Search Results

Search found 3532 results on 142 pages for 'sticky sessions'.

Page 21/142 | < Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >

  • PHP Session data not being saved

    - by Crackerjack
    I have one of those "I swear I didn't touch the server" situations. I honestly didn't touch any of the php scripts. The problem I am having is that php data is not being saved across different pages or page refreshes. I know a new session is being created correctly because I can set a session variable (e.g. $_SESSION['foo'] = "foo" and print it back out on the same page just fine. But when I try to use that same variable on another page it is not set! Is there any php functions or information I can use on my hosts server to see what is going on? Here is an example script that does not work on my hosts' server as of right now: <?php session_start(); if(isset($_SESSION['views'])) $_SESSION['views'] = $_SESSION['views']+ 1; else $_SESSION['views'] = 1; echo "views = ". $_SESSION['views']; echo '<p><a href="page1.php">Refresh</a></p>'; ?> The 'views' variable never gets incremented after doing a page refresh. I'm thinking this is a problem on their side, but I wanted to make sure I'm not a complete idiot first. Here is the phpinfo() for my hosts' server (PHP Version 4.4.7):

    Read the article

  • PHP Single Sign On (SSO) generating new session id

    - by bigstylee
    I am trying to create a single sign on process. The method I have implemented makes use of storing session data in a database. When a new user comes to the website (www.example2.com) a table of authentication is checked. As this is their first visit to the website, there will be no match. The browser is redicted to the authentication server www.example1.com/authenticate.php?session_id=ABC123 where ABC123 represents the session id created on www.example2.com. THe session id which is then generated on www.example1.com is stored along side the session id using the parameter set in the URL. The user is then redirected back to the www.example2.com and a match of session ids should be found. This WAS working fine in FireFox but when I tried it in Chrome I noticed that the session id being generated when the browser is redirected back to www.example2.com is a new session id. As a result an infinite loop is created. This behaviour has not manifested itself in FireFox aswell. What is causing the new session id to be generated? More importantly, what can I do to stop it? Thanks in advance! EDIT I had a logically error that was causing an infinite loop. This now works fine again in FireFox but the infinite loop is still occuring in Chrome and Internet Explorer.

    Read the article

  • abandon session in asp.net on browser close..kill session cookie

    - by Tuviah
    So I have a website where I use session start and end events to track and limit open instances of our web application, even on the same computer. On page unload i call a session enabled page method which then called session.abandon. This triggers session end event and clears the session variable but unfortunately does not kill the session cookie!! as a result if other browser instances are open there are problems because their session state just disappeared...and much worse than this when I open the site again with the zombie session still not expired, I get multiple session start and session end events on any subsequent postbacks. This happens on all browsers. so how do I truly kill the session (force the cookie to expire)

    Read the article

  • Authlogic auto login fails on registration with STI User model

    - by Wei Gan
    Authlogin by default is supposed to auto login when the user's persistence token changes. It seems to fail in my Rails app. I set up the following single table inheritance user model hierarchy: class BaseUser < ActiveRecord::Base end class User < BaseUser acts_as_authentic end create_table "base_users", :force => true do |t| t.string "email" t.string "crypted_password" t.string "persistence_token" t.string "first_name" t.string "last_name" t.datetime "created_at" t.datetime "updated_at" t.string "type" end To get auto login to work, I need to explicitly log users in in my UsersController: def create @user = User.new(params[:user]) if @user.save UserSession.create(@user) # EXPLICITLY LOG USER IN BY CREATING SESSION flash[:notice] = "Welcome to Askapade!" redirect_to_target_or_default root_url else render :action => :new end end I was wondering if it's anything to do with STI, or that the table is named "base_users" and not "users". I set it up before without STI and it worked so I'm wondering why once I put in place this hierarchy, it fails. Thanks!

    Read the article

  • loading an asp after starting a session

    - by Noam Smadja
    the jQuery $("#loginform").submit(function(){ $.ajax({ type: "POST", url: "loginrespajax.asp", data: $("#loginform").serialize(), success: function(){ $("#loginform").hide("slow"); $("#loginform").load("userheader.asp"); $("#loginform").show("slow"); } }); }); thats userheader.asp <div class="userlinks"> <%if (session("userlevel")) then%> <% select case session("userlevel") case 1 %> <a href="managenews.asp"><%langstring("header_news")%></a> | <a href="managebooks.asp"><%langstring("header_books")%></a> | <a href="manageusers.asp"><%langstring("manage_users")%></a> | <a href="manageorders.asp"><%langstring("manage_orders")%></a> | <a href="managelanguage.asp"><%langstring("manage_language")%></a> | <a href="youthregistration.asp"><%langstring("youthreg_header")%></a> | <a href="manageregistrants.asp"><%langstring("youthlist_header")%></a> | <% case 2 %> <a href="managenews.asp"><%langstring("header_news")%></a> | <a href="managebooks.asp"><%langstring("header_books")%></a> | <a href="youthregistration.asp"><%langstring("youthreg_header")%></a> | <a href="manageregistrants.asp"><%langstring("youthlist_header")%></a> | <% case 3 %> <a href="youthregistration.asp"><%langstring("youthreg_header")%></a> | <a href="manageregistrants.asp"><%langstring("youthlist_header")%></a> | <% End select %> <a href="editprofile.asp"><%langstring("editprofile_header")%></a> | <a href="changepassword.asp"><%langstring("changepassword_header")%></a> | <a href="logout.asp"><%langstring("logout_header")%></a> <%else%> <form action="loginrespajax.asp" method="POST" name="loginform" id="loginform" class="loginform" onSubmit="return false;"> <input type="text" name="username" value="username" class="input inline" onFocus="clearText(this);"> <input type="password" name="password" value="password" class="input inline" onFocus="clearText(this);"> <input type="submit" value="Log In" class="submit inline"> </form> <%End if%> </div> i am submiting the login form using AJAX and the jQuery partially works. it does hide and show again. but it prints the ELSE part of in userheader.asp. the session does start, for sure :)

    Read the article

  • RackSpace Cloud Strips $_SESSION if URL Has Certain File Extensions

    - by macinjosh
    The Situation I am creating a video training site for a client on the RackSpace Cloud using the traditional LAMP stack (RackSpace's cloud has both Windows and LAMP stacks). The videos and other media files I'm serving on this site need to be protected as my client charges money for access to them. There is no DRM or funny business like that, essentially we store the files outside of the web root and use PHP to authenticate user's before they are able to access the files by using mod_rewrite to run the request through PHP. So let's say the user requests a file at this URL: http://www.example.com/uploads/preview_image/29.jpg I am using mod_rewrite to rewrite that url to: http://www.example.com/files.php?path=%2Fuploads%2Fpreview_image%2F29.jpg Here is a simplified version of the files.php script: <?php // Setups the environment and sets $logged_in // This part requires $_SESSION require_once('../../includes/user_config.php'); if (!$logged_in) { // Redirect non-authenticated users header('Location: login.php'); } // This user is authenticated, continue $content_type = "image/jpeg"; // getAbsolutePathForRequestedResource() takes // a Query Parameter called path and uses DB // lookups and some string manipulation to get // an absolute path. This part doesn't have // any bearing on the problem at hand $file_path = getAbsolutePathForRequestedResource($_GET['path']); // At this point $file_path looks something like // this: "/path/to/a/place/outside/the/webroot" if (file_exists($file_path) && !is_dir($file_path)) { header("Content-Type: $content_type"); header('Content-Length: ' . filesize($file_path)); echo file_get_contents($file_path); } else { header('HTTP/1.0 404 Not Found'); header('Status: 404 Not Found'); echo '404 Not Found'; } exit(); ?> The Problem Let me start by saying this works perfectly for me. On local test machines it works like a charm. However once deployed to the cloud it stops working. After some debugging it turns out that if a request to the cloud has certain file extensions like .JPG, .PNG, or .SWF (i.e. extensions of typically static media files.) the request is routed to a cache system called Varnish. The end result of this routing is that by the time this whole process makes it to my PHP script the session is not present. If I change the extension in the URL to .PHP or if I even add a query parameter Varnish is bypassed and the PHP script can get the session. No problem right? I'll just add a meaningless query parameter to my requests! Here is the rub: The media files I am serving through this system are being requested through compiled SWF files that I have zero control over. They are generated by third-party software and I have no hope of adding or changing the URLs that they request. Are there any other options I have on this? Update: I should note that I have verified this behavior with RackSpace support and they have said there is nothing they can do about it.

