Search Results

Search found 10480 results on 420 pages for 'session cookies'.

Page 26/420 | < Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >

  • Alert user when their session is about to expire

    - by budugu
    Note: Cross posted from Vijay Kodali's Blog. Permalink Here is a quick and dirty trick to alert users on session timeout. This is not a perfect solution. But it will give reader an idea to work on... Some facts before we start: Session doesn't end When the user closes his browser When the user navigates away from your page When user connection lost. Session ends, when the server hasn't gotten a request from the user in a specific time (Session timeout value)....Permalink

    Read the article

  • How do I pass session variables from one domain to another in PHP

    - by Dave
    Hi everyone, I have encountered a situation where I need to pass $_SESSION variables from one domain to an iFrame page from another domain. I have spent the last 16 days trying various methods to no avail. I think that the only logical way would be to encode the variables in the url that calls the iFrame and decode them in th iFrame page. I am not sure how to go about this and I am looking for any samples, assistance etc that I can find. Thanks for any and all suggestions. Here is an example of what I am trying to do... Example: <!-- Note only using hidden as I didn't want to build the form at test phase--> <form name="test" method="post" action="iframe_test.php"> <input type="submit" name="Submit" /> <input type="hidden" name="fName" value="abc" /> <input type="hidden" name="lName" value="def" /> <input type="hidden" name="address1" value="ghi" /> <input type="hidden" name="address2" value="jkl" /> <input type="hidden" name="country" value="mno" /> <input type="hidden" name="postal_code" value="pqr" /> <input type="hidden" name="city" value="stu" /> <input type="hidden" name="retUrl" value="vwx"> <input type="hidden" name="decUrl" value="yz"> So from here I am hitting the iframe_test.php and doing the following: PHP Code: function StripSpecChar($val) { return (preg_replace('/[^a-zA-Z0-9" "-.@\:\/_]/','', $val)); } foreach ($_POST as $key => $val) { $_SESSION[$key] = StripSpecChar($val); } and I get a session array that looks like this: Code: Array ( [fName] => abc [lName] => def [address1] => ghi [address2] => jkl [country] => mno [postal_code] => pqr [city] => stu [retUrl] => vwx [decUrl] => yz ) Still all good so far....call the iFrame Code: <body> Some page stuff here <div align="center"><span class="style1"><strong>This is the iFrame Page</strong></span> </div> <div align="center"> <iframe src="https://www.other_domain.org/iframe/reserve.php" width="500" height="350" frameBorder="0"></iframe> </div> </body> So HOW do I take... $_SESSION['fName']['abc']; $_SESSION['lName']['def']; $_SESSION['address1']['ghi']; $_SESSION['address2']['jkl']; $_SESSION['country']['mno']; $_SESSION['postal_code']['pqr']; $_SESSION['city']['stu']; $_SESSION['retUrl']['vwx']; $_SESSION['decUrl']['yz']; and turn it into the encoded url that I am looking for? Further once that is done how to I get the session vars back as session vars on that new domain iFrame page...

    Read the article

  • IIS7 Session ID rotating with Classic ASP

    - by ManiacZX
    I am trying to migrate a Classic ASP app onto a Windows 2008 R2 server. The application features run fine, but I am having issue with session. The application keeps the logged in user information in session and I am constantly getting knocked out as if the session had expired. While debugging I have discovered the sessions are not expiring but instead I am getting 2-3 different Session IDs in use by one browser. I am outputting Response.Write(Session.SessionID) on various pages in the application and I can sit there and hit refresh over and over and watch the number changed between these 2-3 SessionIDs randomly. The sessions are still valid because when I refresh and get the Session ID that I logged in under the page is displayed (because the security check was successful) and when I get one of the other Session IDs I get the "you aren't logged in, you need to log in" message. If I close and re-open the browser, same story just the set of IDs are new. This happens with IE8, Firefox and Chrome from multiple computers. Things I've tried: - AppPool set to No Managed Code and Classic - Output Caching set .asp to never cache - ASP Session Properties enabled and disabled asp session state and confirmed it affected page (error trying to read Session.SessionID when disabled) Things I've tried just in case but shouldn't have anything to do with ASP Session: - Disabled compression - Changed ASP.Net Session State properties (InProc, StateServer, SQLServer, Cookies, URI, etc) -

    Read the article

  • PHP (CodeIgniter) Pass Object Through Session

    - by FranticPedantic
    I am using PHP5 and CodeIgniter and I am trying to implement a single-sign on feature with facebook (although I don't think that facebook is relevant to the question). I am somewhat of a novice with PHP and definitely one with CodeIgniter, so if you think my approach is just completely off telling me that would be helpful too. So here is in short what I am doing: //Controller 1 $this->load->plugin("facebook"); $facebook = new Facebook(array ( 'appId' => $fbconfig['appid'], 'secret' => $fbconfig['secret'], 'cookie' => true, ) ); $fbsession = $facebook->getSession(); //works fine $this->session->set_userdata('facebook', serialize($facebook); Now I would like to grab that facebook object in a different controller. //Controller 2 $facebook = unserialize($this->session->userdata('facebook')); $fbsession = $facebook->getSession(); Produces the error: Call to undefined method getSession. So I look up more about serialization and think that maybe it just doesn't know what the facebook object's attributes are. So I add in a $this->load->plugin('facebook'); To controller 2 as well and I get a "Cannot redeclare class facebook." I am strongly suspecting that I am misunderstanding sessions here. Do I have to somehow tell PHP what kind of object it is? Thanks for the help.

    Read the article

  • Rackspace Cloud rewrite jpg causes Session reset

    - by willoller
    This may be the .Net version of this question. I have an image script with the following: ... Response.WriteFile(filename); Response.End(); I am rewriting .jpg files using the following rewrite rule in web.config: <rule name="Image Redirect" stopProcessing="true"> <match url="^product-images/(.*).jpg" /> <conditions> <add input="{REQUEST_URI}" pattern="\.(jp?g|JP?G)$" /> </conditions> <action type="Redirect" redirectType="SeeOther" url="/product-images/ProductImage.aspx?path=product-images/{tolower:{R:1}}.jpg" /> </rule> It basically just rewrites the image path into a query parameter. The problem is that (intermittently of course) Mosso returns a new Asp Session cookie which breaks the whole world. Directly accessing a static .jpg file does not cause this problem. Directly accessing the image script does not cause it either. Only rewriting a .jpg file to the .aspx script causes the Session loss. Things I have tried (From the Rackspace doc How can I bypass the cache?) I added Private cacheability to the image script itself: Response.Cache.SetCacheability(HttpCacheability.Private); I tried adding these cache-disabling nodes to web.config: <staticContent> <clientCache cacheControlMode="DisableCache" /> </staticContent> and <httpProtocol> <customHeaders> <add name="Cache-Control private" value="Cache-Control private" </customHeaders> </httpProtocol> The Solution I need The browser cache cannot be disabled. This means potential solutions involving Cache.SetNoStore() or HttpCacheability.NoCache will not work.

    Read the article

  • How to prevent session hijacking with SID (CGI perl)

    - by Gnippots
    I have a web app used by a small number of people (internal only) and am using a randomised sessionID that is stored under the user record and placed in various links. I have had a problem where users are sending links to each other which is allowing them to hijack the sender's session. What are some ways of preventing this from happening while still letting users send links to one another? Edit: The session ID in the link (which also contains $username) is just compared to what is stored in the User table. &incorrectLogin just prints an error followed by die; if ($sid) { $sth = $dbh->prepare("SELECT * FROM tbl_User WHERE UserID = '$username'"); $sth->execute(); $ref = $sth->fetchrow_hashref(); $session_chk = $ref->{'usr_sessionID'}; unless ($sid eq $session_chk) {&incorrectLogin;} } The problem is that if someone uses a link that is created by someone else, the page will load as them. I am not using cookies, and I recall being told in the past that CGI perl cookie handling is quite poor.

    Read the article

  • PHP/WordPress Session CountDown

    - by Cameron
    I have the following code to show how long a user has left before their session will expire, I am using WordPress. How can I do this? Thanks <script> var obj_Span; var n_Seconds = 0; var n_Minutes = 0; var n_Hours = 0; function F_ConvertNumberToString ( n_Num ) { var str_Num = String(n_Num); if ( str_Num.length < 2 ) str_Num = "0" + str_Num; return str_Num; } function F_CountDown () { if ( n_Hours == 0 && n_Minutes == 0 && n_Seconds == 0 ) { obj_Span.innerHTML = "(Sorry, your session has expired.)"; } else { if ( n_Seconds >= 0 ) n_Seconds --; if ( n_Seconds < 0 ) { n_Minutes --; n_Seconds = 59; } if ( n_Minutes >= 0 ) { window.setTimeout ( "F_CountDown()", 1000 ); } if ( n_Minutes < 0 ) { n_Hours --; n_Minutes = 59; window.setTimeout ( "F_CountDown()", 1000 ); } F_UpdateDisplay (); } } function F_UpdateDisplay ( ) { if ( document.getElementById ) { if (n_Hours > 0 ) obj_Span.innerHTML = "(Remaining " + F_ConvertNumberToString(n_Hours) + ":" + F_ConvertNumberToString(n_Minutes) + ":" + F_ConvertNumberToString(n_Seconds) + ")"; else obj_Span.innerHTML = "(Remaining " + F_ConvertNumberToString(n_Minutes) + ":" + F_ConvertNumberToString(n_Seconds) + ")"; } } function F_StartCountDown ( n_Session ) { obj_Span = document.getElementById ( "CountDown" ); n_Minutes = n_Session; n_Hours = Math.floor(n_Minutes/60); n_Minutes = n_Minutes - (60*n_Hours); F_CountDown (); } </script> <script> F_StartCountDown ( " code here... " ); </script> <span id="CountDown"></span>

    Read the article

  • How Session out trigger on browser close?

    - by Hemant Kothiyal
    Hi, Yesterday morning i open gmail account in Internet Exlorer second tab. I checked my mail and closed that tab (not browser). Then at the time of evining i again open second tab of browser and enetr gmail.com, it automatically redirect me at my email account without asking login. I shocked and i thought i should remain browser open for whole night and today open gmail in second tab , it behave similar means without login screen it redirect in my gmail account. Then i closed that tab and open another browser session and enter gmail i again surprised that i redirect me login page. At the same time i open second tab of first browser and it automatically redirect me at mail account page. What i councluded by this behaviour is that might be gmail server keep my browser id at their server so that whenever i eneter gmail.com on second tab of first browser, it automatically redirect me at gmail account. I don't know i am right or not? Please clear me this concept? What happens with my session at gmail server when i closed my browser tab? As per my opinion it should automatically logout me but why this doesn't happened?

    Read the article

  • Signed_request lost in ASP.NET session, confusing my website

    - by Csabi
    I have an ASP.NET MVC 3 website which is available both from a specific public url, and I'm also making be available as a Facebook App. Inside my website logic, in some places I have to determine whether the current request is from the Facebook-app, or from the public website, because I want to display content based on this environment. So, for eg. if the user is using my site as a facebook-app, then I want to display a picture, and if the user is using my site normally, then I don't wanna display a picture. To determine whether I'm from a Facebook app, I check the "signed_request" in the HttpContext.Request, and store it in the HttpSession to be available for my other actions, not just for that action (url) which is defined for my Facebook app. So when a child-action is executed, I can determine based on the Session, that the website is used as a FB-app or not. The problem happens, when the Session times out, because then althought the logic is still running inside Facebook, my logic thinks it's not inside Facebook. Any advice?

    Read the article

  • Hibernate Session flush behaviour [ and Spring @Transactional ]

    - by EugeneP
    I use Spring and Hibernate in a web-app, SessionFactory is injected into a DAO bean, and then this DAO is used in a Servlet through webservicecontext. DAO methods are transactional, inside one of the methods I use ... getCurrentSession().save(myObject); One servlet calls this method with an object passed. The update seems to not be flushed at once, it takes about 5 seconds to see the changes in the database. The servlet's method in which that DAO's update method is called, takes a fraction of second to complete. After the @Transactional method of DAO is completed, flushing may NOT happen ? It does not seem to be a rule [ I already see it ]. Then the question is this: what to do to force the session to flush after every DAO method? It may not be a good thing to do, but talking about a Service layer, some methods must end with immediate flush, and Hibernate Session behavior is not predictable. So what to do to guarantee that my @Transactional method persists all the changes after the last line of that method code? getCurrentSession().flush() is the only solution? p.s. I read somewhere that @Transactional IS ASSOCIATED with a DB Transaction. Method returns, transaction must be committed. I do not see this happens.

    Read the article

  • Does PHP *have* to serialize/unserialize session data between each HTTP request? Or is there a sett

    - by Pete Alvin
    I think I understand why sessions are evil but for snappy client user experience I don't want to have to re-query the database on each HTTP request. (As a comparision, Java servlets can effortlessly keep tons of session objects in memory.) Can PHP be set to do this or does it have to serialize because it runs from CGI/FastCGI and therefore by definition is a new process each time a request comes in? I will be running PHP using LAMP.

    Read the article

  • Google Analytics setting cookies on static content despite being on entirely separate domain

    - by Donald Jenkins
    I recently decided to comply with the YSlow recommendation that static content is hosted on a cookieless domain. As I already use the root of my domain (donaldjenkins.com) to host my website—on which Google Analytics sets a few cookies—that meant I had to move the CNAME URL for the CDN serving the static files from cdn.donaldjenkins.com to an entirely separate, dedicated domain. I purchased cdn.dj (yes, it's a real Djibouti domain name), hosted the files on the root (which contains nothing else, other than a robots.txt file) and set a CNAME of e.cdn.dj for the CDN. This setup works, but I was rather surprised to find that YSlow was still flagging the static files for not being cookie-free: here's a screenshot: The cdn.djdomain was new, and was never used for anything other than hosting these static files. Running httpfox on the site shows the _utma and _utmz Google Analytics cookies are being set on the static files listed above—despite their being hosted on an entirely separate, dedicated domain. Here's my Google Analytics code: //Google Analytics tracking code var _gaq=[['_setAccount','UA-5245947-5'],['_trackPageview']]; (function(d,t){var g=d.createElement(t),s=d.getElementsByTagName(t)[0]; g.src=('https:'==location.protocol?'//ssl':'//www')+'.google-analytics.com/ga.js'; s.parentNode.insertBefore(g,s)}(document,'script')); // [END] Google Analytics tracking code I'm not obsessing about this issue—I know it's not really affecting server performance—but I'd like to just understand what is causing it not to go away...

    Read the article

  • ASP.NET Session or global variables?

    - by WtFudgE
    Hi, I am creating an ASP.NET page where I need a couple of variables which hold pathnames and a chosen language etc... Not that many, let's say about 5. Should I use session variables for this? Atm I'm using public static variables but I'm not sure if this is the right way to do this. Any thoughts? Thx

    Read the article

  • PHP session cookie sessionid

    - by msaif
    in PHP i used session and cookie not urlrewriting with PHPSESSID. but when i opened cookie then i saw the key value pair.but one of them is path : / what does path mean,can you explain elaborately. if i change the path value to /abc/cdddddddddd/efc then what does that mean?

    Read the article

  • session id in php

    - by rajanikant
    hi every one i am trying to echo session id i saw that each time refreshing the page it chang thats why i cant login . please any one suggest wht prob should be there

    Read the article

  • Why not use PHP's built-in session handling?

    - by Dougal
    Is there currently - or has there ever been - any serious or significant problem with PHP's built-in session handling? I mean, it's always worked for me and my projects. But I see some codebases and frameworks out there seem to use a custom handler. Is this reinventing the wheel? Or improving on some flaws? What flaws?

    Read the article

  • Storing Requested URL in Global.asax without Session State in ASP.NET

    - by Mark Richman
    I have a complex URL rewriting scheme which breaks the built in Forms Authentication ReturnUrl mechanism. I would like to grab the requested URL for later redirection away from my login.aspx. I can get this URL in Application_BeginRequest via HttpContext.Current.Request.AppRelativeCurrentExecutionFilePath. However, Session state is not available in Application_BeginRequest. How can I store this URL prior to ASP.NET redirecting me to login.aspx?

    Read the article

  • authentication and session in Java

    - by Sephy
    hi, I would like to know if it is possible to maintain an authentication (like a session with login and password in php) on a website from a java program, and if anyone had any lead on the subject or some reading for me, that would be great. thanks

    Read the article

  • Using Session in Silverlight using simple WebServices (NOT WCF)

    - by Syed
    Hi, I need to use Session variables in my Silverlight application ( Using Visual Studio 2008, and Silverlight 3). I am already using a webservice (not WCF service) and would like to know if I can add two methods say GetSessionVariable and SetSessionVariable in my existing WebService Class? Any assistance with sample code would be great! Regards and Thanks in advance, Nadeem.

    Read the article

  • Rails creating a new session every page view

    - by danhere
    Hi everyone, I'm following the Agile RoR book somewhat to apply it to a project for school. It's going good until I get to sessions. I continually get Authenticity Invalid Tokens and when I look at my sessions table in the database, there's a new session being created every time I refresh the page. Is that right or is something messed up? Thanks.

    Read the article

  • Using memcached as a session storage with CodeIgniter

    - by Alex N.
    I am researching possibilities of using memcached as a session storage for a system built on CodeIgniter. Has anybody done this before(that's probably a stupid question :) and if so what's your experience folks? Have you used any existing libraries/extensions? As far as performance improvement what have you seen? Any caveats?

    Read the article

< Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >