RE: [PHP] Re: sessions vs domain problem
Something like: ?php session_set_cookie_params(0, '/', 'ksachiropoelkapelle.be'); session_start(); ... I inserted this code at the top: session_set_cookie_params(0, '/', '.ksachiropoelkapelle.be'); It did not solve the problem, still after logging in on www.ksachiropoelkapelle.be the session is not recognized. I know the line of code works cause when I surf directly to http://www.groep6049.ksjnet.be/ it does not work anymore (appearently the cookie domain is not recognized anymore). Any other ideas? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions
On Monday 07 March 2005 21:36, Jason Barnett wrote:
You are probably best off searching the PHP source for
session_set_save_handler. It will be something like
PHP_FUNCTION('session_set_save_handler', ... )
Found it and some other functions in php-5.0.3/ext/session/session.c
I could however not find any documentation of the code, so I think I'll have
to contact Sascha and/or Andrei.
Thanks for the reply!
br
db
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Sessions problem bug
On the server i use: Session.auto_start is off Session.use_cookie is on Session.use_trans_sid is 1 I do not set the session id myself All pages that requite the sessions have session_start() at the very first line -Original Message- From: Jason Barnett [mailto:[EMAIL PROTECTED] Sent: woensdag 27 oktober 2004 11:41 To: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions problem bug Are you using cookie-based sessions? Thus sayeth the manual: Note: When using session cookies, specifying an id for session_id() will always send a new cookie when session_start() is called, regardless if the current session id is identical to the one being set. Thanks google. Reinhart Viane wrote: Some days ago I asked some questions concerning php and sessions Apparently it seems to be a bug: 'When you use a session name that has only numbers, each call to session_start seems to regenerate a new session id, so the session does not persist.' http://bugs.php.net/search.php?search_for=sessionboolean=0limit=10o rd er_by=direction=ASCcmd=displaystatus=Openbug_type%5B%5D=Session+rela tedphp_os=phpver=assign=author_email=bug_age=0 And there you pick bug with ID 27688 Just to let everyone know. Greetz, Reinhart Viane Reinhart Viane [EMAIL PROTECTED] Domos || D-Studio Graaf Van Egmontstraat 15/3 -- B 2800 Mechelen -- tel +32 15 44 89 01 -- fax +32 15 43 25 26 STRICTLY PERSONAL AND CONFIDENTIAL This message may contain confidential and proprietary material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions and Mozilla (Firefox)
On Wed, 2004-10-13 at 01:26 +, Matthew Weier O'Phinney wrote: * Pablo Gosse [EMAIL PROTECTED]: I just noticed that if I open up a Mozilla window, log into my CMS, then open another Mozilla window (not by ctrl-n, but by selecting it from my programs menu) and bring up the login page in that new window, then it detects the session from the other window and redirects right to the CMS control panel. In IE, this will happen if I ctrl-n a new window, but not if I start a new instance of the browser from the program list. Is the correct behavior for sessions in Mozilla? I've searched the lists but I couldn't find anything which seemed to answer this. My understanding is that if you have a session of Mozilla open, if you run the executable again, it searches for a running session and, if one is found, uses it to spawn a new window without actually running another copy. The way around this is to use profiles in mozilla. -- /*** * Robby Russell | Owner.Developer.Geek * PLANET ARGON | www.planetargon.com * Portland, OR | [EMAIL PROTECTED] * 503.351.4730 | blog.planetargon.com * PHP/PostgreSQL Hosting Development / signature.asc Description: This is a digitally signed message part
Re: [PHP] Re: Sessions not destroyed
M. Sokolewicz schrieb: are you using the default PHP sessions? or are you using a custom session handler? Hendrik Schmieder wrote: Hello, we have a severe problem with seesions. We use Apache 1.3.31 with PHP 4.3.9 as Apache module in Windows 2000 In our php.ini we have session.gc_probability = 100 session.gc_dividend= 100 session.gc_maxlifetime = 120 But even after 20 minutes the session file is still there. And the session file ist also not deleted if we then stop the apache service. Has anybody an idea ? TIA Hendrik Schmieder We are using the default php sessions , This are all of our session settings; [Session] session.save_handler = files session.save_path = D:\Worksheet-Server\apache\sessiondata session.use_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = / session.cookie_domain = session.serialize_handler = php session.gc_probability = 100 session.gc_dividend= 100 session.gc_maxlifetime = 120 session.bug_compat_42 = 1 session.bug_compat_warn = 1 session.referer_check = session.entropy_length = 0 session.entropy_file = session.cache_limiter = nocache session.cache_expire = 180 session.use_trans_sid = 1 url_rewriter.tags = a=href,area=href,frame=src,input=src,form=,fieldset= with best regards Hendrik Schmieder -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions session_start() my problem
I have deleted session_start() at login.php
Thus i have 1 session_start()
But i receive them yet.
Yours,Mohsen
--- Jasper Howard [EMAIL PROTECTED] wrote:
that was a bit confusing, but it looks like you call
session_start() more
than once in a script. You only need to call it
once, and you need to call
it before any headers get sent, at the top of the
script is a good place. If
you're scripts are already setup like that just
ignore me. Oh, also, if you
include a file that has session_start() in it you'll
get that warning too.
