Search Results

Search found 9490 results on 380 pages for 'session hijacking'.

Page 11/380 | < Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >

  • Which PHP session settings are incorrect here?

    - by Greg McNulty
    I see the savepath has no value but does it default to something? Are the other values OK? I have access to the server and PHP files but how and what do I change? The specific issue - On page 1: session_start(); $_SESSION['uType']=$row['usertype']; //save user type to session print_r($_SESSION); //Prints the user type successfully On page 2: session_start(); print_r($_SESSION); //BLANK?? Observed: Page 1 displays the session data. However, there are NO cookies created anywhere on the browser? Page 1 does a require to display page 2. Page 2 does not contain the session data. Using FireFox as the target browser (looking at cookies with web developer add-in) How do I get the session to work across all pages? Thank You and yes I am a newbie at this.

    Read the article

  • C# & Session Variables to iFrames

    - by Bryan
    I am currently in C# and I have set Session variables on each page. The link to my Colorbox is in the MasterPage, and on click opens up in an iframe from a different page in a different folder i.e. /admin/deals.aspx <-- iframed page in colorbox which needs SESSION /default.aspx <-- page with set SESSION Is there a way I can pass this variable to the iframed page?

    Read the article

  • IE8 Session sharing across tabs and windows

    - by Clint
    Has anyone implemented any effective solutions to address the numerous issues that are caused by IE8's session sharing functionality? We've gotten very close by writing a custom http module that compares session and view state values, but our efforts are thwarted by things such as accelerator keys and unaccceptable copying of session objects. This is a VB.Net web app.

    Read the article

  • What's causing “Session state has created a session id, but cannot save it because the response was

    - by mike nelson
    I'm getting this fault intermittently. I found this link which summarises fairly well what I was able to find on the Google: http://www.wacdesigns.com/2009/02/03/session-state-has-created-a-session-id-but-cannot-save-it-because-the-response-was-already-flushed-by-the-application/ Basically it says you can try setting the web config setting DisplayWhenNewSession, or try kicking the session state thing into life by getting the Session.SessionID in the Session_OnStart. But does anyone: a) have an explanation for this or even better, b) have a tried and tested fix I realise that I can't flush the response after doing anything that would affect the http response header. If I did this it would cause an error every time but this is intermittent. The SessionID should surely be created by ASP.NET at the beginning of the page response automatically, before anything in the ASPX page or the Page_Load (which is where all my flushes are called).

    Read the article

  • domain -> subdomain - passing session data

    - by Phil Jackson
    Howdy, having a little trouble here. I have domain.co.uk setting a session. When I click on a link on domain.co.uk to go to sub.domain.co.uk the session is not being read. I have altered session.cookie_domain to .domain.co.uk not still not working. Is there anything else that needs changing? Regards, me.

    Read the article

  • Why can't I read session variables

    - by Marty Goetz
    I have a c# .net web application. I create session variables but when I try to read them after I leave the page that they were created from I can't. Created on page 1 Session["UserName"] = "WhatEver"; Then I do Response.Redirect("~/whatever.aspx"); and try to read to read the session variable in the Page_Load method of the new page string userName = Session["UserName"].ToString(); I receive "Object reference not set to an instance of an object." Why am I receiving this error and what can I do to fix the problem? I would greatly appreciate any help anyone can give me.

    Read the article

  • c# how to set up and use session state from preinit

    - by Praesagus
    OK so to set and read variables from the current session String Myvar =(string) System.Web.HttpContext.Current.Session[“MyVariable”] To set System.Web.HttpContext.Current.Session[“MyVariable”] = “NewValue” I can do neither, I get a System.NullReferenceException: Object reference not set to an instance of an object. from System.Web.HttpContext.Current.Session. In my web.config I have <sessionState mode="StateServer" stateConnectionString="tcpip=127.0.0.1:42424" cookieless="false" timeout="20"> </sessionState> I have read a dozen articles on the the necessity of IHttpHandler and an IRequiresSessionState interface. I think the issue may be caused because I am requesting this information in Page_PreInit. I found a solution in a stack overflow article but I don't seem be using it properly to actually make this go. I am not sure what I am missing. Thanks in advance.

    Read the article

  • ViewState Vs Session ... maintaining object through page lifecycle

    - by Kyle
    Can someone please explain the difference between ViewState and Session? More specifically, I'd like to know the best way to keep an object available (continuously setting members through postbacks) throughout the lifecycle of my page. I currently use Sessions to do this, but I'm not sure if it's the best way. For example: SearchObject searchObject; protected void Page_Load(object sender, EventArgs e) { if(!IsPostBack) { searchObject = new SearchObject(); Session["searchObject"] = searchObject; } else { searchObject = (SearchObject)Session["searchObject"]; } } that allows me to use my searchObject anywhere else on my page but it's kind of cumbersome as I have to reset my session var if I change any properties etc. I'm thinking there must be a better way to do this so that .NET doesn't re-instantiate the object each time the page loads, but also puts it in the global scope of the Page class? Please advise. TIA

    Read the article

  • Session and cookie in same PHP file?

    - by ajsie
    Can't I set session and cookie in same PHP file? I get an error message if I set the cookie after I've set session telling me that the header is already sent. If I set session after cookie I get nothing but it seems not to work well.

    Read the article

  • is it correct to unset the session variable for a particular index as the vay whole session is made

    - by OM The Eternity
    is it correct to unset the session variable for a particular index as the vay whole session is made unset in PHP? I know this works: unset($_SESSION['bannersize']) But does this works ? : unset($_SESSION['bannersize'][3]) or is there any other way to unset any particular desired index of the session and then again rearrange the values inside it to remove the empty index..?

    Read the article

  • Zend Namespace - Check if Session Exists

    - by Vincent
    All, I am using Zend Framework and Zend_Session to do global session management for my application. I plan to clear all sessions on logout and hence am using the following code: if($this->sessionExists()) { $this->destroy(); } But it seems like it's not doing a good job.. I am getting an error: PHP Warning: session_destroy() [<a href='function.session-destroy'> function.session-destroy</a>]: Trying to destroy uninitialized session How can I get rid of this error? Is there an alternative to sessionExists()?

    Read the article

  • Any way to anticipate session timeout ?

    - by Tom
    Hi, Is there a way to "catch" the session timeout event, so as to retrieve data from HttpSession before its invalidated ? We're implementing the Filter Interface, and in the doFilter method, the user we stored in the session object at login is null when session times out. Thanks in advance.

    Read the article

  • Does ini_set('session.save_path', 'custom path'); effect the session garbage cleaner?

    - by newbtophp
    Hi! Does ini_set('session.save_path', 'custom path'); effect the session garbage cleaner? As I'm setting a custom directory for the sessions, because I've read from various php security guides, that setting a custom directory on shared hosting for sessions; can improve session security. But the problem is I've read somewhere that PHP does/handles the session garbage cleaning only when the session_save_path is the default and not modified (ie. using a custom directory)? - is this true, if so is their a solution for this?. (take into consideration I'm using shared hosting). Appreciate all help!

    Read the article

  • Hibernate + Spring + session + cache

    - by andromeda
    We are using Hibernate with Spring for our Java application. We find out that when a session update something in database other sessions can not see the update. For example user1 get the account balance from database then user2 increase the balance , if user1 get the object another time he see the account balance before updating (seems that session use the value from its cache) but we want to get the updated object with new account balance. User1 use one session during all activity that is different from user2 session. Is any configuration to force to get the updated object from database? or any other help?

    Read the article

  • Session Sharing with another User on *NIX and Windows

    - by Giri Mandalika
    Oracle Solaris Since Solaris is not widely known for its graphical interface, let's just focus on sharing a terminal session in read-only mode with another user on the same system. Here is an example. eg., % finger Login Name TTY Idle When Where root Super-User pts/1 Sat 16:57 dhcp-amer-vpn-rmdc-a sunperf ??? pts/2 4 Sat 16:41 pitcher.sfbay.sun.com In this example, two users root and sunperf are connected to the same system from two different terminals pts/1 and pts/2 respectively. If the root user wants to show something to sunperf user -- what s/he is doing in her/his terminal, for example, it can be accomplished with the following command. script -a /dev/null | tee -a <target_terminal eg., # script -a /dev/null | tee -a /dev/pts/2 Script started, file is /dev/null # # uptime 5:04pm up 1 day(s), 2:56, 2 users, load average: 0.81, 0.81, 0.81 # # isainfo -v 64-bit sparcv9 applications crc32c cbcond pause mont mpmul sha512 sha256 sha1 md5 camellia kasumi des aes ima hpc vis3 fmaf asi_blk_init vis2 vis popc 32-bit sparc applications crc32c cbcond pause mont mpmul sha512 sha256 sha1 md5 camellia kasumi des aes ima hpc vis3 fmaf asi_blk_init vis2 vis popc v8plus div32 mul32 # # exit Script done, file is /dev/null After the script .. | tee .. command, sunperf user should be able to see the root user's stdin and stdout contents in her/his own terminal until the script session exits in root user's terminal. Since this kind of sharing is based on capturing and redirecting the contents to the target terminal, the users on the receiving end won't be able to see whatever is being edited on initiators' terminal [using editors such as vi]. Also it is not possible to share the session with any connected user on the system unless the initiator has the necessary permissions and privileges. The script utility records everything printed in a terminal session, while the tee utility replicates the contents of the screen capture on to the standard output of the target terimal. The tee utility does not buffer the output - so, the screen capture from the initiators' terminal appears almost right away in the target terminal. Though I never tested, this technique may work on all *NIX and Linux flavors with little or no changes. Also there might be other ways to accomplish this. [Thanks to Sujeet for sharing this tip] Microsoft Windows Most of the Windows users may rely on VNC services to share a desktop session. Another way to share the desktop session is to use the Remote Desktop Connection (RDC) client. Here are the steps. Connect to the target Windows system using Remote Desktop Connection client Launch Windows Task Manager Navigate to the "Users" tab Find the user session that you want to connect to and have full control over as the other user who is currently holding that session Select the user name in Windows Task Manager, right click and choose the option "Remote Control" A window pops up on the other user's session with the message "<USER is requesting to control your session remotely. Do you accept the request?" Once the other user says "Yes", you will be granted access to that session. Since then both users should be able to see the same screen and even control the session from their respective workstations.

    Read the article

  • How to implement Session timeout in Web Server Side?

    - by Morgan Cheng
    I beheld a web framework implementing in-memory session in this way. The session object is added to Cache with timeout. When the time is out, the session is removed from Cache automatically. To protect race condition, each request should acquire lock on given session object to proceed. Each request will "touch" the session in Cache to refresh the timeout. Everything looks fine, until this scenario is discovered. Say, one operation takes a long time, longer than timeout. Another request comes and wait on session lock which is currently hold by the long-time request. Finally, the long-time request is over, it releases the lock. But, since it already takes longer time than timeout, the session object is already removed from Cache. This is obvious because the only request holding the lock doesn't have a chance to "touch" the session object in cache. The second request gets the lock but cannot retrieve the expired Session object. Oops... To fix this issue, the second request has to re-create the Session object. But, this is just like digging a buried dead body from tomb and try to bring it back to life. It causes buggy code. I'm wondering what's the best way to implement timeout in session to handle such scenario. I know that current platform must have good session mechanism. I just want to know the under-the-hood how.

    Read the article

  • Change the Session Variable Output

    - by user567230
    Hello I am using Dreamweaver CS5 with Coldfusion 9 to build a dynamic website. I have a MS Access Database that stores login information which includes ID, FullName, FirstName, LastName, Username, Pawword, AcessLevels. My question is this: I currently have session variable to track the Username when it is entered into the login page. However I would like to use that Username to pull the User's FullName to display throughout the web pages and use for querying data. How do I change the session variable to read that when they are not entering their FullName on the login page but only Username and password. I have listed my login information code below if there is any additional information needed please let me know. This is the path for which the FullName values reside DataSource "Access" Table "Logininfo" Field "FullName" I want the FullName to be unique based on the Username submitted from the Login page. I apologize in advance for any rookie mistake I may have made I am new to this but learning fast! Ha. <cfif IsDefined("FORM.username")> <cfset MM_redirectLoginSuccess="members_page.cfm"> <cfset MM_redirectLoginFailed="sorry.cfm"> <cfquery name="MM_rsUser" datasource="Access"> SELECT FullName, Username,Password,AccessLevels FROM Logininfo WHERE Username=<cfqueryparam value="#FORM.username#" cfsqltype="cf_sql_clob" maxlength="50"> AND Password=<cfqueryparam value="#FORM.password#" cfsqltype="cf_sql_clob" maxlength="50"> </cfquery> <cfif MM_rsUser.RecordCount NEQ 0> <cftry> <cflock scope="Session" timeout="30" type="Exclusive"> <cfset Session.MM_Username=FORM.username> <cfset Session.MM_UserAuthorization=MM_rsUser.AccessLevels[1]> </cflock> <cfif IsDefined("URL.accessdenied") AND false> <cfset MM_redirectLoginSuccess=URL.accessdenied> </cfif> <cflocation url="#MM_redirectLoginSuccess#" addtoken="no"> <cfcatch type="Lock"> <!--- code for handling timeout of cflock ---> </cfcatch> </cftry> </cfif> <cflocation url="#MM_redirectLoginFailed#" addtoken="no"> <cfelse> <cfset MM_LoginAction=CGI.SCRIPT_NAME> <cfif CGI.QUERY_STRING NEQ ""> <cfset MM_LoginAction=MM_LoginAction & "?" & XMLFormat(CGI.QUERY_STRING)> </cfif> </cfif>

    Read the article

< Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >