Re: [PHP] session - cookie issues
On Fri, October 20, 2006 5:20 am, Dave Goodchild wrote:
Hi all, I am having issues with users not being able to post their
details
to my site. The system uses sessions, so when they hit the index page
a test
cookie is set thus:
setcookie('djst', 'test');
You should *NOT* set the timeout to an hour!
If their clock is off by an hour (or worse, your server clock is off
by an hour) the cookie will expire immediately.
Trusting the time of a Cookie clock is silly for anything less than
the scale of years, maybe months.
Even then, a user intent on causing trouble will reset their clock to
wild values to play with you, and then you're in trouble.
and then I test whether that cookie is set on the next page. If not, I
direct the users to an informational page. This works my end in FF and
IE6
(sec settings tested at low, medium and medium high) but appox 1 in 20
users
cannot get past the cookie warning, even if they set their security
settings
to low in IE.
I've had major problems with IE on one site like this as well, and
suspect it's that goofy short privacy policy thing...
Never have time to check it out, as the answer Use Firefox always
works out better. :-)
I am also setting PHPSESSID to something of my own, as I hear that IE
does
not like PHPSESSID (correct?).
Ar?
References, please?
Not that it would surprise me...
--
Some people have a gift link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] session - cookie issues
Hi all, I am having issues with users not being able to post their details
to my site. The system uses sessions, so when they hit the index page a test
cookie is set thus:
setcookie('djst', 'test');
and then I test whether that cookie is set on the next page. If not, I
direct the users to an informational page. This works my end in FF and IE6
(sec settings tested at low, medium and medium high) but appox 1 in 20 users
cannot get past the cookie warning, even if they set their security settings
to low in IE.
I am also setting PHPSESSID to something of my own, as I hear that IE does
not like PHPSESSID (correct?).
Any ideas?
--
http://www.web-buddha.co.uk
Re: [PHP] session - cookie issues
The way you're setting cookies (without a time parameter), it's set to
expire at the end of the current session. Though it should work
regardless, try setting an expire time:
setcookie('djst', 'test', time()+3600); // expire in an hour
On 10/20/06, Dave Goodchild [EMAIL PROTECTED] wrote:
Hi all, I am having issues with users not being able to post their details
to my site. The system uses sessions, so when they hit the index page a test
cookie is set thus:
setcookie('djst', 'test');
and then I test whether that cookie is set on the next page. If not, I
direct the users to an informational page. This works my end in FF and IE6
(sec settings tested at low, medium and medium high) but appox 1 in 20 users
cannot get past the cookie warning, even if they set their security settings
to low in IE.
I am also setting PHPSESSID to something of my own, as I hear that IE does
not like PHPSESSID (correct?).
Any ideas?
--
http://www.web-buddha.co.uk
--
Mukul Sabharwal
http://mjsabby.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session - cookie issues
Dave Goodchild wrote:
Hi all, I am having issues with users not being able to post their details
to my site. The system uses sessions, so when they hit the index page a
test
cookie is set thus:
setcookie('djst', 'test');
and then I test whether that cookie is set on the next page. If not, I
direct the users to an informational page. This works my end in FF and IE6
(sec settings tested at low, medium and medium high) but appox 1 in 20
users
cannot get past the cookie warning, even if they set their security
settings
to low in IE.
I am also setting PHPSESSID to something of my own, as I hear that IE does
not like PHPSESSID (correct?).
Any ideas?
--
http://www.web-buddha.co.uk
maybe this is of interest:
http://www.salesforce.com/developer/tech-notes.jsp?tn=TN-18
- Creating Cookies with P3P
--
View this message in context:
http://www.nabble.com/session---cookie-issues-tf2478990.html#a6923903
Sent from the PHP - General mailing list archive at Nabble.com.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session / cookie issues
Could it be a 3rd party cookie problem? Does IE display the little eyeball privacy icon on the troubled user's browser status bar? I seem to remember having issues when Microsoft started supporting the cookie privacy stuff. On 8/23/06, Dave Goodchild [EMAIL PROTECTED] wrote: Hi all. I mailed some time ago regarding a cookie/session issue I am having and thank you all for your useful and knowledgeable responses. I have now used 10 separate testers and 9 are able to progress through a 3-stage form process that validates data as it goes along and enters the data into the session array - enabling the user to go back and see previous forms pre-populated with their selected data (cahcing is enforced on these pages). However, the client still has issues and I have confirmed that their browser is rejecting cookies. They are using IE on Win XP and have Internet security set to Medium. I set mine to the same, used IE to go through the process and had no such issues. Can anyone tell me if I am missing something obvious? -- http://www.web-buddha.co.uk http://www.projectkarma.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session / cookie issues
On 24/08/06, Andrew Kreps [EMAIL PROTECTED] wrote: Could it be a 3rd party cookie problem? Does IE display the little eyeball privacy icon on the troubled user's browser status bar? I seem to remember having issues when Microsoft started supporting the cookie privacy stuff. I will check thanks - the user does not seem to have issues using other cookie-driven sites. -- http://www.web-buddha.co.uk http://www.projectkarma.co.uk
[PHP] Session / cookie issues
Hi all. I mailed some time ago regarding a cookie/session issue I am having and thank you all for your useful and knowledgeable responses. I have now used 10 separate testers and 9 are able to progress through a 3-stage form process that validates data as it goes along and enters the data into the session array - enabling the user to go back and see previous forms pre-populated with their selected data (cahcing is enforced on these pages). However, the client still has issues and I have confirmed that their browser is rejecting cookies. They are using IE on Win XP and have Internet security set to Medium. I set mine to the same, used IE to go through the process and had no such issues. Can anyone tell me if I am missing something obvious? -- http://www.web-buddha.co.uk http://www.projectkarma.co.uk