--
--
Jasper Howard :: Database Administration
Velocity7
1.530.470.9292
http://www.Velocity7.com/
--
Pahlevanzadeh Mohsen [EMAIL PROTECTED]
wrote in message
news:[EMAIL PROTECTED]
Dears,I have 3 files.
k.php :
?
session_start();
$S_userk=$HTTP_POST_VARS['u'];
$S_pass=$HTTP_POST_VARS['p'];
//echo $S_pass;
session_register('S_userk');
session_register('S_passk');
include
'http://1.1.1.1/membership/login.php?g=0';
?
login.php:
define(HOST,localhost);
define(USER,root);
define(PASS, );
define(DB,mem);
///
session_start();
if ($HTTP_GET_VARS['g']==1)
{
$username=$S_username;
$password=$S_password;
//print $username;
}
else if ($HTTP_GET_VARS['g']==0)
{
$password=$S_passk;
$username=$S_userk;
}
$S_username=$username;
$S_password=$password;
if(empty($S_username) empty($S_password) )
{
mysql_connect(HOST,USER) or die(connect);
mysql_select_db(DB) or die(db);
$result=mysql_query(SELECT count(*) as numfound
FROM usernames where user='$username' and
pass='$password') or die(jjjgar);
$result_ar=mysql_fetch_array($result);
if($result_ar['numfound'] 1 )
{
//echo ffdsfsfsdvfdsfdssc;
//curl_exec(curl_init('http://1.1.1.1/membership/index.html'));
header('Location: index.html');
exit;
}
session_register('S_username');
session_register('S_password');
echo Logged in successfully!;
But when i loggin in my site,I recv following
warnings:
Warning: session_start(): Cannot send session
cookie -
headers already sent by (output started at
/var/www/html/membership/k.php:2) in
/var/www/html/membership/k.php on line 3
Warning: session_start(): Cannot send session
cache
limiter - headers already sent (output started at
/var/www/html/membership/k.php:2) in
/var/www/html/membership/k.php on line 3
Please explaine me on my warnings.
Yours,Mohsen.
=
-DIGITAL SIGNATURE---
///Mohsen Pahlevanzadeh
Network administrator programmer
My work phone is : +98216054096-7
My home phone is: +98213810146
My emails is
[EMAIL PROTECTED]
My website is: http://webnegar.net
__
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
=
-DIGITAL SIGNATURE---
///Mohsen Pahlevanzadeh
Network administrator programmer
My home phone is: +98213810146
My email address is
m_pahlevanzadeh at yahoo dot com
My website is: http://webnegar.net
__
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions session_start() my problem
is this php script at the top of the page, there is nothing before it?
--
--
Jasper Howard :: Database Administration
Velocity7
1.530.470.9292
http://www.Velocity7.com/
--
Pahlevanzadeh Mohsen [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I have deleted session_start() at login.php
Thus i have 1 session_start()
But i receive them yet.
Yours,Mohsen
--- Jasper Howard [EMAIL PROTECTED] wrote:
that was a bit confusing, but it looks like you call
session_start() more
than once in a script. You only need to call it
once, and you need to call
it before any headers get sent, at the top of the
script is a good place. If
you're scripts are already setup like that just
ignore me. Oh, also, if you
include a file that has session_start() in it you'll
get that warning too.
--
--
Jasper Howard :: Database Administration
Velocity7
1.530.470.9292
http://www.Velocity7.com/
--
Pahlevanzadeh Mohsen [EMAIL PROTECTED]
wrote in message
news:[EMAIL PROTECTED]
Dears,I have 3 files.
k.php :
?
session_start();
$S_userk=$HTTP_POST_VARS['u'];
$S_pass=$HTTP_POST_VARS['p'];
//echo $S_pass;
session_register('S_userk');
session_register('S_passk');
include
'http://1.1.1.1/membership/login.php?g=0';
?
login.php:
define(HOST,localhost);
define(USER,root);
define(PASS, );
define(DB,mem);
///
session_start();
if ($HTTP_GET_VARS['g']==1)
{
$username=$S_username;
$password=$S_password;
//print $username;
}
else if ($HTTP_GET_VARS['g']==0)
{
$password=$S_passk;
$username=$S_userk;
}
$S_username=$username;
$S_password=$password;
if(empty($S_username) empty($S_password) )
{
mysql_connect(HOST,USER) or die(connect);
mysql_select_db(DB) or die(db);
$result=mysql_query(SELECT count(*) as numfound
FROM usernames where user='$username' and
pass='$password') or die(jjjgar);
$result_ar=mysql_fetch_array($result);
if($result_ar['numfound'] 1 )
{
//echo ffdsfsfsdvfdsfdssc;
//curl_exec(curl_init('http://1.1.1.1/membership/index.html'));
header('Location: index.html');
exit;
}
session_register('S_username');
session_register('S_password');
echo Logged in successfully!;
But when i loggin in my site,I recv following
warnings:
Warning: session_start(): Cannot send session
cookie -
headers already sent by (output started at
/var/www/html/membership/k.php:2) in
/var/www/html/membership/k.php on line 3
Warning: session_start(): Cannot send session
cache
limiter - headers already sent (output started at
/var/www/html/membership/k.php:2) in
/var/www/html/membership/k.php on line 3
Please explaine me on my warnings.
Yours,Mohsen.
=
-DIGITAL SIGNATURE---
///Mohsen Pahlevanzadeh
Network administrator programmer
My work phone is : +98216054096-7
My home phone is: +98213810146
My emails is
[EMAIL PROTECTED]
My website is: http://webnegar.net
__
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
=
-DIGITAL SIGNATURE---
///Mohsen Pahlevanzadeh
Network administrator programmer
My home phone is: +98213810146
My email address is
m_pahlevanzadeh at yahoo dot com
My website is: http://webnegar.net
__
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions Problem !!
This one time, at band camp, Chris Martin [EMAIL PROTECTED] wrote: Warning: session_start(): Cannot send session cookie - headers already sent by (output started at C:\Program Files\Apache Group\Apache2\htdocs\maillist\maillist\admin.php:1) in C:\Program Files\Apache Group\Apache2\htdocs\maillist\maillist\admin.php on line 1 This error tells you that the output was started at line 1 of your admin.php file. (maybe a blank line at the top of the script?) As Miles suggested: You have to call session_start() before any output to the page, even a single space. This error is more likely generated as the headers are being sent from the error message. Kevin -- __ (_ \ _) ) | / / _ ) / _ | / ___) / _ ) | | ( (/ / ( ( | |( (___ ( (/ / |_| \) \_||_| \) \) Kevin Waterson Port Macquarie, Australia -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
On Sun, May 23, 2004 at 09:00:41PM +0200, Maarten Weyn wrote: It worked for 5 minutes after a reboot, but now i get the same problem what happens is that on every session_start(); a new sessid is created how comes it doesn't use the old one I am starting to believe that session support is badly broken in PHP. I've been trying to solve a similar situation (sessions never work for me, even after an apache restart) and the list seems baffled. /\/\ \/\/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
On Fri, May 21, 2004 at 08:04:00PM +0200, Torsten Roehr wrote: As far as I remember session.use_trans_sid does NOT work with forms (action attribute). Have you tried appending it manually to the action?: Well, this certainly seems to be progress in the correct direction. So session.use_trans_sid used to work with forms in 4.1.2 (I'm suffering from an upgrade here) but no longer does? This really helps. form method=post action=xxx.php?= SID; ? This ALMOST works. Looks like a seperator is needed. I get: POST /xxx.phpPHPSESSID=3a2c0413ec84a00e36ea0317c193ccb2 HTTP/1.1 Do I want ?=PHPSESSID=sessionID or just ?=sessionID or what? Thanx! /\/\ \/\/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
Michael R. Wayne [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] On Fri, May 21, 2004 at 08:04:00PM +0200, Torsten Roehr wrote: As far as I remember session.use_trans_sid does NOT work with forms (action attribute). Have you tried appending it manually to the action?: Well, this certainly seems to be progress in the correct direction. So session.use_trans_sid used to work with forms in 4.1.2 (I'm suffering from an upgrade here) but no longer does? This really helps. form method=post action=xxx.php?= SID; ? This ALMOST works. Looks like a seperator is needed. I get: POST /xxx.phpPHPSESSID=3a2c0413ec84a00e36ea0317c193ccb2 HTTP/1.1 Do I want ?=PHPSESSID=sessionID or just ?=sessionID or what? Sorry, I'm an idiot! The ? was missing: form method=post action=xxx.php??= SID; ? This should work. As far as I have seen trans_sid is not used very often - obviously because of problems like yours. The best way is always to pass the session ID yourself. Either with a cookie or via GET. I prefer GET because with cookies you are reliant on the client supporting/allowing cookies. Regards, Torsten -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
On Fri, May 21, 2004 at 08:35:37PM +0200, Torsten Roehr wrote: Sorry, I'm an idiot! The ? was missing: form method=post action=xxx.php??= SID; ? Thank you, thank you. This does indeed seem to work in my test script. Now to go work on the real version. This should work. As far as I have seen trans_sid is not used very often - obviously because of problems like yours. The best way is always to pass the session ID yourself. Either with a cookie or via GET. I prefer GET because with cookies you are reliant on the client supporting/allowing cookies. Oddly, this all worked properly under 4.1.2. When we upgraded, things broke. And I have a strong personal bias against cookies. One again, thank you for the solution! /\/\ \/\/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
On Fri, May 21, 2004 at 08:35:37PM +0200, Torsten Roehr wrote:
Sorry, I'm an idiot! The ? was missing:
form method=post action=xxx.php??= SID; ?
Well, I spoke too soon. It does work, but only the SECOND time the
script is run!
Stage:0 SessionID: 6c9a1819fe95fa6f08f385ee2afa71ca
__ [Submit]
Stage:1 SessionID: 6c9a1819fe95fa6f08f385ee2afa71ca Request: Array ( )
Type foo into the form, hit submit and the session variable is not being
preserved:
Stage:0 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9
foo___ [Submit]
Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 Request: Array ( [PHPSESSID] =
6c9a1819fe95fa6f08f385ee2afa71ca [field] = foo )
Type bar into the form, hit submit and the session variable
IS being preserved:
Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9
bar___ [Submit]
Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 Request: Array ( [PHPSESSID] =
ac429ad0086eb5b4d1130eb2e2fddcb9 [field] = bar )
So, what am I missing here?
Code, for reference:
?
if (!isset($_SESSION['stage'])) {
$_SESSION['stage'] = 0;
}
if (!isset($_POST['field'])) { $_POST['field'] = ; }
?
html
headtitlePHP Test page/title/head
body
?
echo Stage:; echo $_SESSION['stage'];
echo SessionID: ; echo session_id();
$_SESSION['stage'] = 1;
?
form method=post action=xxx.php??= SID; ?
input type=text maxlength=7 size=7 name=field value=?echo
$_POST['field']?
input type=submit value=Submit
/form
?
echo Stage:; echo $_SESSION['stage']; echo ;
echo SessionID: ; echo session_id(); echo ;
echo Request: ; print_r($_REQUEST);
?
/body /html
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
Michael R. Wayne [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] On Fri, May 21, 2004 at 08:35:37PM +0200, Torsten Roehr wrote: Sorry, I'm an idiot! The ? was missing: form method=post action=xxx.php??= SID; ? Well, I spoke too soon. It does work, but only the SECOND time the script is run! Stage:0 SessionID: 6c9a1819fe95fa6f08f385ee2afa71ca __ [Submit] Stage:1 SessionID: 6c9a1819fe95fa6f08f385ee2afa71ca Request: Array ( ) Type foo into the form, hit submit and the session variable is not being preserved: Stage:0 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 foo___ [Submit] Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 Request: Array [PHPSESSID] = 6c9a1819fe95fa6f08f385ee2afa71ca [field] = foo ) Type bar into the form, hit submit and the session variable IS being preserved: Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 bar___ [Submit] Stage:1 SessionID: ac429ad0086eb5b4d1130eb2e2fddcb9 Request: Array [PHPSESSID] = ac429ad0086eb5b4d1130eb2e2fddcb9 [field] = bar ) So, what am I missing here? You could try it without session.auto_start. Turn it off and put session_start() at the top of the script (in all pages). Regards, Torsten -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions still do not persist
On Fri, May 21, 2004 at 09:12:02PM +0200, Torsten Roehr wrote: So, what am I missing here? You could try it without session.auto_start. Turn it off and put session_start() at the top of the script (in all pages). Tried that - makes no difference. Still works properly on the second call but not the first. /\/\ \/\/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions, sessions and... sessions
I believe the PHP.INI has to be set with a Session variable temp directory.
