty. This would
cause visiting page 2 to essentially delete the data previously posted from
page 1.
Using your example:
// Only save if post variable present, which means
if (isset($_POST['lend_fname']))
{
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
}
Also, some users will likely click the back button during the process, which
brings up a funky message. You might try building one page that is
dedicated to saving all of the session variables, which then redirects to
the corresponding next page in the process.
Adam
--
Nephtali: PHP web framework that functions beautifully
http://nephtaliproject.com
Re: [PHP] Session Variable Problem
Adam
Thank you for your reply.
Are you checking to see if the post variable is set in the code that
handles saving the form values to session variables?
No, I not done anything about the post variable, frankly I thought the
session variable would cover it. I tried your code
if (isset($_POST['lend_fname'])){
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
}
And it seems to work fine, the data seems to stay. Is there an easier method
(perhaps putting the post or session variables into an array?
Again thank you for your reply and your solution.
Gary
Adam Richardson simples...@gmail.com wrote in message
news:e4d8ea9d1003201529p1ab72baei147549423f5e3...@mail.gmail.com...
On Sat, Mar 20, 2010 at 2:22 PM, Gary gwp...@ptd.net wrote:
I have this perplexing issue of session varibles getting dropped. It is
a
4
page form, the last page being a review page incase the submitter wants
to
change any of the information.If you go through the form, all of the
information carries forward, and from the review page if you go back to
edit, it is there, however is you go back to page 2, then to page 1, page
one info is gone.It gets worse in that page 2 sessions drop (more likely
over written) if you go from page 3 to 2.
Each page is started with
?php if(!isset($_SESSION)) {
session_start();
}
Session varible:
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
Calling the session varible to the input field for review
?php if (isset($_SESSION['lend_fname'])) {echo
'value='.htmlentities($_SESSION['lend_fname']).'';}?
The page starts at http://www.paulgdesigns.com/one2one/lend_bor_input.php
Im confused as to why they keep getting dropped and how to stop it.
Hopefully I have given enough information.
Thank you
Gary
__ Information from ESET Smart Security, version of virus
signature
database 4961 (20100320) __
The message was checked by ESET Smart Security.
http://www.eset.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Are you checking to see if the post variable is set in the code that
handles
saving the form values to session variables? I can't tell if you're doing
this from the code you provided. If not, it's possible that when you are
returning to one of the earlier pages, you're attempting to again save the
form values even though the corresponding $_POST vars are empty. This
would
cause visiting page 2 to essentially delete the data previously posted
from
page 1.
Using your example:
// Only save if post variable present, which means
if (isset($_POST['lend_fname']))
{
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
}
Also, some users will likely click the back button during the process,
which
brings up a funky message. You might try building one page that is
dedicated to saving all of the session variables, which then redirects to
the corresponding next page in the process.
Adam
--
Nephtali: PHP web framework that functions beautifully
http://nephtaliproject.com
__ Information from ESET Smart Security, version of virus
signature database 4961 (20100320) __
The message was checked by ESET Smart Security.
http://www.eset.com
__ Information from ESET Smart Security, version of virus signature
database 4961 (20100320) __
The message was checked by ESET Smart Security.
http://www.eset.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session Variable Problem
On Sat, Mar 20, 2010 at 6:56 PM, Gary gwp...@ptd.net wrote:
Adam
Thank you for your reply.
Are you checking to see if the post variable is set in the code that
handles saving the form values to session variables?
No, I not done anything about the post variable, frankly I thought the
session variable would cover it. I tried your code
if (isset($_POST['lend_fname'])){
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
}
And it seems to work fine, the data seems to stay. Is there an easier
method
(perhaps putting the post or session variables into an array?
Again thank you for your reply and your solution.
Gary
Adam Richardson simples...@gmail.com wrote in message
news:e4d8ea9d1003201529p1ab72baei147549423f5e3...@mail.gmail.com...
On Sat, Mar 20, 2010 at 2:22 PM, Gary gwp...@ptd.net wrote:
I have this perplexing issue of session varibles getting dropped. It is
a
4
page form, the last page being a review page incase the submitter wants
to
change any of the information.If you go through the form, all of the
information carries forward, and from the review page if you go back to
edit, it is there, however is you go back to page 2, then to page 1,
page
one info is gone.It gets worse in that page 2 sessions drop (more likely
over written) if you go from page 3 to 2.
