Search Results

Search found 10480 results on 420 pages for 'session cookies'.

Page 20/420 | < Previous Page | 16 17 18 19 20 21 22 23 24 25 26 27  | Next Page >

  • Why can't I read session variables

    - by Marty Goetz
    I have a c# .net web application. I create session variables but when I try to read them after I leave the page that they were created from I can't. Created on page 1 Session["UserName"] = "WhatEver"; Then I do Response.Redirect("~/whatever.aspx"); and try to read to read the session variable in the Page_Load method of the new page string userName = Session["UserName"].ToString(); I receive "Object reference not set to an instance of an object." Why am I receiving this error and what can I do to fix the problem? I would greatly appreciate any help anyone can give me.

    Read the article

  • domain -> subdomain - passing session data

    - by Phil Jackson
    Howdy, having a little trouble here. I have domain.co.uk setting a session. When I click on a link on domain.co.uk to go to sub.domain.co.uk the session is not being read. I have altered session.cookie_domain to .domain.co.uk not still not working. Is there anything else that needs changing? Regards, me.

    Read the article

  • c# how to set up and use session state from preinit

    - by Praesagus
    OK so to set and read variables from the current session String Myvar =(string) System.Web.HttpContext.Current.Session[“MyVariable”] To set System.Web.HttpContext.Current.Session[“MyVariable”] = “NewValue” I can do neither, I get a System.NullReferenceException: Object reference not set to an instance of an object. from System.Web.HttpContext.Current.Session. In my web.config I have <sessionState mode="StateServer" stateConnectionString="tcpip=127.0.0.1:42424" cookieless="false" timeout="20"> </sessionState> I have read a dozen articles on the the necessity of IHttpHandler and an IRequiresSessionState interface. I think the issue may be caused because I am requesting this information in Page_PreInit. I found a solution in a stack overflow article but I don't seem be using it properly to actually make this go. I am not sure what I am missing. Thanks in advance.

    Read the article

  • ViewState Vs Session ... maintaining object through page lifecycle

    - by Kyle
    Can someone please explain the difference between ViewState and Session? More specifically, I'd like to know the best way to keep an object available (continuously setting members through postbacks) throughout the lifecycle of my page. I currently use Sessions to do this, but I'm not sure if it's the best way. For example: SearchObject searchObject; protected void Page_Load(object sender, EventArgs e) { if(!IsPostBack) { searchObject = new SearchObject(); Session["searchObject"] = searchObject; } else { searchObject = (SearchObject)Session["searchObject"]; } } that allows me to use my searchObject anywhere else on my page but it's kind of cumbersome as I have to reset my session var if I change any properties etc. I'm thinking there must be a better way to do this so that .NET doesn't re-instantiate the object each time the page loads, but also puts it in the global scope of the Page class? Please advise. TIA

    Read the article

  • is it correct to unset the session variable for a particular index as the vay whole session is made

    - by OM The Eternity
    is it correct to unset the session variable for a particular index as the vay whole session is made unset in PHP? I know this works: unset($_SESSION['bannersize']) But does this works ? : unset($_SESSION['bannersize'][3]) or is there any other way to unset any particular desired index of the session and then again rearrange the values inside it to remove the empty index..?

    Read the article

  • Zend Namespace - Check if Session Exists

    - by Vincent
    All, I am using Zend Framework and Zend_Session to do global session management for my application. I plan to clear all sessions on logout and hence am using the following code: if($this->sessionExists()) { $this->destroy(); } But it seems like it's not doing a good job.. I am getting an error: PHP Warning: session_destroy() [<a href='function.session-destroy'> function.session-destroy</a>]: Trying to destroy uninitialized session How can I get rid of this error? Is there an alternative to sessionExists()?

    Read the article

  • Any way to anticipate session timeout ?

    - by Tom
    Hi, Is there a way to "catch" the session timeout event, so as to retrieve data from HttpSession before its invalidated ? We're implementing the Filter Interface, and in the doFilter method, the user we stored in the session object at login is null when session times out. Thanks in advance.

    Read the article

  • Is this the right way to set a cookie?

    - by AAA
    // if login is ok then we add a cookie $_POST['user_name'] = stripslashes($_POST['user_name']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['user_name'], $hour); setcookie(Key_my_site, $_POST['password'], $hour); Is this a right way to set cookies? Its been causing me serious redirect errors. See here: PHP Redirect problem with subdomain

    Read the article

  • Does ini_set('session.save_path', 'custom path'); effect the session garbage cleaner?

    - by newbtophp
    Hi! Does ini_set('session.save_path', 'custom path'); effect the session garbage cleaner? As I'm setting a custom directory for the sessions, because I've read from various php security guides, that setting a custom directory on shared hosting for sessions; can improve session security. But the problem is I've read somewhere that PHP does/handles the session garbage cleaning only when the session_save_path is the default and not modified (ie. using a custom directory)? - is this true, if so is their a solution for this?. (take into consideration I'm using shared hosting). Appreciate all help!

    Read the article

  • Hibernate + Spring + session + cache

    - by andromeda
    We are using Hibernate with Spring for our Java application. We find out that when a session update something in database other sessions can not see the update. For example user1 get the account balance from database then user2 increase the balance , if user1 get the object another time he see the account balance before updating (seems that session use the value from its cache) but we want to get the updated object with new account balance. User1 use one session during all activity that is different from user2 session. Is any configuration to force to get the updated object from database? or any other help?

    Read the article

  • Session Sharing with another User on *NIX and Windows

    - by Giri Mandalika
    Oracle Solaris Since Solaris is not widely known for its graphical interface, let's just focus on sharing a terminal session in read-only mode with another user on the same system. Here is an example. eg., % finger Login Name TTY Idle When Where root Super-User pts/1 Sat 16:57 dhcp-amer-vpn-rmdc-a sunperf ??? pts/2 4 Sat 16:41 pitcher.sfbay.sun.com In this example, two users root and sunperf are connected to the same system from two different terminals pts/1 and pts/2 respectively. If the root user wants to show something to sunperf user -- what s/he is doing in her/his terminal, for example, it can be accomplished with the following command. script -a /dev/null | tee -a <target_terminal eg., # script -a /dev/null | tee -a /dev/pts/2 Script started, file is /dev/null # # uptime 5:04pm up 1 day(s), 2:56, 2 users, load average: 0.81, 0.81, 0.81 # # isainfo -v 64-bit sparcv9 applications crc32c cbcond pause mont mpmul sha512 sha256 sha1 md5 camellia kasumi des aes ima hpc vis3 fmaf asi_blk_init vis2 vis popc 32-bit sparc applications crc32c cbcond pause mont mpmul sha512 sha256 sha1 md5 camellia kasumi des aes ima hpc vis3 fmaf asi_blk_init vis2 vis popc v8plus div32 mul32 # # exit Script done, file is /dev/null After the script .. | tee .. command, sunperf user should be able to see the root user's stdin and stdout contents in her/his own terminal until the script session exits in root user's terminal. Since this kind of sharing is based on capturing and redirecting the contents to the target terminal, the users on the receiving end won't be able to see whatever is being edited on initiators' terminal [using editors such as vi]. Also it is not possible to share the session with any connected user on the system unless the initiator has the necessary permissions and privileges. The script utility records everything printed in a terminal session, while the tee utility replicates the contents of the screen capture on to the standard output of the target terimal. The tee utility does not buffer the output - so, the screen capture from the initiators' terminal appears almost right away in the target terminal. Though I never tested, this technique may work on all *NIX and Linux flavors with little or no changes. Also there might be other ways to accomplish this. [Thanks to Sujeet for sharing this tip] Microsoft Windows Most of the Windows users may rely on VNC services to share a desktop session. Another way to share the desktop session is to use the Remote Desktop Connection (RDC) client. Here are the steps. Connect to the target Windows system using Remote Desktop Connection client Launch Windows Task Manager Navigate to the "Users" tab Find the user session that you want to connect to and have full control over as the other user who is currently holding that session Select the user name in Windows Task Manager, right click and choose the option "Remote Control" A window pops up on the other user's session with the message "<USER is requesting to control your session remotely. Do you accept the request?" Once the other user says "Yes", you will be granted access to that session. Since then both users should be able to see the same screen and even control the session from their respective workstations.

    Read the article

  • How do I securely delete cookies and saved passwords?

    - by Matt Solnit
    Is there a way, from inside the browser, to delete cookies and saved passwords in such a way that the data is unrecoverable (similar to Secure Empty Trash)? I know I can probably track down all the files involved and then manually do this, but I'm curious if there's an easier way. Or maybe browsers already do it out of the box? I'm specifically looking for solutions for Firefox and Safari, on Mac OS X.

    Read the article

  • Cookies Audit help

    - by Gino
    Someone can explain to me what is the purpose of these cookies? I'm doing a cookies audit and I didn't find anything on the web Domain: google.com(google maps), Name: NID Domain: google.com(google maps), Name: SNID Domain: google.com(google maps), Name: khcookie Domain: google.com(google maps), Name: PREF and Domain: tripadvisor.com, Name: ServerPool Domain: tripadvisor.com, Name: TAReturnTo Domain: tripadvisor.com, Name: TAUnique Domain: tripadvisor.com, Name: v1st Thank you very much, Gino

    Read the article

  • How to implement Session timeout in Web Server Side?

    - by Morgan Cheng
    I beheld a web framework implementing in-memory session in this way. The session object is added to Cache with timeout. When the time is out, the session is removed from Cache automatically. To protect race condition, each request should acquire lock on given session object to proceed. Each request will "touch" the session in Cache to refresh the timeout. Everything looks fine, until this scenario is discovered. Say, one operation takes a long time, longer than timeout. Another request comes and wait on session lock which is currently hold by the long-time request. Finally, the long-time request is over, it releases the lock. But, since it already takes longer time than timeout, the session object is already removed from Cache. This is obvious because the only request holding the lock doesn't have a chance to "touch" the session object in cache. The second request gets the lock but cannot retrieve the expired Session object. Oops... To fix this issue, the second request has to re-create the Session object. But, this is just like digging a buried dead body from tomb and try to bring it back to life. It causes buggy code. I'm wondering what's the best way to implement timeout in session to handle such scenario. I know that current platform must have good session mechanism. I just want to know the under-the-hood how.

    Read the article

  • Change the Session Variable Output

    - by user567230
    Hello I am using Dreamweaver CS5 with Coldfusion 9 to build a dynamic website. I have a MS Access Database that stores login information which includes ID, FullName, FirstName, LastName, Username, Pawword, AcessLevels. My question is this: I currently have session variable to track the Username when it is entered into the login page. However I would like to use that Username to pull the User's FullName to display throughout the web pages and use for querying data. How do I change the session variable to read that when they are not entering their FullName on the login page but only Username and password. I have listed my login information code below if there is any additional information needed please let me know. This is the path for which the FullName values reside DataSource "Access" Table "Logininfo" Field "FullName" I want the FullName to be unique based on the Username submitted from the Login page. I apologize in advance for any rookie mistake I may have made I am new to this but learning fast! Ha. <cfif IsDefined("FORM.username")> <cfset MM_redirectLoginSuccess="members_page.cfm"> <cfset MM_redirectLoginFailed="sorry.cfm"> <cfquery name="MM_rsUser" datasource="Access"> SELECT FullName, Username,Password,AccessLevels FROM Logininfo WHERE Username=<cfqueryparam value="#FORM.username#" cfsqltype="cf_sql_clob" maxlength="50"> AND Password=<cfqueryparam value="#FORM.password#" cfsqltype="cf_sql_clob" maxlength="50"> </cfquery> <cfif MM_rsUser.RecordCount NEQ 0> <cftry> <cflock scope="Session" timeout="30" type="Exclusive"> <cfset Session.MM_Username=FORM.username> <cfset Session.MM_UserAuthorization=MM_rsUser.AccessLevels[1]> </cflock> <cfif IsDefined("URL.accessdenied") AND false> <cfset MM_redirectLoginSuccess=URL.accessdenied> </cfif> <cflocation url="#MM_redirectLoginSuccess#" addtoken="no"> <cfcatch type="Lock"> <!--- code for handling timeout of cflock ---> </cfcatch> </cftry> </cfif> <cflocation url="#MM_redirectLoginFailed#" addtoken="no"> <cfelse> <cfset MM_LoginAction=CGI.SCRIPT_NAME> <cfif CGI.QUERY_STRING NEQ ""> <cfset MM_LoginAction=MM_LoginAction & "?" & XMLFormat(CGI.QUERY_STRING)> </cfif> </cfif>

    Read the article

  • Apache has many PHP session files

    - by PiTheNumber
    # ls /var/lib/php5 | wc -l 7488 # ls -la -rw------- 1 wwwrun www 0 Nov 9 15:30 sess_vtuh671rlafdidfjmgjfu6065p4tfieg -rw------- 1 wwwrun www 0 Nov 12 02:30 sess_vu9pn476oiqbsd20q4s2brt60b9vg90d -rw------- 1 wwwrun www 0 Nov 9 15:07 sess_vuonfs2cqsdiq8ja51ornh6lp5j9mf93 -rw------- 1 wwwrun www 0 Nov 9 16:02 sess_vuutcad8as55il34db3uqhqrsltd4q6o -rw------- 1 wwwrun www 0 Nov 9 23:26 sess_vv2mrv5dnlnts6das4g5jlfldael4l0e -rw------- 1 wwwrun www 44 Nov 9 20:35 sess_vvc0cfjuvk3lqb5m97fv6gsmv6bjhsdk -rw------- 1 wwwrun www 0 Nov 9 10:33 sess_vvq82fhj9lg29gaejemlb2lrk25mqv7d -rw------- 1 wwwrun www 0 Nov 9 20:36 sess_vvtd4ka8rfmcroa34unl06916ubj8sb9 Most of them are empty. There are not so many users on the server so I wonder where those files came from. Is this a problem or how does apache handle those file? Do they get delete automaticly? Could this be caused by a bad PHP file?

    Read the article

  • Proper way to configure ~/.Xsession with a standalone window manager to gracefully end a session

    - by cYrus
    I'm using xdm and my ~/.Xsession looks like this: # <initialization stuff here> exec openbox It works, but I've noticed that when I log out Openbox doesn't gracefully kill all the applications. In particular Google Chrome complains about that. How can I make sure to wait for all processes to exit (just like others configurations: Gnome, KDE, Windows ...)? The only (ugly) solution that I've found involves sleep and kill into ~/.Xsession.

    Read the article

  • ASP.NET MVC Session Expiration

    - by Andrew Flanagan
    We have an internal ASP.NET MVC application that requires a logon. Log on works great and does what's expected. We have a session expiration of 15 minutes. After sitting on a single page for that period of time, the user has lost the session. If they attempt to refresh the current page or browse to another, they will get a log on page. We keep their request stored so once they've logged in they can continue on to the page that they've requested. This works great. However, my issue is that on some pages there are AJAX calls. For example, they may fill out part of a form, wander off and let their session expire. When they come back, the screen is still displayed. If they simply fill in a box (which will make an AJAX call) the AJAX call will return the Logon page (inside of whatever div the AJAX should have simply returned the actual results). This looks horrible. I think that the solution is to make the page itself expire (so that when a session is terminated, they automatically are returned to the logon screen without any action by them). However, I'm wondering if there are opinions/ideas on how best to implement this specifically in regards to best practices in ASP.NET MVC.

    Read the article

  • Checking if a session is active

    - by Josh
    I am building a captcha class. I need to store the generated code in a PHP session. This is my code so far: <?php class captcha { private $rndStr; private $length; function generateCode($length = 5) { $this->length = $length; $this->rndStr = md5(time() . rand(1, 1000)); $this->rndStr = substr($rndStr, 0, $this->length); return $rndStr; if(session_id() != '') { return "session active"; } else { return "no session active"; } } } ?> And using this code to check: <?php include('captcha.class.php'); session_start(); $obj = new captcha(); echo $obj->generateCode(); ?> But it doesn't output anything to the page, not even a PHP error. Does someone know why this is? And is there a better way I can check if I've started a session using session_start()? Thanks.

    Read the article

  • User roles - why not store in session?

    - by Phil
    I'm porting an ASP.NET application to MVC and need to store two items relating to an authenitcated user: a list of roles and a list of visible item IDs, to determine what the user can or cannot see. We've used WSE with a web service in the past and this made things unbelievably complex and impossible to debug properly. Now we're ditching the web service I was looking foward to drastically simplifying the solution simply to store these things in the session. A colleague suggested using the roles and membership providers but on looking into this I've found a number of problems: a) It suffers from similar but different problems to WSE in that it has to be used in a very constrained way maing it tricky even to write tests; b) The only caching option for the RolesProvider is based on cookies which we've rejected on security grounds; c) It introduces no end of complications and extra unwanted baggage; All we want to do, in a nutshell, is store two string variables in a user's session or something equivalent in a secure way and refer to them when we need to. What seems to be a ten minute job has so far taken several days of investigation and to compound the problem we have now discovered that session IDs can apparently be faked, see http://blogs.sans.org/appsecstreetfighter/2009/06/14/session-attacks-and-aspnet-part-1/ I'm left thinking there is no easy way to do this very simple job, but I find that impossible to believe. Could anyone: a) provide simple information on how to make ASP.NET MVC sessions secure as I always believed they were? b) suggest another simple way to store these two string variables for a logged in user's roles etc. without having to replace one complex nightmare with another as described above? Thank you.

    Read the article

  • Rails 2.3 session

    - by Sam Kong
    Hi, I am developing a rails 2.3.2 app. I need to keep session_id for an order record, retrieve it and finally delete the session_id when the order is completed. It worked when I used cookies as session store but it doesn't for active_record store. (I restarted my browser, so no cache issue.) I know rails 2.3 implements lazy session load. I read some info about it but am still confused. Can somebody clarify how I use session_id for such a case? What I am doing is... A user make an order going through several pages. There is no sign-up, neither login. So I keep session_id in the order record so that no other user can access the order. @order = Order.last :conditions = {:id = params[:id], :session_id = session[:session_id] } When the order is finished, I set nil to session_id column. How would you implement such a case in lazy session(and active_record store) environment? Thanks. Sam

    Read the article

< Previous Page | 16 17 18 19 20 21 22 23 24 25 26 27  | Next Page >