Re: [PHP] php session in ie
On 11/14/05, Ford, Mike [EMAIL PROTECTED] wrote:
On 11 November 2005 18:47, sunaram patir wrote:
array(1) { [PHPSESSID]= string(32)
337a44c0d6c9ed3cf4ba4e97d707589e } is returned by firefox on calling
var_dump($_COOKIE). NULL in ie.
If the very same piece of PHP produces different results in different
browsers, this *MUST* be due to differences between the browsers. It could
be due to settings in the browsers, or it might simply be a bug in one or the
other -- but it can NOT NOT NOT be down to PHP. (Well, except inasmuch as
you might be able to make reasonable adjustments in your PHP to allow for the
difference. ;)
Cheers!
Mike
Fuck you bill gates! Fuck your ie! bye!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] php session in ie
On 11 November 2005 18:47, sunaram patir wrote:
array(1) { [PHPSESSID]= string(32)
337a44c0d6c9ed3cf4ba4e97d707589e } is returned by firefox on calling
var_dump($_COOKIE). NULL in ie.
If the very same piece of PHP produces different results in different browsers,
this *MUST* be due to differences between the browsers. It could be due to
settings in the browsers, or it might simply be a bug in one or the other --
but it can NOT NOT NOT be down to PHP. (Well, except inasmuch as you might be
able to make reasonable adjustments in your PHP to allow for the difference. ;)
Cheers!
Mike
-
Mike Ford, Electronic Information Services Adviser,
Learning Support Services, Learning Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Headingley Campus, LEEDS, LS6 3QS, United Kingdom
Email: [EMAIL PROTECTED]
Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211
To view the terms under which this email is distributed, please go to
http://disclaimer.leedsmet.ac.uk/email.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
to be redirected to login must have at least one of (
if(!isset($_SESSION['student_username'])
!isset($_SESSION['student_password'])) )
not set, which one (or both) fail under i.e. ???
hth
ag.
2005/11/11, sunaram patir [EMAIL PROTECTED]:
Hi, i am having problem with internet explorer. i am working on a
project on building a website where i need to keep track of the users
i.e. i use a login system in there in short. with the following code i
check whether the user is logged in or not.
?php
session_start();
$_SESSION['myurl']=$_SERVER['PHP_SELF'];
if(!isset($_SESSION['student_username'])
!isset($_SESSION['student_password']))
header(Location: login.php);
?
if the user is not logged in, it redirects to the login page login.php
as is shown in the above code. now the user is allowed to log in
through the following code:
?php
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
session_start();
if(isset($_POST['submit'])){
include(../database.inc);
$login=trim($_POST['login']);
$pass=trim($_POST['pass']);
$Effectivelogin=strtoupper($login);
$auth=false;
$connection=mysql_connect($host,$user,$password);
mysql_select_db($database,$connection);
$query=SELECT password FROM students WHERE userID='$Effectivelogin';
$result=mysql_query($query);
if(mysql_num_rows($result)){
while($row=mysql_fetch_array($result))
{
if($row[0]!=$pass)
echo (Wrong Username/Password!);
else
$auth=true;
}
}
if($auth){
$_SESSION[student_username]=$Effectivelogin;
$_SESSION[student_password]=$pass;
if(isset($_SESSION['myurl']))
header(Location: http://schools.zenrays.com.$_SESSION['myurl']);
else
header(Location: http://schools.zenrays.com/students;);
}
}
?
