Re: [PHP] PHP and Sessions
On Monday 18 April 2005 05:22, Reynier Perez Mira wrote: Hi list: I have this code that Works perfectly: File: index.php ? session_start(); echo a href=logout.php?sid=. session_id().Close session/a; ? File: logout.php ? session_unset(); session_destroy(); ? When user click link all works fine but when user close window withouth click link the session is not delete and all vars preserve they values. How can I fix that? I use PHP 5.0.0 RC2 and Windows XP SP1. It's because the session is managed through cookies and they don't expire until the next load. You can: 1. Set the expiration time to time in the past using session_set_cookie_params(); 2. Stop the cookies and use GET method. Regards Reynier Prez Mira 3ero. Ing. Informtica Entre ms inteligente me siento, ms me doy cuenta de lo ignorante que soy. -- Cyberly yours, Petar Nedyalkov Devoted Orbitel Fan :-) PGP ID: 7AE45436 PGP Public Key: http://bu.orbitel.bg/pgp/bu.asc PGP Fingerprint: 7923 8D52 B145 02E8 6F63 8BDA 2D3F 7C0B 7AE4 5436 pgpohbo3m3AVw.pgp Description: PGP signature
Re: [PHP] PHP and Sessions
yes, set the cookie expiration to 0. Can be done in php.ini, or with the function mentioned. use ini_set() or change the value. On 4/18/05, Petar Nedyalkov [EMAIL PROTECTED] wrote: On Monday 18 April 2005 05:22, Reynier Perez Mira wrote: Hi list: I have this code that Works perfectly: File: index.php ? session_start(); echo a href=logout.php?sid=. session_id().Close session/a; ? File: logout.php ? session_unset(); session_destroy(); ? When user click link all works fine but when user close window withouth click link the session is not delete and all vars preserve they values. How can I fix that? I use PHP 5.0.0 RC2 and Windows XP SP1. It's because the session is managed through cookies and they don't expire until the next load. You can: 1. Set the expiration time to time in the past using session_set_cookie_params(); 2. Stop the cookies and use GET method. Regards Reynier Pérez Mira 3ero. Ing. Informática Entre más inteligente me siento, más me doy cuenta de lo ignorante que soy. -- Cyberly yours, Petar Nedyalkov Devoted Orbitel Fan :-) PGP ID: 7AE45436 PGP Public Key: http://bu.orbitel.bg/pgp/bu.asc PGP Fingerprint: 7923 8D52 B145 02E8 6F63 8BDA 2D3F 7C0B 7AE4 5436 -- The Disguised Jedi [EMAIL PROTECTED] Now you have my $0.02. Or .01 Pounds, .014 Euros, or $0.025 CAN. I'm world-wide BABY! PHP rocks! Knowledge is Power. Power Corrupts. Go to school, become evil Disclaimer: Any disclaimer attached to this message may be ignored. However, I must say that the ENTIRE contents of this message are subject to other's criticism, corrections, and speculations. This message is Certified Virus Free
Re: [PHP] PHP and Sessions?
Tim Thorburn wrote: Hi, I've created a password protected area on the site I'm working on using PHP Sessions - I've done this several times before without any difficulty. This time, I've copied my old code - made the necessary changes for login/passwd/database names, yet the sessions don't appear to be working. I've been comparing the PHP settings on each server - the server that works is using 4.2.2, the one that does not is using 4.1.2. Other than that, the only difference is that on the server that works I've changed the path to the PHP include dir (from the server set default into my account). Can anyone offer any suggestions? This is by far the most FAQ on this list... what changed http://www.php.net/manual/en/language.variables.predefined.php why it changed http://www.php.net/manual/en/security.registerglobals.php In PHP 4.2.0 and later, the default value for the PHP directive register_globals is off. This is a major change in PHP. Having register_globals off affects the set of predefined variables available in the global scope. For example, to get DOCUMENT_ROOT you'll use $_SERVER['DOCUMENT_ROOT'] instead of $DOCUMENT_ROOT, or $_GET['id'] from the URL http://www.example.com/test.php?id=3 instead of $id, or $_ENV['HOME'] instead of $HOME. For related information on this change, read the configuration entry for register_globals, the security chapter on Using Register Globals , as well as the PHP 4.1.0 and 4.2.0 Release Announcements. Using the available PHP Reserved Predefined Variables, like the superglobal arrays, is preferred. -- Sean -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP and Sessions?
But he said that it's working in 4.2.2 (default off), but not working in 4.1.2 (default on). If I remember correctly, $HTTP_POST_VARS['whatever'] worked before 4.2.x, right? What about things like $_POST $_SERVER, etc. did those work prior to 4.2.0? Sean Burlington wrote: Tim Thorburn wrote: Hi, I've created a password protected area on the site I'm working on using PHP Sessions - I've done this several times before without any difficulty. This time, I've copied my old code - made the necessary changes for login/passwd/database names, yet the sessions don't appear to be working. I've been comparing the PHP settings on each server - the server that works is using 4.2.2, the one that does not is using 4.1.2. Other than that, the only difference is that on the server that works I've changed the path to the PHP include dir (from the server set default into my account). Can anyone offer any suggestions? This is by far the most FAQ on this list... what changed http://www.php.net/manual/en/language.variables.predefined.php why it changed http://www.php.net/manual/en/security.registerglobals.php In PHP 4.2.0 and later, the default value for the PHP directive register_globals is off. This is a major change in PHP. Having register_globals off affects the set of predefined variables available in the global scope. For example, to get DOCUMENT_ROOT you'll use $_SERVER['DOCUMENT_ROOT'] instead of $DOCUMENT_ROOT, or $_GET['id'] from the URL http://www.example.com/test.php?id=3 instead of $id, or $_ENV['HOME'] instead of $HOME. For related information on this change, read the configuration entry for register_globals, the security chapter on Using Register Globals , as well as the PHP 4.1.0 and 4.2.0 Release Announcements. Using the available PHP Reserved Predefined Variables, like the superglobal arrays, is preferred. -- By-Tor.com It's all about the Rush http://www.by-tor.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP and Sessions?
on 21/01/03 8:33 AM, John Nichel ([EMAIL PROTECTED]) wrote: But he said that it's working in 4.2.2 (default off), but not working in 4.1.2 (default on). If I remember correctly, $HTTP_POST_VARS['whatever'] worked before 4.2.x, right? What about things like $_POST $_SERVER, etc. did those work prior to 4.2.0? the super global arrays ($_POST et al) came in 4.1.0 things like $HTTP_POST_VARS have been working for ages. they are repricated, but continue to work for a long time IMHO register_globals defaulted to off in 4.2(.x???) ONLY if you were doing a clean install... if you were updating, it tried to grab your old value (on). Justin Sean Burlington wrote: Tim Thorburn wrote: Hi, I've created a password protected area on the site I'm working on using PHP Sessions - I've done this several times before without any difficulty. This time, I've copied my old code - made the necessary changes for login/passwd/database names, yet the sessions don't appear to be working. I've been comparing the PHP settings on each server - the server that works is using 4.2.2, the one that does not is using 4.1.2. Other than that, the only difference is that on the server that works I've changed the path to the PHP include dir (from the server set default into my account). Can anyone offer any suggestions? This is by far the most FAQ on this list... what changed http://www.php.net/manual/en/language.variables.predefined.php why it changed http://www.php.net/manual/en/security.registerglobals.php In PHP 4.2.0 and later, the default value for the PHP directive register_globals is off. This is a major change in PHP. Having register_globals off affects the set of predefined variables available in the global scope. For example, to get DOCUMENT_ROOT you'll use $_SERVER['DOCUMENT_ROOT'] instead of $DOCUMENT_ROOT, or $_GET['id'] from the URL http://www.example.com/test.php?id=3 instead of $id, or $_ENV['HOME'] instead of $HOME. For related information on this change, read the configuration entry for register_globals, the security chapter on Using Register Globals , as well as the PHP 4.1.0 and 4.2.0 Release Announcements. Using the available PHP Reserved Predefined Variables, like the superglobal arrays, is preferred. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP and Sessions?
Yes, I've also had this script working on PHP 4.0.6 - basically I'm looking for reasons as to why the sessions may not be functioning properly. Right now I'm going line by line through the configuration of PHP on the server that works (4.2.2) and the server that doesn't work (4.1.2) - I'm hoping to find some difference, otherwise I don't know how to put password protection on the site. Another interesting issue with the site that doesn't work - if I try to add a .htaccess file changing the default include directory of PHP (as I've done many other times with various hosting companies) suddenly all my .php files cease to work and error screens popup. I wouldn't call myself a newbie, but I wouldn't call myself an expert - I think I'm somewhere in the middle ground of moderate user who's clued right now ... Any help on this would be greatly appreciated. Below I've compiled a list of the differences between the PHP configurations - perhaps something in here may shed some light? PHP 4.2.2 (works fine) './configure' '--with-apxs=/usr/local/apache/bin/apxs' '--with-mcrypt' '--enable-bcmath' '--enable-calendar' '--with-xml' '--with-swf=/usr/local/flash' '--with-gd=../gd-1.8.4' '--with-jpeg-dir=/usr/local' '--with-imap=../imap-2001.BETA.SNAP-0107112053' '--with-ming=../ming-0.1.1' '--enable-magic-quotes' '--with-mysql' '--enable-safe-mode' '--enable-track-vars' '--with-ttf' '--enable-versioning' '--with-curl' '--with-zlib' Settings: allow_call_time_pass_reference ON extension_dir ./ magic_quotes_gpc ON register_argc_argv ON sendmail_from no value unserialize_callback_func no value variables_order EGPCS PHP 4.1.2 (doesn't work) './configure' '--prefix=/usr' '--with-apxs=/usr/sbin/apxs' '--with-gd' '--with-gettext=/usr' '--enable-safe-mode' '--with-config-file-path=/etc/httpd' '--with-exec-dir=/usr/bin' '--with-zlib' '--enable-magic-quotes' '--with-regex=system' '--with-ttf' '--with-db' '--with-gdbm' '--enable-mbstring' '--enable-mbstr-enc-trans' '--enable-track-vars' '--enable-wddx=shared' '--enable-mm=shared' '--enable-xml' '--enable-ftp' '--disable-debug' '--with-libdir=/usr/lib' '--with-db3' '--with-interbase=shared' '--with-pgsql=shared' '--with-ldap' '--with-imap' '--with-curl=shared' '--with-pdflib=shared' Settings: allow_call_time_pass_reference OFF extension_dir /usr/lib/apache/php magic_quotes_gpc OFF register_argc_argv OFF sendmail_from [EMAIL PROTECTED] variables_order GPCS Thanks -Tim
Re: [PHP] PHP Login Sessions
Hello,
Jay Fitzgerald [EMAIL PROTECTED] wrote:
[snip]
===SNIP 2
?
session_start();
if (isset(valid_id))
{
echo $_SESSION[valid_id]P;
}
else
[/snip]
Perhaps, it's because you need to ask
if (isset($_SESSION['valid_id'])) ?
- E
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP 4.0.3 : Sessions history.back() : a solution ?
There is a functions called session_cache_limiter(). Use this function before you output anything (or use ob_start(), if you would like) Regards, -- Yasuo Ohgaki Matthieu Brunet [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Well, I suppose it's a well known problem, but I haven't found a solution yet... As you know, when you don't use sessions, you can use the back button of your browser, or the javascript commande history.back(). In the same time, you don't have to put some nocache header to have your dynamic pages refreshed when it change. Well. This very good. The back button use cache, but when you reload a page, it never take it from the cache (except the images). But when you use session, it's got wrong (as you can see, my English is a little bit approximate) With the session_cache_limiter at nocache in the php.ini, in most case, the back button don't work anymore. And if I set the session_cache_limiter to private, the back button work fine, but on the other hand, when you reload a page, it take it from the cache, until you make a hard reload. Not cool. :+/ So, somebody can explain me why the fact of using sessions change the functioning of the cache ? And is there a solution ? Thanks a lot. :+) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
