RE: [PHP] Re: problem with sessions config.
Thanks for your answers people; but i'm still having the problem, ¿any approach to the reason?. Remember everything works fine in on-line servers, so it may not be a problem of the code, but a config. one;cheers, Nicolas. > To: php-general@lists.php.net > Date: Sat, 22 Mar 2008 13:58:15 +0530 > From: [EMAIL PROTECTED] > Subject: [PHP] Re: problem with sessions config. > > N . Boatswain wrote: > > Hello guys; i'm having a problem with session behavior; i'm going straight > > to it, but first some considerations: > > PHP Version 5.2.5IIF 5.1Running on localhost (XP machine)I start sessions > > at the top of every page. > > > > A the start of a test page, just as example, i do the assignment: > > $_SESSION["username"] = "aaa"; > > > > At the end of the same page i print it's value: echo $_SESSION["username"]; > > > > And i get the layout: "aaa", as expecteed. > > > > Then I redirect to another page. On that one, after initializating the > > session ("session_start();") print again the $_SESSION["username"] content > > and the result is empty. If i try the same code on a server (all this is on > > my local machine), the code works as expected; so i think it is a > > configuration problem, here is my php.ini part that correspond to session > > configuration, so you can tell my if i'm doing anything wrong, long > > comments where removed: > > > > [Session]; Handler used to store/retrieve data.session.save_handler = > > files;session.save_path = "/tmp" BC 13/12/07session.save_path="/tmp"; > > Whether to use cookies.session.use_cookies = 1;session.cookie_secure = ; > > This option enables administrators to make their users invulnerable to; > > attacks which involve passing session ids in URLs; defaults to > > 0.session.use_only_cookies = 1; Name of the session (used as cookie > > name).session.name = PHPSESSID; Initialize session on request > > startup.session.auto_start = 1; Lifetime in seconds of cookie or, if 0, > > until browser is restarted.session.cookie_lifetime = 0; The path for which > > the cookie is valid.session.cookie_path = /; The domain for which the > > cookie is valid.session.cookie_domain =; Whether or not to add the httpOnly > > flag to the cookie, which makes it inaccessible to browser scripting > > languages such as JavaScript.session.cookie_httponly = ; Handler used to > > serialize data. php is the standard serializer of PHP.session.serialize_ha > ndler = php; Define the probability that the 'garbage collection' process is > started; on every session initialization.; The probability is calculated by > using gc_probability/gc_divisor,; e.g. 1/100 means there is a 1% chance that > the GC process starts; on each request.session.gc_probability = > 1session.gc_divisor = 1000; After this number of seconds, stored data > will be seen as 'garbage' and; cleaned up by the garbage collection > process.session.gc_maxlifetime = 1440session.bug_compat_42 = > 0session.bug_compat_warn = 1; Check HTTP Referer to invalidate externally > stored URLs containing ids.; HTTP_REFERER has to contain this substring for > the session to be; considered as valid.session.referer_check =; How many > bytes to read from the file.session.entropy_length = 0; Specified here to > create the session id.session.entropy_file =;session.entropy_length = > 16;session.entropy_file = /dev/urandom; Set to {nocache,private,public,} to > determine HTTP caching aspects; or leave this empt > y to avoid sending anti-caching headers.session.cache_limiter = nocache; > Document expires after n minutes.session.cache_expire = > 180session.use_trans_sid = 0; Select a hash function; 0: MD5 (128 bits); 1: > SHA-1 (160 bits)session.hash_function = 0; Define how many bits are stored in > each character when converting; the binary hash data to something readable.;; > 4 bits: 0-9, a-f; 5 bits: 0-9, a-v; 6 bits: 0-9, a-z, A-Z, "-", > ","session.hash_bits_per_character = 5; The URL rewriter will look for URLs > in a defined set of HTML tags.; form/fieldset are special; if you include > them here, the rewriter will; add a hidden field with the info which > is otherwise appended; to URLs. If you want XHTML conformity, remove the > form entry.; Note that all valid entries require a "=", even if no value > follows.url_rewriter.tags = > "a=href,area=href,frame=src,input=src,form=,fieldset=" > > > > Well, thanks and sorry for my english; > > > > Nicolás. > > > > > > > > ___
[PHP] Re: problem with sessions config.
N . Boatswain wrote: Hello guys; i'm having a problem with session behavior; i'm going straight to it, but first some considerations: PHP Version 5.2.5IIF 5.1Running on localhost (XP machine)I start sessions at the top of every page. A the start of a test page, just as example, i do the assignment: $_SESSION["username"] = "aaa"; At the end of the same page i print it's value: echo $_SESSION["username"]; And i get the layout: "aaa", as expecteed. Then I redirect to another page. On that one, after initializating the session ("session_start();") print again the $_SESSION["username"] content and the result is empty. If i try the same code on a server (all this is on my local machine), the code works as expected; so i think it is a configuration problem, here is my php.ini part that correspond to session configuration, so you can tell my if i'm doing anything wrong, long comments where removed: [Session]; Handler used to store/retrieve data.session.save_handler = files;session.save_path = "/tmp" BC 13/12/07session.save_path="/tmp"; Whether to use cookies.session.use_cookies = 1;session.cookie_secure = ; This option enables administrators to make their users invulnerable to; attacks which involve passing session ids in URLs; defaults to 0.session.use_only_cookies = 1; Name of the session (used as cookie name).session.name = PHPSESSID; Initialize session on request startup.session.auto_start = 1; Lifetime in seconds of cookie or, if 0, until browser is restarted.session.cookie_lifetime = 0; The path for which the cookie is valid.session.cookie_path = /; The domain for which the cookie is valid.session.cookie_domain =; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.session.cookie_httponly = ; Handler used to serialize data. php is the standard serializer of PHP.session.serialize_ha ndler = php; Define the probability that the 'garbage collection' process is started; on every session initialization.; The probability is calculated by using gc_probability/gc_divisor,; e.g. 1/100 means there is a 1% chance that the GC process starts; on each request.session.gc_probability = 1session.gc_divisor = 1000; After this number of seconds, stored data will be seen as 'garbage' and; cleaned up by the garbage collection process.session.gc_maxlifetime = 1440session.bug_compat_42 = 0session.bug_compat_warn = 1; Check HTTP Referer to invalidate externally stored URLs containing ids.; HTTP_REFERER has to contain this substring for the session to be; considered as valid.session.referer_check =; How many bytes to read from the file.session.entropy_length = 0; Specified here to create the session id.session.entropy_file =;session.entropy_length = 16;session.entropy_file = /dev/urandom; Set to {nocache,private,public,} to determine HTTP caching aspects; or leave this empt y to avoid sending anti-caching headers.session.cache_limiter = nocache; Document expires after n minutes.session.cache_expire = 180session.use_trans_sid = 0; Select a hash function; 0: MD5 (128 bits); 1: SHA-1 (160 bits)session.hash_function = 0; Define how many bits are stored in each character when converting; the binary hash data to something readable.;; 4 bits: 0-9, a-f; 5 bits: 0-9, a-v; 6 bits: 0-9, a-z, A-Z, "-", ","session.hash_bits_per_character = 5; The URL rewriter will look for URLs in a defined set of HTML tags.; form/fieldset are special; if you include them here, the rewriter will; add a hidden field with the info which is otherwise appended; to URLs. If you want XHTML conformity, remove the form entry.; Note that all valid entries require a "=", even if no value follows.url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" Well, thanks and sorry for my english; Nicolás. _ Watch “Cause Effect,” a show about real people making a real difference. Learn more. http://im.live.com/Messenger/IM/MTV/?source=text_watchcause It works for me; I am using php-5.2.5 with lighttpd and FastCGI. I called session_start() on both the pages. and I have enabled session.use_trans_sid. You can temporarily override it from the php script by using this - Try and report again. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Problem with Sessions
Sheni R. Meledath wrote: Hello: Session is not working in PHP script file when executed through the browser IE 5.0 on Windows 2000 platform. In IE latest versions the script is working fine. Does anybody have any solution or report related to this. PHP version on the server is 4.3. Sheni R Meledath [EMAIL PROTECTED] Well ask yourself a couple of questions... 1. Did you do a 'session_start();' at the top of your script? 2. What Web server are you running? (IIS / Apache etc.) 3. Does my PHP.INI file have the session.save_path directive set? 4. In the folder specified by PHP.INI are there any sess_99898... files? 5. Did you post any examples of your code so we can help pinpoint the exact problem? HTH Jas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Problem with sessions.