html
head
titleUser Authentication/title
/head
body
form method=post
LoginID:
input type=text name=loginbr
Password:
input type=password name=passbr
input type=submit name=submit value=Login
/form
/body
/html
then the user is redirected back to the page he visited. it workd fine
in firefox and msn explorer. in internet explorer, when i visit to a
link in any page it asks for the login details again. could anyone
please help me out?!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
On 11/12/05, adriano ghezzi [EMAIL PROTECTED] wrote: to be redirected to login must have at least one of ( if(!isset($_SESSION['student_username']) !isset($_SESSION['student_password'])) ) not set, which one (or both) fail under i.e. ??? hth if both of them aren't set, the user is redirected. but it doesnot relate to not working in ie or i don't understand what u are meaning. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
On 11 Nov 2005, at 11:43, sunaram patir wrote: it works fine in firefox and msn explorer. in internet explorer, when i visit to a link in any page it asks for the login details again. could anyone please help me out?! It just sounds like you have cookies disabled or not allowed for this site in IE. Marcus -- Marcus Bointon Synchromedia Limited: Putting you in the picture [EMAIL PROTECTED] | http://www.synchromedia.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
sunaram patir wrote: Hi, i am having problem with internet explorer. i am working on a project on building a website where i need to keep track of the users i.e. i use a login system in there in short. with the following code i check whether the user is logged in or not. ?php session_start(); $_SESSION['myurl']=$_SERVER['PHP_SELF']; if(!isset($_SESSION['student_username']) !isset($_SESSION['student_password'])) header(Location: login.php); It might not fix your problem but you should exit after location header. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
For security.. *never* store the password in a cookie..
if you must... instead do some sort of encryption on it and some other value
store that and use it for verification.
On Friday 11 November 2005 05:43 am, sunaram patir wrote:
Hi, i am having problem with internet explorer. i am working on a
project on building a website where i need to keep track of the users
i.e. i use a login system in there in short. with the following code i
check whether the user is logged in or not.
?php
session_start();
$_SESSION['myurl']=$_SERVER['PHP_SELF'];
if(!isset($_SESSION['student_username'])
!isset($_SESSION['student_password']))
header(Location: login.php);
?
if the user is not logged in, it redirects to the login page login.php
as is shown in the above code. now the user is allowed to log in
through the following code:
?php
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
session_start();
$auth=false;
if($auth){
$_SESSION[student_username]=$Effectivelogin;
$_SESSION[student_password]=$pass;
if(isset($_SESSION['myurl']))
header(Location:
http://schools.zenrays.com.$_SESSION['myurl']); else
header(Location: http://schools.zenrays.com/students;);
}
it works fine in firefox and msn explorer. in internet explorer, when
i visit to a
link in any page it asks for the login details again. could anyone
please help me out?!
regards,
sunaram
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
Stephen Leaf wrote: For security.. *never* store the password in a cookie.. OP stores the password in session -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
i will for sure. thanks. On 11/11/05, M [EMAIL PROTECTED] wrote: Stephen Leaf wrote: For security.. *never* store the password in a cookie.. OP stores the password in session -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
On Fri, November 11, 2005 5:20 am, sunaram patir wrote:
session_start();
This one here... (see below)
header(Location: login.php);
Not crucial, but you'd save some HTTP connections by just doing:
require 'login.php';
exit;
instead of bouncing the user's agent back and forth
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
session_start();
... will probably not match this one here.
You've set the Cookie Parameters here to very specific values.
You should do that consitently on every session_start() to make sure
your site's cookies are always operating under the same conditions.
if(isset($_POST['submit'])){
include(../database.inc);
$login=trim($_POST['login']);
$pass=trim($_POST['pass']);
$Effectivelogin=strtoupper($login);
$auth=false;
You really ought to do more validation than that...
http://php.net/mysql_real_escape_string
Possibly limit 'login' to alphanumeric and 'pass' to non-control
characters.
then the user is redirected back to the page he visited. it workd fine
You also won't need to re-direct the user back to what they wanted --
The URL will already be what they asked for when the login works.
Change the ACTION= to ACTION=?php echo $_SERVER['PHP_SELF']?
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
instead of bouncing the user's agent back and forth
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
session_start();
... will probably not match this one here.
You've set the Cookie Parameters here to very specific values.
You should do that consitently on every session_start() to make sure
your site's cookies are always operating under the same conditions.
i included the tfollowing two lines to my starting script on each
page, but still not working
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
when i call var_dump($_COOKIE), it returns null. i can't make out
what's happening!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
He's not storing the password in a Cookies.
He's storging it in a $_SESSION
Which is still a Risk, especially on a shared server, but it's not
necessarily in the category of Never do this
On Fri, November 11, 2005 9:48 am, Stephen Leaf wrote:
For security.. *never* store the password in a cookie..
if you must... instead do some sort of encryption on it and some other
value
store that and use it for verification.
On Friday 11 November 2005 05:43 am, sunaram patir wrote:
Hi, i am having problem with internet explorer. i am working on a
project on building a website where i need to keep track of the
users
i.e. i use a login system in there in short. with the following code
i
check whether the user is logged in or not.
?php
session_start();
$_SESSION['myurl']=$_SERVER['PHP_SELF'];
if(!isset($_SESSION['student_username'])
!isset($_SESSION['student_password']))
header(Location: login.php);
?
if the user is not logged in, it redirects to the login page
login.php
as is shown in the above code. now the user is allowed to log in
through the following code:
?php
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
session_start();
$auth=false;
if($auth){
$_SESSION[student_username]=$Effectivelogin;
$_SESSION[student_password]=$pass;
if(isset($_SESSION['myurl']))
header(Location:
http://schools.zenrays.com.$_SESSION['myurl']); else
header(Location: http://schools.zenrays.com/students;);
}
it works fine in firefox and msn explorer. in internet explorer,
when
i visit to a
link in any page it asks for the login details again. could anyone
please help me out?!
regards,
sunaram
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
On Fri, November 11, 2005 12:06 pm, sunaram patir wrote:
session_start();
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
when i call var_dump($_COOKIE), it returns null. i can't make out
what's happening!
Is $_COOKIE NULL in the browsers that work, or just in IE?
If it's only in IE, then is IE configured to not accept Cookies from
your site, or perhaps never from 3rd-party sites, or perhaps Security
settings are preventing the Cookies from being accepted...
You can't force the User to accept your Cookies.
Perhaps consider using trans_sid in php.ini to embed the Session ID in
the URL instead of a Cookie.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
array(1) { [PHPSESSID]= string(32)
337a44c0d6c9ed3cf4ba4e97d707589e } is returned by firefox on calling
var_dump($_COOKIE). NULL in ie.
On 11/11/05, Richard Lynch [EMAIL PROTECTED] wrote:
On Fri, November 11, 2005 12:06 pm, sunaram patir wrote:
session_start();
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
when i call var_dump($_COOKIE), it returns null. i can't make out
what's happening!
Is $_COOKIE NULL in the browsers that work, or just in IE?
If it's only in IE, then is IE configured to not accept Cookies from
your site, or perhaps never from 3rd-party sites, or perhaps Security
settings are preventing the Cookies from being accepted...
You can't force the User to accept your Cookies.
Perhaps consider using trans_sid in php.ini to embed the Session ID in
the URL instead of a Cookie.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
On 11/11/05, Richard Lynch [EMAIL PROTECTED] wrote:
On Fri, November 11, 2005 12:06 pm, sunaram patir wrote:
session_start();
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
when i call var_dump($_COOKIE), it returns null. i can't make out
what's happening!
Is $_COOKIE NULL in the browsers that work, or just in IE?
Perhaps consider using trans_sid in php.ini to embed the Session ID in
the URL instead of a Cookie.
Please look at http://schools.zenrays.com/phpinfo.php . trans_sid is on.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
Try setting session.use_cookies to Off so PHP won't even try to use
Cookies.
On Fri, November 11, 2005 12:49 pm, sunaram patir wrote:
On 11/11/05, Richard Lynch [EMAIL PROTECTED] wrote:
On Fri, November 11, 2005 12:06 pm, sunaram patir wrote:
session_start();
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
when i call var_dump($_COOKIE), it returns null. i can't make out
what's happening!
Is $_COOKIE NULL in the browsers that work, or just in IE?
Perhaps consider using trans_sid in php.ini to embed the Session ID
in
the URL instead of a Cookie.
Please look at http://schools.zenrays.com/phpinfo.php . trans_sid is
on.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
- Original Message -
From: sunaram patir [EMAIL PROTECTED]
To: php-general@lists.php.net
Sent: Friday, November 11, 2005 5:31 AM
Subject: [PHP] php session in ie
Hi, i am having problem with internet explorer. i am working on a
project on building a website where i need to keep track of the users
i.e. i use a login system in there in short. with the following code i
check whether the user is logged in or not.
?php
session_start();
$_SESSION['myurl']=$_SERVER['PHP_SELF'];
if(!isset($_SESSION['student_username'])
!isset($_SESSION['student_password']))
header(Location: login.php);
?
if the user is not logged in, it redirects to the login page login.php
as is shown in the above code. now the user is allowed to log in
through the following code:
?php
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
session_start();
if(isset($_POST['submit'])){
include(../database.inc);
$login=trim($_POST['login']);
$pass=trim($_POST['pass']);
$Effectivelogin=strtoupper($login);
$auth=false;
$connection=mysql_connect($host,$user,$password);
mysql_select_db($database,$connection);
$query=SELECT password FROM students WHERE userID='$Effectivelogin';
$result=mysql_query($query);
if(mysql_num_rows($result)){
while($row=mysql_fetch_array($result))
{
if($row[0]!=$pass)
echo (Wrong Username/Password!);
else
$auth=true;
}
}
if($auth){
$_SESSION[student_username]=$Effectivelogin;
$_SESSION[student_password]=$pass;
if(isset($_SESSION['myurl']))
header(Location:
http://schools.zenrays.com.$_SESSION['myurl']);
else
header(Location: http://schools.zenrays.com/students;);
}
}
?
html
head
titleUser Authentication/title
/head
body
form method=post
LoginID:
input type=text name=loginbr
Password:
input type=password name=passbr
input type=submit name=submit value=Login
/form
/body
/html
then the user is redirected back to the page he visited. it workd fine
in firefox and msn explorer. in internet explorer, when i visit to a
link in any page it asks for the login details again. could anyone
please help me out?!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hello,
I used this article for sessions with success
http://www.sitepoint.com/article/users-php-sessions-mysql
Best regards,
Andras Kende
http://www.kende.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php session in ie
if it's a risk then it's in my never get into the practice of doing this
category.
Passwords should always be used to verify and discarded. never saved in any
form which can be seen directly or decoded.
And true $_SESSION isn't a cookie.. however there are some systems that a
cookie is used like a session. in both cases I'd personally feel uneasy
storing a password like that.
On Friday 11 November 2005 12:23 pm, Richard Lynch wrote:
He's not storing the password in a Cookies.
He's storging it in a $_SESSION
Which is still a Risk, especially on a shared server, but it's not
necessarily in the category of Never do this
On Fri, November 11, 2005 9:48 am, Stephen Leaf wrote:
For security.. *never* store the password in a cookie..
if you must... instead do some sort of encryption on it and some other
value
store that and use it for verification.
On Friday 11 November 2005 05:43 am, sunaram patir wrote:
Hi, i am having problem with internet explorer. i am working on a
project on building a website where i need to keep track of the
users
i.e. i use a login system in there in short. with the following code
i
check whether the user is logged in or not.
?php
session_start();
$_SESSION['myurl']=$_SERVER['PHP_SELF'];
if(!isset($_SESSION['student_username'])
!isset($_SESSION['student_password']))
header(Location: login.php);
?
if the user is not logged in, it redirects to the login page
login.php
as is shown in the above code. now the user is allowed to log in
through the following code:
?php
session_cache_limiter('private_no_expire');
session_set_cookie_params(0,/,schools.zenrays.com);
session_start();
$auth=false;
if($auth){
$_SESSION[student_username]=$Effectivelogin;
$_SESSION[student_password]=$pass;
if(isset($_SESSION['myurl']))
header(Location:
http://schools.zenrays.com.$_SESSION['myurl']); else
header(Location: http://schools.zenrays.com/students;);
}
it works fine in firefox and msn explorer. in internet explorer,
when
i visit to a
link in any page it asks for the login details again. could anyone
please help me out?!
regards,
sunaram
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