Hi Puiu,
I've been having the same problem too. My code that worked up until
recently
just stopped working. I did change from using:
session_register(user_id);
if (!(user_id)){
to using:
session_start();
if (!$_SESSION['user_id']){
Now it works with my computer Win98 and MS-IE5.5 but not on my client's
computer Win98 and MS-IE6.
I think there's something seriously wrong somewhere (either PHP or MS).
I'll
keep you posted if I find a solution.
Pance.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions, sessions and... sessions
session.save_path string
session.save_path defines the argument which is passed to the save
handler. If you choose the default files handler, this is the path
where the files are created. Defaults to /tmp. If session.save_path's
path depth is more than 2, garbage collection will not be performed.
Hi Puiu,
I've been having the same problem too. My code that worked up until
recently
just stopped working. I did change from using:
session_register(user_id);
if (!(user_id)){
to using:
session_start();
if (!$_SESSION['user_id']){
Now it works with my computer Win98 and MS-IE5.5 but not on my client's
computer Win98 and MS-IE6.
I think there's something seriously wrong somewhere (either PHP or MS).
I'll
keep you posted if I find a solution.
Pance.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Sessions
Paul Furman mailto:[EMAIL PROTECTED] on Tuesday, February 17, 2004 10:39 AM said: Have a questions about sessions. In building a simple app do I have to include the session id in the url string or in a hidden tag? or does it normally track it by cookies and so I dont have to call it on every page? the session id will be in the url if you have use_trans_sid turned on AND the user has not accepted your cookie. once the user accepts the cookie (either automatically or manually) the id will go away from the url because it is now being stored in a cookie on the users system. if you turn off use_trans_sid (as i have, for search engine reasons) the user will not have any session state at all until they accept your sites cookie (either automatically or manually). in answer to your question specifically, YOU personally do not have to worry about transferring the session id. it is done automatically (by default). hth, chris. p.s. hopefully someone will correct me on this issue if i am wrong. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions and frames
It has nothing to do with the other site. Browser makes a separate request for the frame content and you can set cookies without any problem. You should check if the cookie is realy set and if the cookie parameters are right (eg. in Mozilla's cookie manager). Jean-Christian IMbeault wrote: A little update, seems I was wrong about the session cookie being set when the page is first access. The first time the page is accessed no session cookie or /tmp file is generated. I think this may be because the site that is loading my content in a frame is also generating a cookie. Is that a probable cause for my problem? If yes (or) how can I get a session to be started (using cookies) when my content is loaded into a frame? Thanks, Jc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions and browser back
there is a setting you need to make after the session start http://ca3.php.net/manual/en/function.session-cache-expire.php check that link out I think that it will resolve alot of problems for you.. however I have noticed forms are a little trickier... usually what I do with those is create the back link as a hyperlink which allows me to add the info to the form when returned so it looks like the form hasnt lost its information. - Original Message - From: chris [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, June 27, 2003 11:22 AM Subject: [PHP] Re: sessions and browser back On Wed, 25 Jun 2003 18:56:13 +0530, Bibhas Kumar Samanta [EMAIL PROTECTED] wrote: Hi, I am trying to create restricted pages for my php/mysql/apache server with sessions and passing session varibales to other pages for validation. Eventually I am doinng session_start() at the begining and checking whether logged in user is authorised to use this page by a routine. Now problem is, if filled in data in the form is incorrect, the forms gives an error. But when I press browser BACK button to get the filled in form , the form seems to get reset with _no_ data. When I try without session_start() at the begining of form , things seem to behave normally. Does session_start() reset the form and I guess browser should have returned be by fiiled in page from cache ? Please help -Bibhas This doesn't happen with every browser. Opera never forgets the previous page's form contents. -- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: sessions terminating randomly please help
Assuming that php is configued to rewrite the url tags, try turning off
cokkies in the browser and let the Session if carry over. This might help
you debugg it.
-Original Message-
From: David Chamberlin [mailto:[EMAIL PROTECTED]
Sent: Monday, March 10, 2003 3:41 PM
To: [EMAIL PROTECTED]; Freaky Deaky
Cc: [EMAIL PROTECTED]
Subject: [PHP] Re: sessions terminating randomly please help
Importance: Low
It's possible you're being afflicted with the same problem I am. See
the message just one or two above this about Sessions problem. What I
found in my debugging is that it had to do with how I was
mix-and-matching the way I specified links.
Short version of the problem is that http://mysite.org/ has one session
and http://www.mysite.org/ has another. In my code, I sometimes have
the links as a href=/page and sometimes it's explicit, as a
href=http://www.mysite.org/;. So if a user went to the site as
http://mysite.org - the pages that used the explicit www.mysite.org
would fail.
So if there's anything in your pages/links that may change how the link
is referred, you may be have different sessions occuring.
I would imagine it should be pretty easy for you to debug whether or not
this is the problem. Have each of your pages echo out the current
session id (echo 'session is '.session_id().'br';) and see if it
changes at any point, and especially on the pages that fail.