    Read the article

  • Help a Beginner with a PHP based Login System

    - by Brian Lang
    I'm a bit embarrassed to say, but I've run into issue with creating a PHP based login system. I'm using a site template to handle the looks of the the login process, so I will spare you the code. Here is my thought process on how to handle the login: Create a simple login.php file. On there will be a form whose action is set to itself. It will check to see if the submit has been clicked, and if so validate to make sure the user entered a valid password / username. If they do, set a session variable save some login info (username, NOT password), and redirect them to a restricted area. If the login info isn't valid, save an error message in a session variable, display error message giving further instruction, and wait for the user to resubmit. Here is a chunk of what I have - hopefully one of you experts can see where I've gone wrong, and give me some insight: if(isset($_POST['submit'])) { if(!empty($_POST['username']) AND !empty(!$_POST['password'])) { header("Location: http://www.google.com"); } else { $err = 'All the fields must be filled in!'; } } if($err) { $_SESSION['msg']['login-err'] = $err; } ? Now the above is just an example - the intent of the above code is to process user input, with the script validating simply that the user has given input for username and password. If they have, I would like them, in this case, to be redirected to google.com (for the sake of this example). If not, save an error message. Given my current code, the error message will display perfectly, however if the user submits and has something entered for the username and password, the page simply doesn't redirect. I'm sure this is a silly question, but I am a beginner, and well, to be honest, a bit buzzed right now. Thanks so much!

    Read the article

  • PHP - stop calling on refresh

    - by Ross
    I need my class to create a new blank record when the page opens up the problem I am having is when the page refreshes it keeps incrementing by 1, if I write a session to keep the variable the next time I go back it does not increment. Any ideas? if(!isset($_POST['record_no'])) { echo $_POST['record_no'] = $projects->insert__blank_project(); } else { print "already Set"; }

    Read the article

  • Is session destory not enough to clean the session

    - by Kamo
    When the user clicks a logout button, I connect to a script that simply does this session_destroy(); session_start(); I thought this would be enough to reset all $_SESSION variables such as $_SESSION['logged'] and $_SESSION['username'] but when I load the page again, it automatically logs me in as if the session is still active.

    Read the article

  • Custom User Management for Google App Engine Java

    - by Gopi
    I am using GAE Java for a multi-user application. There are multiple users with different roles. Each user can login, do some operations and logout. The business restricts me from using Google User Service and I need to implement my own for authentication and session management. Can anyone please share with me how should I go about implementing my own user management? I have read its very tricky to implement own user management. Any pointers in terms of best approaches/ design / existing frameworks if any ? I could see some similar posts but they are for python.

    Read the article

  • PHP Beginner: How to pass PHP variable from one PHP code segment to another ?

    - by Misha Moroshko
    I have index.php which uploads a file to server and sets several PHP variables (like $target_folder_and_file_name). index.php also has the following line (it was originally index.html): <script language="JavaScript" src="main.js.php"></script> After index.php returned to the browser, the browsers asks for main.js.php from the server (right?). Can I access somehow $target_folder_and_file_name from the PHP code in main.js.php ?

    Read the article

  • Session variables not getting set but only in Internet Explorer and not on all machines

    - by gaoshan88
    Logging into a site I'm working on functions as expected on my local machine but fails on the remote server but ONLY in Internet Explorer. The kicker is that it works in IE locally, just not on the remote machine. What in the world could cause this? I have stepped through the code on the remote machine and can see the entered login values being checked in the database, they are found and then a login function is called. This sets two $_SESSION variables and redirects to the main admin page. However, in IE only (and not when run on local machine... this is key) the $_SESSION variables are not present by the time you get to the main admin page. var_dump($_SESSION) gives me what I expect on every browser when I am running this in my local environment and in every browser except IE 6, 7 and 8 when run on the remote server (where I get a null value as if nothing has been set for $_SESSION). This really has me stumped so any advice is appreciated. For an example... in IE, run locally, var_dump gives me: array 'Username' => string 'theusername' length=11 'UserID' => string 'somevalue' length=9 Run on the remote server (IE only... works fine in other browsers) var_dump gives me: array(0){} Code: $User = GetUser($Username, $Password); if ($User->UserID <> "") { // this works so we call Login()... Login($User); // this also works and gives expected results. on to redirect... header("Location: index.php"); // a var_dump at index.php shows that there is no session data at all in IE, remotely. } else { header("Location: login.php"); } function Login($data) { $_SESSION['Username'] = $data->Username; $_SESSION['UserID'] = $data->UserID; // a var dump here gives the expected data in every browser }

    Read the article

  • How to create a session in PHP when there is a session on the same domain in Rails?