Each page is started with
?php if(!isset($_SESSION)) {
session_start();
}
Session varible:
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
Calling the session varible to the input field for review
?php if (isset($_SESSION['lend_fname'])) {echo
'value='.htmlentities($_SESSION['lend_fname']).'';}?
The page starts at
http://www.paulgdesigns.com/one2one/lend_bor_input.php
Im confused as to why they keep getting dropped and how to stop it.
Hopefully I have given enough information.
Thank you
Gary
__ Information from ESET Smart Security, version of virus
signature
database 4961 (20100320) __
The message was checked by ESET Smart Security.
http://www.eset.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Are you checking to see if the post variable is set in the code that
handles
saving the form values to session variables? I can't tell if you're
doing
this from the code you provided. If not, it's possible that when you are
returning to one of the earlier pages, you're attempting to again save
the
form values even though the corresponding $_POST vars are empty. This
would
cause visiting page 2 to essentially delete the data previously posted
from
page 1.
Using your example:
// Only save if post variable present, which means
if (isset($_POST['lend_fname']))
{
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
}
Also, some users will likely click the back button during the process,
which
brings up a funky message. You might try building one page that is
dedicated to saving all of the session variables, which then redirects to
the corresponding next page in the process.
Adam
--
Nephtali: PHP web framework that functions beautifully
http://nephtaliproject.com
__ Information from ESET Smart Security, version of virus
signature database 4961 (20100320) __
The message was checked by ESET Smart Security.
http://www.eset.com
__ Information from ESET Smart Security, version of virus signature
database 4961 (20100320) __
The message was checked by ESET Smart Security.
http://www.eset.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
The session variables store what you tell them to store. The way your pages
were set up, it sounds like you always called the code that set the session
variable, even if the session variable was already set and even if there
were no POST variables sent.
People often do use sessions to preserve the state of a form's fields if the
form has multiple pages, just as you are doing. In this type of situation
someone can be visiting a page to 1) submit new data (POST data is present
such as when somebody clicks on the submit button in the previous page), or
2) review the data they've already entered (no POST data present, such as
when somebody uses the navigation on your page.) You have to check to see
which of the two possible types of page requests is occurring.
Using the code you have, you can probably just wrap the code that you have
that sets the session variables in an if block that checks for one of the
post variables you're expecting.
I'd recommend reading a tutorial or two on how PHP sessions work, such as
the following:
http://php.about.com/od/advancedphp/ss/php_sessions.htm
Adam
--
Nephtali: PHP web framework that functions beautifully
http://nephtaliproject.com
Re: [PHP] session variables and SVG documents
Hello,
unfortunately, it does not suite my needs. The image must be clickable. The
application I'm developping reads data from a database and display the
information graphically. The user must be able to click on some elements of
the picture, and I have to store the information the user clicked on
(session vars). I cannot tell the user not to use IE, so I have to find
another solution...
Regards,
Aurelie
2010/2/1 Ray Solomon r...@bigdoghost.com
From: Aurelie REYMUND aurely...@gmail.com
Sent: Monday, February 01, 2010 3:37 AM
To: php-general@lists.php.net
Subject: [PHP] session variables and SVG documents
Hello,
I have the following problem with the Adobe SVG viewer:
I try to generate a SVG document using PHP. the following code is working
well under Firefox, as well as IE with ASV:
?php
header(Content-type: image/svg+xml);
$graph_title = 'title';
print('?xml version=1.0 encoding=iso-8859-1 standalone=no?');
$svgwidth=500;
$svgheight=400;
?
!DOCTYPE svg PUBLIC -//W3C//DTD SVG 1.0//EN
http://www.w3.org/TR/SVG/DTD/svg10.dtd;
svg width=?php echo $svgwidth; ?px height=?php echo $svgheight;
?px
xmlns=http://www.w3.org/2000/svg;
descThis is a php-random rectangle test/desc
?php
srand((double) microtime() * 100); //initalizing random generator
for ($i = 0; $i 20; $i+=1) {
$x = floor(rand(0,$svgwidth-1)); //avoid getting a range 0..0 for rand
function
$y = floor(rand(0,$svgheight-1));
$width = floor(rand(0,$svgwidth-$x)); //avoid getting rect outside of
viewbox
$height = floor(rand(0,$svgheight-$y));
$red = floor(rand(0,255));
$blue = floor(rand(0,255));
$green = floor(rand(0,255));
$color = rgb(.$red.,.$green.,.$
blue.);
print \trect x=\$x\ y=\$y\ width=\$width\ height=\$height\
style=\fill:$color;\/\n;
}
?
text x=?php echo $svgwidth/2;?px y=300 style=font-size:15;
text-anchor=middleThe servers Date and Time is: ?php print
(strftime(%Y-%m-%d, %H:%M:%S)); ?/text
text x=?php echo $svgwidth/2;?px y=340 style=font-size:15;
text-anchor=middleYou are running:/text
text x=?php echo $svgwidth/2;?px y=360 style=font-size:15;
text-anchor=middle?php print $HTTP_USER_AGENT; ?/text
/svg
If now I want to include the session_start() at the beginning of the code,
in IE I got a pop-up dialog called download file
What am I doing wrong ?
Regards,
Aurelie
It appears IE does not support svg yet and you need a plugin for it.
However, you could also design your code differently by using Imagemagick
to convert the svg to png.
If that suits your needs, then use the modified code below:
?php
header(Content-type: image/png);
$graph_title = 'title';
$svgwidth=500;
$svgheight=400;
$svg = '?xml version=1.0 encoding=iso-8859-1 standalone=no?
svg width='.$svgwidth.'px height='.$svgheight.'px xmlns=
http://www.w3.org/2000/svg;
descThis is a php-random rectangle test/desc';
for ($i = 0; $i 20; $i++) {
$x = floor(rand(0,$svgwidth-1));
$y = floor(rand(0,$svgheight-1));
$width = floor(rand(0,$svgwidth-$x));
$height = floor(rand(0,$svgheight-$y));
$red = floor(rand(0,255));
$blue = floor(rand(0,255));
$green = floor(rand(0,255));
$color = rgb(.$red.,.$green.,.$blue.);
$svg .= \trect x=\$x\ y=\$y\ width=\$width\
height=\$height\ style=\fill:$color;\/\n;
}
$svg .= 'text x='.($svgwidth/2).'px y=300 style=font-size:15;
text-anchor=middleThe servers Date and Time is: '.date(Y-m-d,
H:m:s).'/text
text x='.($svgwidth/2).'px y=340 style=font-size:15;
text-anchor=middleYou are running:/text
text x='.($svgwidth/2).'px y=360 style=font-size:15;
text-anchor=middle'.$HTTP_USER_AGENT.'/text
/svg';
file_put_contents('/tmp/image.svg', $svg);
exec(/usr/bin/rsvg /tmp/image.svg /tmp/image.png);
echo file_get_contents('/tmp/image.png');
?
-Ray Solomon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session variables and SVG documents
On Wed, 2010-02-03 at 10:49 +0100, Aurelie REYMUND wrote:
Hello,
unfortunately, it does not suite my needs. The image must be clickable. The
application I'm developping reads data from a database and display the
information graphically. The user must be able to click on some elements of
the picture, and I have to store the information the user clicked on
(session vars). I cannot tell the user not to use IE, so I have to find
another solution...
Regards,
Aurelie
2010/2/1 Ray Solomon r...@bigdoghost.com
From: Aurelie REYMUND aurely...@gmail.com
Sent: Monday, February 01, 2010 3:37 AM
To: php-general@lists.php.net
Subject: [PHP] session variables and SVG documents
Hello,
I have the following problem with the Adobe SVG viewer:
I try to generate a SVG document using PHP. the following code is working
well under Firefox, as well as IE with ASV:
?php
header(Content-type: image/svg+xml);
$graph_title = 'title';
print('?xml version=1.0 encoding=iso-8859-1 standalone=no?');
$svgwidth=500;
$svgheight=400;
?
!DOCTYPE svg PUBLIC -//W3C//DTD SVG 1.0//EN
http://www.w3.org/TR/SVG/DTD/svg10.dtd;
svg width=?php echo $svgwidth; ?px height=?php echo $svgheight;
?px
xmlns=http://www.w3.org/2000/svg;
descThis is a php-random rectangle test/desc
?php
srand((double) microtime() * 100); //initalizing random generator
for ($i = 0; $i 20; $i+=1) {
$x = floor(rand(0,$svgwidth-1)); //avoid getting a range 0..0 for rand
function
$y = floor(rand(0,$svgheight-1));
$width = floor(rand(0,$svgwidth-$x)); //avoid getting rect outside of
viewbox
$height = floor(rand(0,$svgheight-$y));
$red = floor(rand(0,255));
$blue = floor(rand(0,255));
$green = floor(rand(0,255));
$color = rgb(.$red.,.$green.,.$
blue.);
print \trect x=\$x\ y=\$y\ width=\$width\ height=\$height\
style=\fill:$color;\/\n;
}
?
text x=?php echo $svgwidth/2;?px y=300 style=font-size:15;
text-anchor=middleThe servers Date and Time is: ?php print
(strftime(%Y-%m-%d, %H:%M:%S)); ?/text
text x=?php echo $svgwidth/2;?px y=340 style=font-size:15;
text-anchor=middleYou are running:/text
text x=?php echo $svgwidth/2;?px y=360 style=font-size:15;
text-anchor=middle?php print $HTTP_USER_AGENT; ?/text
/svg
If now I want to include the session_start() at the beginning of the code,
in IE I got a pop-up dialog called download file
What am I doing wrong ?
Regards,
Aurelie
It appears IE does not support svg yet and you need a plugin for it.
However, you could also design your code differently by using Imagemagick
to convert the svg to png.
If that suits your needs, then use the modified code below:
?php
header(Content-type: image/png);
$graph_title = 'title';
$svgwidth=500;
$svgheight=400;
$svg = '?xml version=1.0 encoding=iso-8859-1 standalone=no?
svg width='.$svgwidth.'px height='.$svgheight.'px xmlns=
http://www.w3.org/2000/svg;
descThis is a php-random rectangle test/desc';
for ($i = 0; $i 20; $i++) {
$x = floor(rand(0,$svgwidth-1));
$y = floor(rand(0,$svgheight-1));
$width = floor(rand(0,$svgwidth-$x));
$height = floor(rand(0,$svgheight-$y));
$red = floor(rand(0,255));
$blue = floor(rand(0,255));
$green = floor(rand(0,255));
$color = rgb(.$red.,.$green.,.$blue.);
$svg .= \trect x=\$x\ y=\$y\ width=\$width\
height=\$height\ style=\fill:$color;\/\n;
}
$svg .= 'text x='.($svgwidth/2).'px y=300 style=font-size:15;
text-anchor=middleThe servers Date and Time is: '.date(Y-m-d,
H:m:s).'/text
text x='.($svgwidth/2).'px y=340 style=font-size:15;
text-anchor=middleYou are running:/text
text x='.($svgwidth/2).'px y=360 style=font-size:15;
text-anchor=middle'.$HTTP_USER_AGENT.'/text
/svg';
file_put_contents('/tmp/image.svg', $svg);
exec(/usr/bin/rsvg /tmp/image.svg /tmp/image.png);
echo file_get_contents('/tmp/image.png');
?
-Ray Solomon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
IE doesn't display SVG natively, and the plugins for it are pants.
However, IE does make use of its own propitiatory vector language called
VML, This is how the Cufon font replacer system works.
Thanks,
Ash
http://www.ashleysheridan.co.uk
Re: [PHP] session variables and SVG documents
At 10:49 AM +0100 2/3/10, Aurelie REYMUND wrote: Hello, unfortunately, it does not suite my needs. The image must be clickable. The application I'm developping reads data from a database and display the information graphically. The user must be able to click on some elements of the picture, and I have to store the information the user clicked on (session vars). I cannot tell the user not to use IE, so I have to find another solution... Regards, Aurelie Aurelie: The image must be clickable? I must not be understanding something. Anything can be made clickable, just put it in an anchor, such as: a href=my-php-script-to-produce-the-image.phpClick This/a The previous post mentioned using ImageMagick to convert the svg to png -- so write that script and place it in an anchor. I don't see the problem. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session variables and SVG documents
On Wed, Feb 3, 2010 at 8:20 AM, Ashley Sheridan
a...@ashleysheridan.co.ukwrote:
On Wed, 2010-02-03 at 10:49 +0100, Aurelie REYMUND wrote:
Hello,
unfortunately, it does not suite my needs. The image must be clickable.
The
application I'm developping reads data from a database and display the
information graphically. The user must be able to click on some elements
of
the picture, and I have to store the information the user clicked on
(session vars). I cannot tell the user not to use IE, so I have to find
another solution...
Regards,
Aurelie
2010/2/1 Ray Solomon r...@bigdoghost.com
From: Aurelie REYMUND aurely...@gmail.com
Sent: Monday, February 01, 2010 3:37 AM
To: php-general@lists.php.net
Subject: [PHP] session variables and SVG documents
Hello,
I have the following problem with the Adobe SVG viewer:
I try to generate a SVG document using PHP. the following code is
working
well under Firefox, as well as IE with ASV:
?php
header(Content-type: image/svg+xml);
$graph_title = 'title';
print('?xml version=1.0 encoding=iso-8859-1 standalone=no?');
$svgwidth=500;
$svgheight=400;
?
!DOCTYPE svg PUBLIC -//W3C//DTD SVG 1.0//EN
http://www.w3.org/TR/SVG/DTD/svg10.dtd;
svg width=?php echo $svgwidth; ?px height=?php echo $svgheight;
?px
xmlns=http://www.w3.org/2000/svg;
descThis is a php-random rectangle test/desc
?php
srand((double) microtime() * 100); //initalizing random generator
for ($i = 0; $i 20; $i+=1) {
$x = floor(rand(0,$svgwidth-1)); //avoid getting a range 0..0 for
rand
function
$y = floor(rand(0,$svgheight-1));
$width = floor(rand(0,$svgwidth-$x)); //avoid getting rect outside
of
viewbox
$height = floor(rand(0,$svgheight-$y));
$red = floor(rand(0,255));
$blue = floor(rand(0,255));
$green = floor(rand(0,255));
$color = rgb(.$red.,.$green.,.$
blue.);
print \trect x=\$x\ y=\$y\ width=\$width\ height=\$height\
style=\fill:$color;\/\n;
}
?
text x=?php echo $svgwidth/2;?px y=300 style=font-size:15;
text-anchor=middleThe servers Date and Time is: ?php print
(strftime(%Y-%m-%d, %H:%M:%S)); ?/text
text x=?php echo $svgwidth/2;?px y=340 style=font-size:15;
text-anchor=middleYou are running:/text
text x=?php echo $svgwidth/2;?px y=360 style=font-size:15;
text-anchor=middle?php print $HTTP_USER_AGENT; ?/text
/svg
If now I want to include the session_start() at the beginning of the
code,
in IE I got a pop-up dialog called download file
What am I doing wrong ?
Regards,
Aurelie
It appears IE does not support svg yet and you need a plugin for it.
However, you could also design your code differently by using
Imagemagick
to convert the svg to png.
If that suits your needs, then use the modified code below:
?php
header(Content-type: image/png);
$graph_title = 'title';
$svgwidth=500;
$svgheight=400;
$svg = '?xml version=1.0 encoding=iso-8859-1 standalone=no?
svg width='.$svgwidth.'px height='.$svgheight.'px xmlns=
http://www.w3.org/2000/svg;
descThis is a php-random rectangle test/desc';
for ($i = 0; $i 20; $i++) {
$x = floor(rand(0,$svgwidth-1));
$y = floor(rand(0,$svgheight-1));
$width = floor(rand(0,$svgwidth-$x));
$height = floor(rand(0,$svgheight-$y));
$red = floor(rand(0,255));
$blue = floor(rand(0,255));
$green = floor(rand(0,255));
$color = rgb(.$red.,.$green.,.$blue.);
$svg .= \trect x=\$x\ y=\$y\ width=\$width\
height=\$height\ style=\fill:$color;\/\n;
}
$svg .= 'text x='.($svgwidth/2).'px y=300 style=font-size:15;
text-anchor=middleThe servers Date and Time is: '.date(Y-m-d,
H:m:s).'/text
text x='.($svgwidth/2).'px y=340 style=font-size:15;
text-anchor=middleYou are running:/text
text x='.($svgwidth/2).'px y=360 style=font-size:15;
text-anchor=middle'.$HTTP_USER_AGENT.'/text
/svg';
file_put_contents('/tmp/image.svg', $svg);
exec(/usr/bin/rsvg /tmp/image.svg /tmp/image.png);
echo file_get_contents('/tmp/image.png');
?
-Ray Solomon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
IE doesn't display SVG natively, and the plugins for it are pants.
However, IE does make use of its own propitiatory vector language called
VML, This is how the Cufon font replacer system works.
Thanks,
Ash
http://www.ashleysheridan.co.uk
Maybe svgweb (by Google) would allow you to achieve your goals:
http://code.google.com/p/svgweb/
Adam
--
Nephtali: PHP web framework that functions beautifully
http://nephtaliproject.com