-Dave
Freaky Deaky wrote:
hi
i am experiencing a major problem with sessions expiring randomly in some
of my
apps. i will log in and start clicking around and then i will eventually
arrive at a page that tells me that i'm not logged in anymore. this
happens
apparently randomly. i have seen it on ie6, ie for mac, netscape 4.7 for
pc,
and mozilla
the apps are hosted on
freebsd 4.7-release p2
apache 1.3.27
php version 4.2.3
compiled with --enable-trans-sid
i can't go into production if there's the possibility that users will be
randomly logged off. i went through all of my code over the weekend, and i
don't think i can attribute this to a miscoding:
when a user logs in, i create a session with
session_start();
$valid_user=$_POST['username'];
session_register(valid_user);
i have the following code at the top of each page to check to see if the
session
is valid:
session_start();
$valid_user=$_SESSION['valid_user'];
global $valid_user;
if (session_is_registered(valid_user)
{...function to spit out an error message if the session is not valid...;}
i have a logout page that destroys the session
session_start();
session_destroy();
i also have a javascript timer in the header of every page that redirects
to the
logout page if the user has been inactive for 20 minutes.
i have played around with session.gc_probability, setting it to 100, but
that
doesn't seem to have fixed the problem.
this is a huge problem.
if anyone can give some advice, i'd really appreciate it.
thanks
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions terminating randomly please help
Check if your server is using files or shared memory to save the sessions...
My ISP was using mm (memory), and it was buggy... when they changed back to
files, all was well.
Justin
on 11/03/03 7:40 AM, David Chamberlin ([EMAIL PROTECTED]) wrote:
It's possible you're being afflicted with the same problem I am. See
the message just one or two above this about Sessions problem. What I
found in my debugging is that it had to do with how I was
mix-and-matching the way I specified links.
Short version of the problem is that http://mysite.org/ has one session
and http://www.mysite.org/ has another. In my code, I sometimes have
the links as a href=/page and sometimes it's explicit, as a
href=http://www.mysite.org/;. So if a user went to the site as
http://mysite.org - the pages that used the explicit www.mysite.org
would fail.
So if there's anything in your pages/links that may change how the link
is referred, you may be have different sessions occuring.
I would imagine it should be pretty easy for you to debug whether or not
this is the problem. Have each of your pages echo out the current
session id (echo 'session is '.session_id().'br';) and see if it
changes at any point, and especially on the pages that fail.
-Dave
Freaky Deaky wrote:
hi
i am experiencing a major problem with sessions expiring randomly in some of
my
apps. i will log in and start clicking around and then i will eventually
arrive at a page that tells me that i'm not logged in anymore. this happens
apparently randomly. i have seen it on ie6, ie for mac, netscape 4.7 for pc,
and mozilla
the apps are hosted on
freebsd 4.7-release p2
apache 1.3.27
php version 4.2.3
compiled with --enable-trans-sid
i can't go into production if there's the possibility that users will be
randomly logged off. i went through all of my code over the weekend, and i
don't think i can attribute this to a miscoding:
when a user logs in, i create a session with
session_start();
$valid_user=$_POST['username'];
session_register(valid_user);
i have the following code at the top of each page to check to see if the
session
is valid:
session_start();
$valid_user=$_SESSION['valid_user'];
global $valid_user;
if (session_is_registered(valid_user)
{...function to spit out an error message if the session is not valid...;}
i have a logout page that destroys the session
session_start();
session_destroy();
i also have a javascript timer in the header of every page that redirects to
the
logout page if the user has been inactive for 20 minutes.
i have played around with session.gc_probability, setting it to 100, but that
doesn't seem to have fixed the problem.
this is a huge problem.
if anyone can give some advice, i'd really appreciate it.
thanks
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions
To clarify, and correct a few typos:
Instead of:
$ssun = foo;
session_register(ssun);
Try:
$_SESSION['ssun'] = foo;
HTH
Justin
on 06/10/02 12:11 PM, Jeff Bluemel ([EMAIL PROTECTED]) wrote:
instead of using the session_register try $_SESSTION[' ssun']
Steve Vernon [EMAIL PROTECTED] wrote in message
056a01c26cb2$509f2260$a5e387d9@extreme">news:056a01c26cb2$509f2260$a5e387d9@extreme...
Hiya,
Just upgraded to 4.2.3 and I am using the attatched PHP.ini file. I
use
sessions on my website, and they dont seem to work now after the upgrade.
Just wondering which lines do I need to alter please? After I logon, they
loose the session after choosing another page. Every page runs the
following
code to check the session passwords etc are valid..
Thanks,
Steve
XX
?php
session_register(ssun);
session_register(sspw);
if(!isset($ssun)) $ssun=;
if(!isset($sspw)) $sspw=;
//Attempt to logon. Set the logon form variables to the session
variables.
if(isset($sspass))
{
$sspw=$sspass;
}
if(isset($ssname))
{
$ssun=$ssname;
}
//Make sure no one breaks in, if in the param loggedin was set, unset it.
if(isset($loggedin))
{
unset($loggedin);
}
//Link and select the correct database
HIDDEN FOR MY SECURITY
//Check if the ssun and sspw are correct
$result = mysql_query(SELECT userid FROM users WHERE
userpassword=PASSWORD('$sspw') AND userid='$ssun', $db_link);
$norows = mysql_num_rows($result);
if($norows==1)
{
$loggedin=yes;
}
else
{
$loggedin=no;
}
if(isset($logoff))
{
if($logoff==true)
{
$loggedin=no;
$ssun=;
$sspw=;
}
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: sessions: what to do when browser won't accept cookies?
Good idea but remember some people turn off javascript and cookies :) Make your site as accessible as you can, using Jerry's suggestion is a good idea and then accept some people will be bent on not being able to use your site by disabling as much functionality in their browsers as they can or they use old browsers that don't support the functionality you are using. Jason -Original Message- From: Jerry [mailto:[EMAIL PROTECTED]] Sent: Friday, August 16, 2002 10:20 AM To: [EMAIL PROTECTED] Subject: [PHP] Re: sessions: what to do when browser won't accept cookies? In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Jean-Christian Imbeault) wrote: How can I get around the problem of not having the SID in the URL of the first page to my site the user comes to? It kind of a chicken-or-the-egg problem ... I kind of hate it when sites do this, but you could have the first page reload itself if it doesn't have an SID, and add an SID to itself. This way, if they use the back button, the first first page they come to has the SID. You might then be able to use window.forward() in Javascript first, before giving them an SID. If they used the back button to get to you, window.forward() moves forward to a page that has an SID (which should look exactly like the page they thought they wanted that didn't have an SID). If they didn't use the back button to get to you, window.forward shouldn't do anything. As a fall-back, you would probably want to have a warning on the front page that says, if the front page has no SID, that if they used the back button get here, use the forward button to go back or they might lose their session data. This depends on your audience, of course. If you did that to me as a general browser, I probably wouldn't ever visit your site again :*) Note that some sites do come right out and tell you not to use your back button to get around. You might just do this, and if they use their back button anyway, they get a new session. Jerry -- http://www.hoboes.com/jerry/ Give a man a fish and you feed him for a day. Teach him to fish, and you've depleted the lake.--It Isn't Murder If They're Yankees (http://www.hoboes.com/jerry/Murder/) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Sessions...
Kondwani Spike Mkandawire wrote: Am I mistaken to assume that a Session is automatically destroyed if a Window Browser is closed? *Eventually* it is destroyed, but not at the instant the browser is closed. See the session.gc_maxlifetime and session.gc_probability settings in php.ini. If the session file is not accessed for a specified period of time, then it is deleted. Kirk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions and https
Richard Lynch wrote: But Cookies sent to the HTTPS are not on the HTTP and vice versa. That ain't PHP, that's just how cookies work. Are you sure about this? That's definitely not how the specification reads (assuming I'm interpreting what you're trying to say correctly), and that is not what my experience has shown either. A secure cookie will only be transmitted when the request is being sent over a secure connection, but an ordinary cookie does not carry this restriction and would thus not care whether the connection was secure. As someone else suggested, if the domain name is changing, then that is the access restriction that is keeping the cookie from being sent, not whether the connection is secure. Happy hacking. Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
So doing it the new way ($_SESSION['variable']) how do you close or unregister a session? _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
Still the same message. It has been actually logging me out all along, but it will not run through that if statement. Could you trye if (!empty($HTTP_SESSION_VARS['valid_user']) use $HTTP_SESSION_VARS _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
Still getting the same message. This script used to work perfectly in an older version of php. Could it be a problem with how I am setting the sessions. Has anything changed with how we code sessions? It's because you are unregistering the valid_user variable, but, the old_user var you defined early on still exists. So, if (!empty($old_user)) will equal FALSE, giving you the result you are getting. Change it to if (!empty($valid_user)). Monty _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
unset($_SESSION['variavble']); Andrey - Original Message - From: Tyler Durdin [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, July 26, 2002 10:14 PM Subject: Re: [PHP] Re: sessions So doing it the new way ($_SESSION['variable']) how do you close or unregister a session? _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
do the following
function a(){
var_dump('pre',$GLOBALS,'/pre');
}
a();
and see what variables you have and whether your variables are set
somewhere.
HTH
Andrey
- Original Message -
From: Tyler Durdin [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, July 26, 2002 9:28 PM
Subject: Re: [PHP] Re: sessions
Still the same message. It has been actually logging me out all along, but
it will not run through that if statement.
Could you trye
if (!empty($HTTP_SESSION_VARS['valid_user'])
use $HTTP_SESSION_VARS
_
Chat with friends online, try MSN Messenger: http://messenger.msn.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Sessions not staying a session...
Curious, does anyone know if the $_SESSION[privs] technique bypasses important session management features implemented in session_register(variable) ?? Warren Vail Tools, Metrics Quality Processes (415) 667-7814 Pager (877) 774-9891 215 Fremont 02-658 -Original Message- From: Craig Donnelly [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 9:05 AM To: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions not staying a session... You should use session_start(); on every page that u want to pass session information.. Craig Jeff Lewis [EMAIL PROTECTED] wrote in message 00d601c1ec72$072a63d0$76a1a8c0@LEWISJCIT">news:00d601c1ec72$072a63d0$76a1a8c0@LEWISJCIT... I am storing session information by using $_SESSION[privs] and it works for the first screen but when I click on the next link it doesn't seem to carry over. Do I need to declare session start with this method? Do I need to make it global? Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions not staying a session...
I was under the assumption that it did...I have aded session_start and it still doesn't work. Jeff - Original Message - From: Vail, Warren [EMAIL PROTECTED] To: 'Craig Donnelly' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, April 25, 2002 12:04 PM Subject: RE: [PHP] Re: Sessions not staying a session... Curious, does anyone know if the $_SESSION[privs] technique bypasses important session management features implemented in session_register(variable) ?? Warren Vail Tools, Metrics Quality Processes (415) 667-7814 Pager (877) 774-9891 215 Fremont 02-658 -Original Message- From: Craig Donnelly [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 9:05 AM To: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions not staying a session... You should use session_start(); on every page that u want to pass session information.. Craig Jeff Lewis [EMAIL PROTECTED] wrote in message 00d601c1ec72$072a63d0$76a1a8c0@LEWISJCIT">news:00d601c1ec72$072a63d0$76a1a8c0@LEWISJCIT... I am storing session information by using $_SESSION[privs] and it works for the first screen but when I click on the next link it doesn't seem to carry over. Do I need to declare session start with this method? Do I need to make it global? Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions / Serialized Data
Julio Nobrega Trabalhando wrote: That would be easier. fopen the session file and store the information on a database. Later you just fwrite the contents to a new file. I don't use PHP4 sessions since I cook my own, but I think the above won't work. My guess is that if you read the file, then save to DB that part will work fine. However, when you try to restore the session, the session has already loaded, you grab your data from the DB, and write over the file, your page finishes and writes the current session over what you think you just made the current session. Strikes me you'd need to unserialize into the current session structure... which I think can be found somewhere in the GLOBALS hash. Cheers Rob. -- .-. | Robert Cummings | :-`. | Webdeployer - Chief PHP and Java Programmer | :--: | Mail : mailto:[EMAIL PROTECTED] | | Phone : (613) 731-4046 x.109 | :--: | Website : http://www.webmotion.com | | Fax : (613) 260-9545 | `--' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions and Opera
and btw the browsers dont save the registered vars they are stored on the
server side... :) the browser only stores a cookie containing the session id
...
Tomy Wagner
- Original Message -
From: Steve Fitzgerald [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, April 10, 2002 2:38 PM
Subject: [PHP] Re: Sessions and Opera
Cookies it was. Thanks
Julio Nobrega Trabalhando wrote:
Cookies disabled? Or cache? Have you tried a 'fresh' Opera install or
a
newer version?
--
Julio Nobrega.
Um dia eu chego lá:
http://sourceforge.net/projects/toca
Ajudei? Salvei? Que tal um presentinho?
http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884
Steve Fitzgerald [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
While testing a login page with different browsers I noticed that
Opera
(vers5.02)
didn't allow me access to the site despite using the correct input, so
I
wrote the
following pages to test Opera's performance. It seems that Opera
doesn't
pass registered variables to the new page. IE NS both print the
output
as expected, but in Opera all variables are empty.
Has anyone got any thoughts/solutions/experiences?
regards
Steve
--
## login page
?php
$password = letmein;
if (isset($input)){
if ($input == $password){
$auth = 1;
session_start();
session_register(enter,input,password,auth);
header(Location: 2.php);
exit;
}
}
?
body
form action=?php echo $PHP_SELF ? method=POST
Enter password: input type=text name=input
brinput type=submit
/form
?php
print The value of \$enter is \$enter\br;
print The value of \$input is \$input\br;
print The value of \$password is \$password\br;
print The value of \$auth is \$auth\br;
?
--
## 2.php
?php
session_start();
print The value of \$enter is \$enter\br; // empty
print The value of \$input is \$input\br; // should print
'letmein'
print The value of \$password is \$password\br; // should
print
'letmein'
print The value of \$auth is \$auth\br; // should print '1'
?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
On Thursday 04 April 2002 01:04, R. Lindeman wrote: okay i'll explain a bit i want my sessions to store some values but instead of storing them their doing nothing at all here's some code // beginning of registering of values session_start(); session_register(fu); session_register(bar); $fu=fu; $bar =bar; // end of registering values //getting values $fu = $HTTP_SESSION_VARS[fu]; echo $fu; //end of getting values If you are using PHP 4.06 then try: $fu = $_COOKIE[fu]; -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* What I want to find out is -- do parrots know much about Astro-Turf? */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: sessions
On Wednesday 03 April 2002 04:19, Jason Wong wrote: On Thursday 04 April 2002 01:04, R. Lindeman wrote: okay i'll explain a bit i want my sessions to store some values but instead of storing them their doing nothing at all here's some code // beginning of registering of values session_start(); session_register(fu); session_register(bar); $fu=fu; $bar =bar; // end of registering values //getting values $fu = $HTTP_SESSION_VARS[fu]; echo $fu; //end of getting values If you are using PHP 4.06 then try: $fu = $_COOKIE[fu]; Hmm, are you setting and reading the cookie on the same page? If so, it can't be done. You need to either set it on one page then read on another, or set it then refresh the page. -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* It doesn't much signify whom one marries, for one is sure to find out next morning it was someone else. -- Will Rogers */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] RE: Sessions and switching between php and htm documents
Not passing via URL currently... using track_vars Dave -Original Message- From: Tim Ward [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 4:16 AM To: [EMAIL PROTECTED]; Dave Subject: [PHP] RE: Sessions and switching between php and htm documents I haven't experienced this myself, but I'd have thought that if you're propagating the session via the URL rather than a cookie then it won't get added if the page isn't parsed. If it's not passed on just once it's lost. Tim Ward Internet chess www.chessish.com http://www.chessish.com -- From: Dave [SMTP:[EMAIL PROTECTED]] Sent: 27 February 2002 04:37 To: [EMAIL PROTECTED] Subject: Sessions and switching between php and htm documents login.htm form submits information login.php session_start(); $HTTP_SESSION_VARS[username]=$formUserName; header(Location: displaypage.htm); displaypage.htm show some static stuff links to formpage.htm formpage.htm form submits information to form.php form.php session_start(); echo $HTTP_SESSION_VARS[username]; - has no value Does the chain of pages have to be continually PHP pages to allow the transition of the session variables? if not, any ideas on why we are losing session variables? Dave -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Sessions
Thanks, that worked fined! On Mon, 24 Dec 2001 09:31:31 -0600 Gaylen Fraley [EMAIL PROTECTED] wrote: By design. Try accessing $HTTP_SESSION_VARS instead. That should work. In other words, if you were accessing a session variable by $session_var, now use $HTTP_SESSION_VARS['session_var']. -- Gaylen [EMAIL PROTECTED] Home http://www.gaylenandmargie.com/ PHP KISGB v2.6 Guest Book http://www.gaylenandmargie.com/phpwebsite/ Philip Maciver [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Since turning of register_globals in the php.ini file, sessions don't seem to be working any more, does anyone know why? == Philip MacIver -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] == Philip MacIver -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Re: Sessions and include()...
There is no magic way for the cookies to transfer from server to server -- Cookies were specifically designed *NOT* to be transferrable, for consumer privacy reasons. You'll need to pass the cookie back and forth from your server to theirs by hand -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm - Original Message - From: Matthew Walker [EMAIL PROTECTED] To: 'Richard Lynch' [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, September 22, 2001 4:38 PM Subject: RE: [PHP] Re: Sessions and include()... Alright. If that's the case, how do you make sure a cookie gets set for the remote domain? I'm working on a project to write a hosted shopping cart, but we want people to have the ability to include pieces of the display functionality on their own pages, if their host supports PHP. But those pieces would need to use the same session as if they were on /our/ server. -Original Message- From: Richard Lynch [mailto:[EMAIL PROTECTED]] Sent: Friday, September 21, 2001 10:25 PM To: Matthew Walker Cc: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions and include()... I believe: include() gets parsed and executed on the server that is doing the include-ing, not the remote server... If that file has session_xxx() in it, you'll have started a session and whatnot on the local server. The remote server doesn't even have to have PHP on it at all, and its configuration is irrelevant, other than allowing you to read some file that happens to have PHP source code in it... Which, by the way, is a very scarey concept unless you have complete security control over the remote server... -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm - Original Message - From: Matthew Walker [EMAIL PROTECTED] Newsgroups: php.general To: [EMAIL PROTECTED] Sent: Friday, September 21, 2001 11:48 AM Subject: Sessions and include()... What happens if you use include() to include a file from another server, and that file sets a session? Does the session get set for the domain of the wrapper page, or does it get set for the domain of the included page? -- Matthew Walker Ecommerce Project Manager Mountain Top Herbs --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.281 / Virus Database: 149 - Release Date: 9/18/2001 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: Sessions and include()...
Alright. If that's the case, how do you make sure a cookie gets set for the remote domain? I'm working on a project to write a hosted shopping cart, but we want people to have the ability to include pieces of the display functionality on their own pages, if their host supports PHP. But those pieces would need to use the same session as if they were on /our/ server. -Original Message- From: Richard Lynch [mailto:[EMAIL PROTECTED]] Sent: Friday, September 21, 2001 10:25 PM To: Matthew Walker Cc: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions and include()... I believe: include() gets parsed and executed on the server that is doing the include-ing, not the remote server... If that file has session_xxx() in it, you'll have started a session and whatnot on the local server. The remote server doesn't even have to have PHP on it at all, and its configuration is irrelevant, other than allowing you to read some file that happens to have PHP source code in it... Which, by the way, is a very scarey concept unless you have complete security control over the remote server... -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm - Original Message - From: Matthew Walker [EMAIL PROTECTED] Newsgroups: php.general To: [EMAIL PROTECTED] Sent: Friday, September 21, 2001 11:48 AM Subject: Sessions and include()... What happens if you use include() to include a file from another server, and that file sets a session? Does the session get set for the domain of the wrapper page, or does it get set for the domain of the included page? -- Matthew Walker Ecommerce Project Manager Mountain Top Herbs --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.281 / Virus Database: 149 - Release Date: 9/18/2001 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: Sessions Getting Broken
Hmm.. How do I know how fast they timeout? And it seems that all of my users drop at the same time, not sure about it thou. session.cache_expire is set to 180. session.cookie_lifetime is 0. Maybe those do tell you something and you tell me more! :) Niklas -Original Message- From: _lallous [mailto:[EMAIL PROTECTED]] Sent: 11. syyskuuta 2001 13:09 To: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions Getting Broken Maybe it's getting timed out? Niklas lampén [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a database update system and I regonize users with sessions. Sometimes sessions just broke with no sane (for me at least) reason. Any ideas what may cause this, it's pretty anoying if you have updated 20 fields, try to submit the form and then you get kicked out of the system!?! Otherwise my sessions work great. :) Niklas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Re: Sessions Getting Broken
Can't tell like that No more ideasmaybe somecode would help?! Niklas lampén [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hmm.. How do I know how fast they timeout? And it seems that all of my users drop at the same time, not sure about it thou. session.cache_expire is set to 180. session.cookie_lifetime is 0. Maybe those do tell you something and you tell me more! :) Niklas -Original Message- From: _lallous [mailto:[EMAIL PROTECTED]] Sent: 11. syyskuuta 2001 13:09 To: [EMAIL PROTECTED] Subject: [PHP] Re: Sessions Getting Broken Maybe it's getting timed out? Niklas lampén [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a database update system and I regonize users with sessions. Sometimes sessions just broke with no sane (for me at least) reason. Any ideas what may cause this, it's pretty anoying if you have updated 20 fields, try to submit the form and then you get kicked out of the system!?! Otherwise my sessions work great. :) Niklas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: Sessions Getting Broken
session_start();
if (!session_is_registered(Session)) {
toStart(2);
exit;
};
$Session = $GLOBALS[Session];
This is what I do on every page. I don't think it's timeout, since the
session might get broken just after 5 minutes.
function toStart() is used to move user to the login page with an error
code.
Niklas
-Original Message-
From: _lallous [mailto:[EMAIL PROTECTED]]
Sent: 11. syyskuuta 2001 14:35
To: [EMAIL PROTECTED]
Subject: Re: [PHP] Re: Sessions Getting Broken
Can't tell like that
No more ideasmaybe somecode would help?!
Niklas lampén [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hmm.. How do I know how fast they timeout? And it seems that all of my
users
drop at the same time, not sure about it thou.
session.cache_expire is set to 180.
session.cookie_lifetime is 0.
Maybe those do tell you something and you tell me more! :)
Niklas
-Original Message-
From: _lallous [mailto:[EMAIL PROTECTED]]
Sent: 11. syyskuuta 2001 13:09
To: [EMAIL PROTECTED]
Subject: [PHP] Re: Sessions Getting Broken
Maybe it's getting timed out?
Niklas lampén [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
I have a database update system and I regonize users with sessions.
Sometimes sessions just broke with no sane (for me at least) reason.
Any ideas what may cause this, it's pretty anoying if you have updated
20
fields, try to submit the form and then you get kicked out of the
system!?!
Otherwise my sessions work great. :)
Niklas
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