    - by Tony
    I have a Rails app on a subdomain - xyz.domain.com, and a PHP app on another subdomain - abc.domain.com When a user is logged into the Rails app, I would like to give them a session so that I can log certain events about that user in the PHP app but in the same database of the Rails app. I would essentially just expose an API that requires authentication. What is the best way to go about this? I am not storing the session in a database

    Read the article

  • Securing an ajax request

    - by asdasdsa
    i have a website that uses session cookies for security. it works fine and all, but any ajax requests right now are not secure. example being lets say a user is on a page. they can only get to this page if they are logged in with a session - so far so good. but now the ajax request they ask for is ajaxpages/somepage.php?somevar=something&anothervar=something if any other user decides to just go to that link themselves (without a session) they still get the same ajax output that was meant for logged in people. so obviously im going to have to pass session data across when i send an ajax request. anyone have any tips for the best way of doing this? ive never done this before and would rather use trusted methods than make up my own.

    Read the article

  • how to pass session variable to model in RoR?

    - by siulamvictor
    I used a global variable in my app for passing information before. But I got a problem and thanks everyone here suggested me to store those data in session with database. I tried, but I found that I can't access the session variable in Model. I googled and knew this is the Model normal behavior, RoR won't pass the session variable to Model. So how to pass the value of the session variable into Models? or is there any other method for my use case? I need a variable storing a value, which is required in all MVCs, and should be independent between different concurrent users. Thanks everyone. :)

    Read the article

  • Troubles with a PHP session variable after form submission

    - by Psyche
    Hello, I'm setting a PHP session variable with a success message for a HTML form that I'm submitting. If there are no form errors, I redirect to the same page (using header()) and display the message from the session variable. Everything is fine until here, but if I access that page again after submission, the message is still there. Is it possible to make it appear only when I redirect after a successful submit? Thank you.

    Read the article

  • In Rails, what could cause a user to have another user's session?

    - by DavidNorth
    I have a Rails application using with an authentication system using Restful Authentication without any modification. Users have reported finding themselves logged in as the wrong user. In at least one case it was on their very first page view, never having logged in before. Is it possible their session ids are getting mixed up? Would switching to CookieStore make it impossible for this to happen since no session data is stored on the server this way? I suspect the problem is related to Passenger but I don't know where to start debugging this. Its only happened about 4 times in several months of being live so its virtually impossible to reproduce. Environment: ActiveRecord session storage Rails 2.2.2 Passenger 2.0.1 Apache 2 Ruby 1.8.6 Many thanks

    Read the article

  • Authentication and Security in my website - need advice please.

    - by Ichirichi
    Hi, I am using database with a list of username/passwords, and a simple web form that allows for users to enter their username/password. When they submit the page, I simply do a stored procedure check to authenticate. If they are authorised, then their user details (e.g. username, dob, address, company address, other important info) are stored in a custom User object and then in a session. This custom User object that I created is used throughout the web application, and also in a sub-site (session sharing). My question/problems are: Is my method of authentication the correct way to do things? I find users complaining that their session have expired although they "were not idle", possibly due the app pool recycling? They type large amounts of text and find that their session had expired and thus lose all the text typed in. I am uncertain whether the session does really reset sporadically but will Forms Authentication using cookies/cookiless resolve the issue? Alternatively should I build and store the User Object in a session, cookie or something else instead in order to be more "correct" and avoid cases like in point #2. If I go down the Forms Authentication route, I believe I cannot store my custom User object in a Forms Authentication cookie so does it mean I would store the UserID and then recreate the user object on every page? Would this not be a huge increase on the server load? Advice and answers much appreciated. L

    Read the article

< Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >