quot;access denied".
But thanks anyway.
Michele
-Original Message-
From: talk-boun...@lists.nyphp.org [mailto:talk-boun...@lists.nyphp.org] On
Behalf Of Paul A Houle
Sent: Thursday, March 19, 2009 10:30 AM
To: NYPHP Talk
Subject: Re: [nyphp-talk] Cookie
David Mintz wrote:
>
> Mor
David Mintz wrote:
Moreover, are you sure you want to rely on cookies for testing whether
a user is authenticated?
Uh, don't Google, Facebook, Yahoo, and most of the other
top-1000 sites use cookies to tell if users are authenticated? When's
the last time you logged onto a public-faci
wound up using a session variable instead, but was wondering what I had
done wrong.
Michele
_
From: talk-boun...@lists.nyphp.org [mailto:talk-boun...@lists.nyphp.org] On
Behalf Of David Mintz
Sent: Thursday, March 19, 2009 9:48 AM
To: NYPHP Talk
Subject: Re: [nyphp-talk] Cookie
Ok. Thanks.
I thought if I specified $path = it would resolve.
Michele
-Original Message-
From: talk-boun...@lists.nyphp.org [mailto:talk-boun...@lists.nyphp.org] On
Behalf Of Scott Mattocks
Sent: Thursday, March 19, 2009 9:18 AM
To: NYPHP Talk
Subject: Re: [nyphp-talk] Cookie
Michele
On Thu, Mar 19, 2009 at 9:18 AM, Scott Mattocks wrote:
> Michele Waldman wrote:
>
>> I was defined in the subdirectory, but not the root directory.
>>
>> So, I don't think it was an expiration problem.
>>
>
> It isn't that the cookie is expired already. It is that you are setting the
> path as th
Michele Waldman wrote:
I was defined in the subdirectory, but not the root directory.
So, I don't think it was an expiration problem.
It isn't that the cookie is expired already. It is that you are setting
the path as the expiration. You can't just leave it out and hope that
the function fig
NYPHP Talk
Subject: Re: [nyphp-talk] Cookie
Michele Waldman wrote:
>>From http://domain/accout/login.php, if did setcookie('logged_in", "1",
> $path="/");, like the documentation said too.
>
> Does anyone know what I'm doing wrong here?
You mean ot
Michele Waldman wrote:
From http://domain/accout/login.php, if did setcookie('logged_in", "1",
$path="/");, like the documentation said too.
Does anyone know what I'm doing wrong here?
You mean other than relying on that cookie to tell you if the user is
logged in? Yeah, you are missing the
I tried to set cookie from a subdirectory for the whole domain, but it
didn't work.
>From http://domain/accout/login.php, if did setcookie('logged_in", "1",
$path="/");, like the documentation said too.
But it still set it for the entire domain. I also tried:
setcookie('logged_in", "1", $p
Michael B Allen wrote:
Otherwise, you wouldn't need to use
cookies at all - you could just store the authenticator in the HTTP
session on the server. From a security perspective, cookies can be
sniffed just like session ids so there's not a great benefit there.
But the paper also has a section t
On Mon, Feb 2, 2009 at 1:05 PM, Paul A Houle wrote:
> Note that sites like yahoo, google, amazon, twitter, ebay, and digg
> don't use Basic Auth, Digest Auth or any of the Auth systems built into the
> http standard. They use the unofficial standard that's described in the
> following pap
11 matches
Mail list logo