On Thu, 19 Dec 2002 16:43:10 -0700, Mike Hillyer <[EMAIL PROTECTED]> wrote: Hello All; Please forgive me if I am repeating an often asked question, but I am having a problem with sessions. I simply cannot get them to work. The sample code I provide works on another server perfectly, this is the first page: session_start(); session_register("name","pass"); $name = "hilde"; $pass = "mypassword"; echo "Session variables set!"; echo "go to next page"; ?> When called, the following file arrives in /tmp: sess_f9c5e87b35ae66eac64a9a346321b269 name|s:5:"hilde";pass|s:10:"mypassword"; So obviously the session file is being created. However, when I go to page2.php?PHPSESSID=f9c5e87b35ae66eac64a9a346321b269 Which has this code: session_start(); echo "The password of $name is $pass "; ?> I get "The Password of is " As a response. Both pages work perfectly on another server, so I am having trouble finding the problem, especially since the session file is actually created in /tmp My PHP.ini file is standard to a RedHat RPM install, but I will include it as an attachment. Any help would be greatly appreciated! Mike Hillyer Sounds like one server has registered globals on, and the other doesn't. Try changing your print statement like this: print 'The password of ' . $_SESSION['name'] is ' . $_SESSION['pass'] . ''; If you were displaying all errors and *warnings* (error_reporting (E_ALL)), it would have caught something like this. -- sasha -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Problem with sessions.(Again Sorry :)
> From: Richard Lynch [mailto:[EMAIL PROTECTED]] > > >> Don't cram things into $_SESSION. Use this: > >> > >> session_register('uid'); > >> global $uid; > >> $uid = $uinfo[0]; > > > >With PHP 4.2, you don't have to use session_register. You can do it > >exactly like the OP is. I do it all the time. Whether that is a > >"feature" or a bug, I don't know. > > It happens to work because that happens to be how Sessions are implemented > this week. > > > Programming 101: > Rule #27: Relying on implementation minutia instead of documented > functions > is just a Bad Idea (tm). > > > Use the functions that are documented to work. Anything else is a HACK > and > subject to break without notice. > > In PHP 4.3 or 5.0 or 7.3.1, when it *DOESN'T* work anymore and you have a > zillion lines of code cramming junk into $_SESSION scattered all through > your application, don't come crying to me. :-) Always a good method to follow, but the manual says you can use the $_SESSION method I gave. There is no need to use session_register() or the like. I would imagine that the older method would be depreciated eventually. It's a whole lot easier to just treat sessions like a variable without that whole register/unregister stuff. The manual actually cautions against using session_register/unregister if register_globals is OFF. http://www.php.net/manual/en/ref.session.php ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Problem with sessions.(Again Sorry :)
>> Don't cram things into $_SESSION. Use this: >> >> session_register('uid'); >> global $uid; >> $uid = $uinfo[0]; > >With PHP 4.2, you don't have to use session_register. You can do it >exactly like the OP is. I do it all the time. Whether that is a >"feature" or a bug, I don't know. It happens to work because that happens to be how Sessions are implemented this week. Programming 101: Rule #27: Relying on implementation minutia instead of documented functions is just a Bad Idea (tm). Use the functions that are documented to work. Anything else is a HACK and subject to break without notice. In PHP 4.3 or 5.0 or 7.3.1, when it *DOESN'T* work anymore and you have a zillion lines of code cramming junk into $_SESSION scattered all through your application, don't come crying to me. :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Problem with sessions.
php4 sessions or self made? own session_set_save_handler? Let us see the login code! Ok...that's how i would do it: After successful login i'd register a variable or set the registered variable to a specific value. Now i check on every page: If (!IsSet($_SESSION["myLoginVar"] ) || $_SESSION["myLoginVar"] != "myval") { //login page } Else { // logged in } Regards Michael "Ben Edwards" <[EMAIL PROTECTED]> schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I am using sessions for holding who is logged in and it is kind of > working. I have got a few emails from customers saying they cant log in > (and seeing as we have had less than 30 orders this is a real problem). I > can log in OK and cant recreate this problem. Any ideas regarding what > this could be would be much appreciated. > > I guess if you have cookies turned of it wont work but what else may cause > a problem. > > Regards, > Ben > > > * Ben Edwards +44 (0)117 9400 636 * > * Critical Site Builderhttp://www.criticaldistribution.com * > * online collaborative web authoring content management system * > * Get alt news/viws films onlinehttp://www.cultureshop.org * > * i-Contact Progressive Video http://www.videonetwork.org * > * Smashing the Corporate image http://www.subvertise.org * > * Bristol Indymedia http://bristol.indymedia.org * > * Bristol's radical news http://www.bristle.org.uk * > * PGP : F0CA 42B8 D56F 28AD 169B 49F3 3056 C6DB 8538 EEF8 * > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php