Search Results

Search found 10480 results on 420 pages for 'session cookies'.

Page 67/420 | < Previous Page | 63 64 65 66 67 68 69 70 71 72 73 74  | Next Page >

  • Session Fixation in ASP.NET

    - by AJM
    I'm wondering how to prevent Session fixation in ASP.NET My approach would to this would normally be to generate and issue a new session id whenever someone logs in. But is this level of control possible in ASP.NET land?

    Read the article

  • Lift session valid ajax callback from a static javascript

    - by ChrisJamesC
    I am currently implementing a graph visualisation tool using lift on the server side and d3 ( a javascript visualisation framework) for all the visualisation. The problem I have is that in the script I want to get session dependent data from the server. So basically, my objective is to write lift-valid ajax callbacks in a static js script. Here is what I tried so far: What I have tried so far If you feel that the best solution is one that I already tried feel free to post a detailed answer telling me how to use it exactly and how it completely solves my problem. REST interface Usually what one would do to get data from a javascript function in lift is to create a REST interface. However this interface will not be linked to any session. This is the solution I got from my previous question: Get json data in d3 from lift snippet Give function as argument of script Another solution would be to give the ajaxcallback as an argument of the main script called to generate my graph. However I expect to have a lot of callbacks and I don't want to have to mess with the arguments of my script. Write the ajax callback in another script using lift and call it from the main script This solution, which is similar to a hidden text input is probably the more likely to work. However it is not elegant and it would mean that I would have to load a lot of scripts on load, which is not really conveniant. Write the whole script in lift and then serve it to the client This solution can be elegant, however my script is very long and I would really prefer that it remainss static. What I want On client side While reviewing the source code of my webpage I found that the callback for an ajaxSelect is: <select onchange="liftAjax.lift_ajaxHandler('F966066257023LYKF4=' + encodeURIComponent(this.value), null, null, null)" name="F96606625703QXTSWU" id="node_delete" class="input"> Moreover, there is a variable containing the state of the page in the end of the webpage: var lift_page = "F96606625700QRXLDO"; So, I am wondering if it is possible to simulate that my ajaxcall is valid using this liftAjax.lift_ajaxHandler function. However I don't know the exact synthax to use. On server side Since I "forged" a request on client side, I would now like to get the request on client side and to dispatch it to the correct function. This is where the LiftRules.dispatch object seems the best solution: when it is called, all the session management has been made (the request is authentified and linked to a session), however I don't know how to write the correct piece of code in the append function. Remark In lift all names of variables are changed to a random string in order to increase the security, I would like to have the same behavior in my application even if that will probably mean that I will have to "give" the javascript these values. However an array of 15 string values is still a better tradeoff than 15 functions as argument of a javascript function.

    Read the article

  • how to use session in iphone programming?

    - by jaydp
    Hi Friends, I made an iphone story book application. Suppose any user read story book and at half of the story book he/she close the apps. when he/she want to read again this application at a time ask for continue or start again. This is possible by using session but i don't know how to use session in iphone sdk. So, please help me about this problem. Thanks!

    Read the article

  • Using curl_init in Zend Application is causing Session Error

    - by Gublooo
    Hey guys I'm getting this weird error in my Zend application with this piece of code: $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, 'www.xyz.com/ab.php'); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $data = curl_exec($curl); curl_close($curl); This is the error, I get: Fatal error: Uncaught exception 'Zend_Session_Exception' with message 'session has already been started by session.auto-start or session_start() When I remove that code everything works fine. Any idea ?? Thanks

    Read the article

  • CakePHP how to share session with Vbulletin

    - by meotimdihia
    how to put folder of vbulletin and modify .htaccess file in cake PHP in purpose use them in same session ? if it possible, plz help me by post the way to put the folder vbulletin in order request access from localhost/forum or localhost/app_name/forum? I am tried to install vbullentin in webroot and modify .htaccess. It can access from localhost/forum ( app cake can access from http://localhost ) but both couldnt share session .

    Read the article

  • Remove all user's cookies/sessions when password is reset

    - by Juraj
    I'm interested in improving security of my TurboGears 2.2 application so that when user changes his password, it logs him out from all sessions and he must login again. When user changes password on browser 1, he must relogin on browser 2, too. Experiments show that this is not the case, especially if browser 2 had "remember me" enabled. It's standard quickstarted app using repoze.who. It seems maybe I need to change AuthTktCookiePlugin, but don't see a way to do it without much rewiring.

    Read the article

  • Troubles with a PHP session variable after form submission

    - by Psyche
    Hello, I'm setting a PHP session variable with a success message for a HTML form that I'm submitting. If there are no form errors, I redirect to the same page (using header()) and display the message from the session variable. Everything is fine until here, but if I access that page again after submission, the message is still there. Is it possible to make it appear only when I redirect after a successful submit? Thank you.

    Read the article

  • JBoss 5.1.0 (JSF/Seam) cookies blowing up with accented characters

    - by user283680
    I cannot see this behavior in JBoss 4.2.3. If I try to call addCookie() on HttpServletResponse and my cookie value has accented characters in it (ex. ç) I get this exception: java.lang.IllegalArgumentException: Control character in cookie value, consider BASE64 encoding your value Does anyone know what change in JBoss 5.1.0 could be causing these problems?

    Read the article

  • Can Apache configuration check cookies?

    - by nickf
    My situation: We have a mobile version of our website, and want to start redirecting mobile users to it. The plan is to do this in Apache httpd.conf or .htaccess, using something like this: RewriteEngine On RewriteCond %{HTTP_USER_AGENT} (iPhone|Blackberry|...) RewriteRule (.*) mobile/$1 However we want there to be a way for users to override our default action of redirecting them. One way we thought to do it was to show a link on the mobile site directing back to the regular site, and store a cookie when they use that link. Could the Apache configuration file check a cookie before redirecting? Is there a better way?

    Read the article

  • php symantics of setting cookies and redirecting without getting header error

    - by salmane
    I would like to do the following in php : setcookie('name', $value, $Cookie_Expiration,'/'); then some action header("location:http://www.example.com") the problem is that I get : warning: Cannot modify header information - headers already sent by (...etc ) could you please let me know what i am doing wrong and if there is a way to do this? by the way , this code is before any output is made ...the cookie setting part works fine on its own and so does the redirection code....the combination fails thank you

    Read the article

  • Building Extensions Using E-Business Suite SDK for Java

    - by Sara Woodhull
    We’ve just released Version 2.0.1 of Oracle E-Business Suite SDK for Java.  This new version has several great enhancements added after I wrote about the first version of the SDK in 2010.  In addition to the AppsDataSource and Java Authentication and Authorization Service (JAAS) features that are in the first version, the Oracle E-Business Suite SDK for Java now provides: Session management APIs, so you can share session information with Oracle E-Business Suite Setup script for UNIX/Linux for AppsDataSource and JAAS on Oracle WebLogic Server APIs for Message Dictionary, User Profiles, and NLS Javadoc for the APIs (included with the patch) Enhanced documentation included with Note 974949.1 These features can be used with either Release 11i or Release 12.  References AppsDataSource, Java Authentication and Authorization Service, and Utilities for Oracle E-Business Suite (Note 974949.1) FAQ for Integration of Oracle E-Business Suite and Oracle Application Development Framework (ADF) Applications (Doc ID 1296491.1) What's new in those references? Note 974949.1 is the place to look for the latest information as we come out with new versions of the SDK.  The patch number changes for each release.  Version 2.0.1 is contained in Patch 13882058, which is for both Release 11i and Release 12.  Note 974949.1 includes the following topics: Applying the latest patch Using Oracle E-Business Suite Data Sources Oracle E-Business Suite Implementation of Java Authentication and Authorization Service (JAAS) Utilities Error loggingSession management  Message Dictionary User profiles Navigation to External Applications Java EE Session Management Tutorial For those of you using the SDK with Oracle ADF, besides some Oracle ADF-specific documentation in Note 974949.1, we also updated the ADF Integration FAQ as well. EBS SDK for Java Use Cases The uses of the Oracle E-Business Suite SDK for Java fall into two general scenarios for integrating external applications with Oracle E-Business Suite: Application sharing a session with Oracle E-Business Suite Independent application (not shared session) With an independent application, the external application accesses Oracle E-Business  Suite data and server-side APIs, but it has a completely separate user interface. The external application may also launch pages from the Oracle E-Business Suite home page, but after the initial launch there is no further communication with the Oracle E-Business Suite user interface. Shared session integration means that the external application uses an Oracle E-Business Suite session (ICX session), shares session context information with Oracle E-Business Suite, and accesses Oracle E-Business Suite data. The external application may also launch pages from the Oracle E-Business Suite home page, or regions or pages from the external application may be embedded as regions within Oracle Application Framework pages. Both shared session applications and independent applications use the AppsDataSource feature of the Oracle E-Business Suite SDK for Java. Independent applications may also use the Java Authentication and Authorization (JAAS) and logging features of the SDK. Applications that are sharing the Oracle E-Business Suite session use the session management feature (instead of the JAAS feature), and they may also use the logging, profiles, and Message Dictionary features of the SDK.  The session management APIs allow you to create, retrieve, validate and cancel an Oracle E-Business Suite session (ICX session) from your external application.  Session information and context can travel back and forth between Oracle E-Business Suite and your application, allowing you to share session context information across applications. Note: Generally you would use the Java Authentication and Authorization (JAAS) feature of the SDK or the session management feature, but not both together. Send us your feedback Since the Oracle E-Business Suite SDK for Java is still pretty new, we’d like to know about who is using it and what you are trying to do with it.  We’d like to get this type of information: customer name and brief use case configuration and technologies (Oracle WebLogic Server or OC4J, plain Java, ADF, SOA Suite, and so on) project status (proof of concept, development, production) any other feedback you have about the SDK You can send me your feedback directly at Sara dot Woodhull at Oracle dot com, or you can leave it in the comments below.  Please keep in mind that we cannot answer support questions, so if you are having specific issues, please log a service request with Oracle Support. Happy coding! Related Articles New Whitepaper: Extending E-Business Suite 12.1.3 using Oracle Application Express To Customize or Not to Customize? New Whitepaper: Upgrading your Customizations to Oracle E-Business Suite Release 12 ATG Live Webcast: Upgrading your EBS 11i Customizations to Release 12

    Read the article

  • JBoss7 load balancing with mod_proxy_balancer - session not working

    - by Phil P.
    I am trying to set up mod_proxy_balancer for routing requests to 2 jboss7-servers. For the time being I am testing this setup on my local machine, using following config in httpd.conf: ProxyRequests Off <Proxy \*> Order deny,allow Deny from all </Proxy> ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid scolonpathdelim=On <Proxy balancer://mycluster> BalancerMember http://localhost:8080 route=node1 BalancerMember http://localhost:8081 route=node2 Order allow,deny Allow from all </Proxy> and in the standalone.xml file of each jboss I have defined the jvmRoute system property: <system-properties> <property name="jvmRoute" value="node1"/> </system-properties> At http:// localhost/myapp the application is accessible but the java-session is not build up correctly. Consequently the authentication is not working. The funny thing is, that everything is working if I turn off one JBoss-instance. As I have tried a couple of settings already, I am thankful for any further suggestions.

    Read the article

  • Install IIS on Server 2003 unattended via PowerShell as a service user (no terminal session)

    - by maik
    I've been racking my brain with this for a bit and figured I would ask here to see if anyone could enlighten me. As the title says, I'm trying to install the IIS role on Server 2003 using an unattended install method launched via a service. We're using RightScale and most of what we want to accomplish is pretty straightforward. I created an unattend file for use with sysocmgr.exe: [Components] iis_common = ON iis_www = ON iis_www_vdir_scripts = ON iis_inetmgr = ON fp_extensions = ON iis_ftp = ON And I invoke it like so: sysocmgr.exe /i:%windir%\inf\sysoc.inf /u:C:\path\to\iis-unattend.txt /r /x /q If I run that from a command prompt while logged in as Administrator it works just fine, but if it runs via RightScript (the RightScale user on the server, which is a local admin) it fails somewhere in the middle and the logs I get are rather unhelpful. The thing is I can do this same thing with the SNMP Client (which is a Windows component, not a server role) and it works with no problems while run via the script service user. My best guess is that sysocmgr.exe is expecting a GUI element to be there during the role installation and since the service user has no terminal session it coughs and dies. That's just a wild stab in the dark.

    Read the article

  • Windows Remote Desktop: "configuring remote session" closes without error

    - by icelava
    I have a desktop/laptop pair at home operating x64 Windows 7 (the desktop was upgraded from Windows Vista, works just fine). I remote desktop to them on a daily basis when outside. In recent weeks, I would occasionally fail to connect to my desktop. It can connect and authenticate fine, but the "configuring remote session" dialog would simply close and not show me the desktop window or any error message. There is no error event log relating to this on the desktop computer. Some suggestions call for disabling remote audio, which mine already is, but trying different audio modes did not yield any different result. I am not too sure if this is related to video card drivers (they do get auto-updated), since remote desktop video is supposed to steer via a virtual device driver? Nonetheless the desktop operates three monitors via an ATI Radeon HD5770 (1 Displayport, 2 DVI). I do not see a real problem with that since I can mostly connect and operate it remotely. I try to "remote tunnel" via my home laptop but obviously won't work either as the problem lies in the desktop. What other conditions can cause remote desktop to break without error? UPDATE I came home and still couldn't connect to the desktop until I restarted the entire system.

    Read the article

  • Outlook locking network connection/session?

    - by HaydnWVN
    Scenario: We have an 'automatic orders' machine sat in the corner running XP with Outlook 2003. Its job is to check for new emails on a specific account, when it encounters one it checks the e-mail body for specific wording to determine which customer it is from (using a macro), then it checks the attachment for specific order codes before parsing the attachment to create a .csv file (which is then e-mailed onto one of the sales team) before importing the .csv into our bespoke ERP/Sales Order system to create an order. Problem: Periodically the machine will have symptoms of a lost network connection (unable to connect to any network source). Sometimes after several days, sometimes over a week. Volume of emails/orders processed does not seem to be linked. Additional info: The machines .pst is stored on a mapped network location. The .csv created is stored on a mapped network location. This is a workgroup, not a domain. All network drives are Samba shares from an Ubuntu fileserver. Our bespoke system runs from a database (MySQL) Ubuntu server. Our troubleshooting so far: I have switched machines (previous was Win2000) with the same symptoms. Restarting the machine FIXES the problem. Closing Outlook and then end tasking an Outlook.exe background process FIXES the problem. If you close Outlook, without end taking the background process, outlook will not reopen (saying it cannot find the pst file & it will not open any network location). Does Outlook have some kind of 'max session' linking it to network activity that is not closing after a mail request? Could Auto-archive be causing this? Is there a tool to check/display what each outlook.exe process is doing? Have not found many ways to troubleshoot this yet, as it is so infrequent...

    Read the article

  • ESXi 5 VM Putty session hangs, vSphere client timing out

    - by user192702
    First of all I believe this is a ESXi issue but let me know if you have seen this. It started about a year ago when I noticed occasionally when I putty via SSH to my VM guests, if I do anything that makes it to display a lot of things at once, the session will hang and I have to start a new one quite often only to find the same behaviour. What I meant by display a lot of things can be any of the following: 1) tail -f filename 2) Paste a long command 3) less filename If I type in one character at a time this won't happen. I tried searching online and it always point me to flow control settings and the various suggestions I've tried have never been able to resolve the issue. Since last week, I've noticed I'm not able to connect to my POP3 server from Outlook (it's timing out from Outlook's perspective). Today I tried to connect to the ESXi via vSphere client and it gives me a time out also. Exact behavior and error I saw is similar to the one posted at the following URL but the suggested technique also failed to resolve the issue. http://davidcocke.blogspot.hk/2012/02/unable-to-login-with-vsphere-client.html Has anyone experienced this before? Any suggestions on how to troubleshoot this?

    Read the article

  • PHP on several servers with session-sharing

    - by Etu
    there's certanly other threads about this, but I have one more question. We are about to scale the website at work to have more than one server. And we need to share the sessions between the servers. We have been looking into different solutions, one in memcached and use Memcached as sessionhandler in PHP. That will probably work. And the idea would be to run memcached on every machine and let all webservers access all other servers memcached servers, and then we have shared sessions between the machines, yay. (we have no resources to setup with sticky-sessions yet, that's a later project. we need this running, and we need this running now. and we will loadbalance with DNS for a starter) But then... If I want to take one server down, say, for maintenance, or a server crashes, or whatever reason. I don't want the users to just loose their sessions and have to start from the beginning... That's why we need some kind of replication, which Memcached does not support. Then I found http://repcached.lab.klab.org/ -- which has multi-master replication of memcached, which is great, and is what I want. But does it work with 2 machines? Say 3, 5, 10? For future scaling. I also looked into redishttp://redis.io/ -- which also seems great, but is a bit more "shaky" with the php-session-handler support, and no multi-master-replication. The thing is that I like to use memcached, but I want to be able to power down one of two boxes without loosing half of the sessions. Any suggestions?

    Read the article

  • Cannot start session without errors in phpMyAdmin running Nginx with PHP-FPM

    - by Infinity
    Whenever I open phpMyAdmin from my VPS I get the following error: Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly. I have researched it, but cant seem to find a solution, I have done the following: Cleared cache and cookies Checked the php.ini (see below) Checked the logs (found nothing relevant) Given the correct permissions. [by sudo chown -R root:nginx /home/humza/pma] I am running Nginx with PHP-FPM, I have php-mysql and all that working fine but I can't get phpMyAdmin to work. I downloaded it off phpMyAdmin's website and extracted it, that's all. http://pastebin.com/raw.php?i=6n57cW8H - my php.ini sessions bit http://pastebin.com/raw.php?i=VaNP2TLi - my whole php.ini None of my logs have anything relevant. My error logs have other PHP errors but not this one and my access logs don't have anything either. I have checked my nginx logs and my PHP-FPM logs. I tried installing phpMyAdmin via yum and got a whole lot of dependency errors. [root@infinity ~]# yum install phpmyadmin Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package phpMyAdmin.noarch 0:2.11.11.3-1.el5 set to be updated --> Processing Dependency: php-mcrypt >= 4.1.0 for package: phpMyAdmin --> Processing Dependency: php >= 4.1.0 for package: phpMyAdmin --> Processing Dependency: php-mbstring >= 4.1.0 for package: phpMyAdmin --> Running transaction check ---> Package php.i386 0:5.1.6-27.el5_5.3 set to be updated --> Processing Dependency: php-common = 5.1.6-27.el5_5.3 for package: php --> Processing Dependency: php-cli = 5.1.6-27.el5_5.3 for package: php ---> Package php-mbstring.i386 0:5.1.6-27.el5_5.3 set to be updated --> Processing Dependency: php-common = 5.1.6-27.el5_5.3 for package: php-mbstring ---> Package php-mcrypt.i386 0:5.1.6-15.el5.centos.1 set to be updated --> Processing Dependency: php-api = 20041225 for package: php-mcrypt --> Running transaction check ---> Package php.i386 0:5.1.6-27.el5_5.3 set to be updated --> Processing Dependency: php-common = 5.1.6-27.el5_5.3 for package: php ---> Package php-cli.i386 0:5.1.6-27.el5_5.3 set to be updated --> Processing Dependency: php-common = 5.1.6-27.el5_5.3 for package: php-cli ---> Package php-mbstring.i386 0:5.1.6-27.el5_5.3 set to be updated --> Processing Dependency: php-common = 5.1.6-27.el5_5.3 for package: php-mbstring ---> Package php-mcrypt.i386 0:5.1.6-15.el5.centos.1 set to be updated --> Processing Dependency: php-api = 20041225 for package: php-mcrypt --> Finished Dependency Resolution php-5.1.6-27.el5_5.3.i386 from base has depsolving problems --> Missing Dependency: php-common = 5.1.6-27.el5_5.3 is needed by package php-5.1.6-27.el5_5.3.i386 (base) php-cli-5.1.6-27.el5_5.3.i386 from base has depsolving problems --> Missing Dependency: php-common = 5.1.6-27.el5_5.3 is needed by package php-cli-5.1.6-27.el5_5.3.i386 (base) php-mbstring-5.1.6-27.el5_5.3.i386 from base has depsolving problems --> Missing Dependency: php-common = 5.1.6-27.el5_5.3 is needed by package php-mbstring-5.1.6-27.el5_5.3.i386 (base) php-mcrypt-5.1.6-15.el5.centos.1.i386 from extras has depsolving problems --> Missing Dependency: php-api = 20041225 is needed by package php-mcrypt-5.1.6-15.el5.centos.1.i386 (extras) Error: Missing Dependency: php-api = 20041225 is needed by package php-mcrypt-5.1.6-15.el5.centos.1.i386 (extras) Error: Missing Dependency: php-common = 5.1.6-27.el5_5.3 is needed by package php-cli-5.1.6-27.el5_5.3.i386 (base) Error: Missing Dependency: php-common = 5.1.6-27.el5_5.3 is needed by package php-5.1.6-27.el5_5.3.i386 (base) Error: Missing Dependency: php-common = 5.1.6-27.el5_5.3 is needed by package php-mbstring-5.1.6-27.el5_5.3.i386 (base) You could try using --skip-broken to work around the problem You could try running: package-cleanup --problems package-cleanup --dupes rpm -Va --nofiles --nodigest The program package-cleanup is found in the yum-utils package. [root@infinity ~]# Any ideas?

    Read the article

  • Sharing the same `ssh-agent` among multiple login sessions

    - by intuited
    Is there a convenient way to ensure that all logins from a given user (ie me) use the same ssh-agent? I hacked out a script to make this work most of the time, but I suspected all along that there was some way to do it that I had just missed. Additionally, since that time there have been amazing advances in computing technology, like for example this website. So the goal here is that whenever I log in to the box, regardless of whether it's via SSH, or in a graphical session started from gdm/kdm/etc, or at a console: if my username does not currently have an ssh-agent running, one is started, the environment variables exported, and ssh-add called. otherwise, the existing agent's coordinates are exported in the login session's environment variables. This facility is especially valuable when the box in question is used as a relay point when sshing into a third box. In this case it avoids having to type in the private key's passphrase every time you ssh in and then want to, for example, do git push or something. The script given below does this mostly reliably, although it botched recently when X crashed and I then started another graphical session. There might have been other screwiness going on in that instance. Here's my bad-is-good script. I source this from my .bashrc. # ssh-agent-procure.bash # v0.6.4 # ensures that all shells sourcing this file in profile/rc scripts use the same ssh-agent. # copyright me, now; licensed under the DWTFYWT license. mkdir -p "$HOME/etc/ssh"; function ssh-procure-launch-agent { eval `ssh-agent -s -a ~/etc/ssh/ssh-agent-socket`; ssh-add; } if [ ! $SSH_AGENT_PID ]; then if [ -e ~/etc/ssh/ssh-agent-socket ] ; then SSH_AGENT_PID=`ps -fC ssh-agent |grep 'etc/ssh/ssh-agent-socket' |sed -r 's/^\S+\s+(\S+).*$/\1/'`; if [[ $SSH_AGENT_PID =~ [0-9]+ ]]; then # in this case the agent has already been launched and we are just attaching to it. ##++ It should check that this pid is actually active & belongs to an ssh instance export SSH_AGENT_PID; SSH_AUTH_SOCK=~/etc/ssh/ssh-agent-socket; export SSH_AUTH_SOCK; else # in this case there is no agent running, so the socket file is left over from a graceless agent termination. rm ~/etc/ssh/ssh-agent-socket; ssh-procure-launch-agent; fi; else ssh-procure-launch-agent; fi; fi; Please tell me there's a better way to do this. Also please don't nitpick the inconsistencies/gaffes ( eg putting var stuff in etc ); I wrote this a while ago and have since learned many things.

    Read the article

  • Lazy loading of child throwing session error

    - by Thomas Buckley
    I'm the following error when calling purchaseService.updatePurchase(purchase) inside my TagController: SEVERE: Servlet.service() for servlet [PurchaseAPIServer] in context with path [/PurchaseAPIServer] threw exception [Request processing failed; nested exception is org.hibernate.LazyInitializationException: failed to lazily initialize a collection of role: com.app.model.Purchase.tags, no session or session was closed] with root cause org.hibernate.LazyInitializationException: failed to lazily initialize a collection of role: com.app.model.Purchase.tags, no session or session was closed at org.hibernate.collection.AbstractPersistentCollection.throwLazyInitializationException(AbstractPersistentCollection.java:383) at org.hibernate.collection.AbstractPersistentCollection.throwLazyInitializationExceptionIfNotConnected(AbstractPersistentCollection.java:375) at org.hibernate.collection.AbstractPersistentCollection.initialize(AbstractPersistentCollection.java:368) at org.hibernate.collection.PersistentSet.add(PersistentSet.java:212) at com.app.model.Purchase.addTags(Purchase.java:207) at com.app.controller.TagController.createAll(TagController.java:79) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.web.method.support.InvocableHandlerMethod.invoke(InvocableHandlerMethod.java:212) at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:126) at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:96) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:617) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:578) at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:80) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:900) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:827) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:789) at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:565) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:309) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662) TagController: @RequestMapping(value = "purchases/{purchaseId}/tags", method = RequestMethod.POST, params = "manyTags") @ResponseStatus(HttpStatus.CREATED) public void createAll(@PathVariable("purchaseId") final Long purchaseId, @RequestBody final Tag[] entities) { Purchase purchase = purchaseService.getById(purchaseId); Set<Tag> tags = new HashSet<Tag>(Arrays.asList(entities)); purchase.addTags(tags); purchaseService.updatePurchase(purchase); } Purchase: @Entity @XmlRootElement public class Purchase implements Serializable { /** * */ private static final long serialVersionUID = 6603477834338392140L; @Id @GeneratedValue(strategy = GenerationType.AUTO) private Long id; @OneToMany(mappedBy = "purchase", fetch = FetchType.LAZY, cascade={CascadeType.ALL}) private Set<Tag> tags; @JsonIgnore public Set<Tag> getTags() { if (tags == null) { tags = new LinkedHashSet<Tag>(); } return tags; } public void setTags(Set<Tag> tags) { this.tags = tags; } ... } Tag: @Entity @XmlRootElement public class Tag implements Serializable { /** * */ private static final long serialVersionUID = 5165922776051697002L; @Id @GeneratedValue(strategy = GenerationType.AUTO) private Long id; @ManyToOne(fetch = FetchType.LAZY) @JoinColumns({@JoinColumn(name = "PURCHASEID", referencedColumnName = "ID")}) private Purchase purchase; @JsonIgnore public Purchase getPurchase() { return purchase; } public void setPurchase(Purchase purchase) { this.purchase = purchase; } } PurchaseService: @Service public class PurchaseService implements IPurchaseService { @Autowired private IPurchaseDAO purchaseDAO; public PurchaseService() { } @Transactional public List<Purchase> getAll() { return purchaseDAO.findAll(); } @Transactional public Purchase getById(Long id) { return purchaseDAO.findOne(id); } @Transactional public void addPurchase(Purchase purchase) { purchaseDAO.save(purchase); } @Transactional public void updatePurchase(Purchase purchase) { purchaseDAO.update(purchase); } } TagService: @Service public class TagService implements ITagService { @Autowired private ITagDAO tagDAO; public TagService() { } @Transactional public List<Tag> getAll() { return tagDAO.findAll(); } @Transactional public Tag getById(Long id) { return tagDAO.findOne(id); } @Transactional public void addTag(Tag tag) { tagDAO.save(tag); } @Transactional public void updateTag(Tag tag) { tagDAO.update(tag); } } Any ideas on how I can fix this? (I want to avoid using EAGER loading). Do I need to setup some form of session management for transactions? Thanks

    Read the article

  • Session caching problem

    - by Levani
    I have a strange problem with php sessions. I use them for authorization on my site. I store two variables - currently logged in user's id and username in session. When I log in with one username, than log out and log in again with another username the previous user's id is returned using the session variable instead of the current user. The most strange thing is that this happens only when it comes to insert some data into database. When I directly echo this variable the correct id is displayed, but when I insert new record into database this variable sends incorrect id. Here is the php code I use for sending data into database: <?php session_start(); //connect database require_once 'dbc.php'; $authorID = $_SESSION['user_id']; if ( $authorID != 0 ) { $content = htmlentities($_POST["answ_content"],ENT_COMPAT,'UTF-8'); $dro = date('Y-m-d H:i:s'); $qID = $_POST["question_ID"]; $author = 'avtori'; $sql="INSERT INTO comments (comment_ID, comment_post_ID, comment_author, comment_date, comment_content, user_id) VALUES (NULL, '$qID', '$author', '$dro', '$content', '$authorID')"; $result = mysql_query($sql); } else { echo 'error'; } ?> Can anyone please help? Here is the logout function: function logout() { global $db; session_start(); if(isset($_SESSION['user_id']) || isset($_COOKIE['user_id'])) { mysql_query("update `users` set `ckey`= '', `ctime`= '' where `id`='$_SESSION[user_id]' OR `id` = '$_COOKIE[user_id]'") or die(mysql_error()); } /************ Delete the sessions****************/ unset($_SESSION['user_id']); unset($_SESSION['user_name']); unset($_SESSION['user_level']); unset($_SESSION['HTTP_USER_AGENT']); session_unset(); session_destroy(); /* Delete the cookies*******************/ setcookie("user_id", '', time()-60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_name", '', time()-60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_key", '', time()-60*60*24*COOKIE_TIME_OUT, "/"); header("Location: index.php"); } Here is the authentication script: include 'dbc.php'; $err = array(); foreach($_GET as $key => $value) { $get[$key] = filter($value); //get variables are filtered. } if ($_POST['doLogin']=='Login') { foreach($_POST as $key => $value) { $data[$key] = filter($value); // post variables are filtered } $user_email = $data['usr_email']; $pass = $data['pwd']; if (strpos($user_email,'@') === false) { $user_cond = "user_name='$user_email'"; } else { $user_cond = "user_email='$user_email'"; } $result = mysql_query("SELECT `id`,`pwd`,`full_name`,`approved`,`user_level` FROM users WHERE $user_cond AND `banned` = '0' ") or die (mysql_error()); $num = mysql_num_rows($result); // Match row found with more than 1 results - the user is authenticated. if ( $num > 0 ) { list($id,$pwd,$full_name,$approved,$user_level) = mysql_fetch_row($result); if(!$approved) { //$msg = urlencode("Account not activated. Please check your email for activation code"); $err[] = "Account not activated. Please check your email for activation code"; //header("Location: login.php?msg=$msg"); //exit(); } //check against salt if ($pwd === PwdHash($pass,substr($pwd,0,9))) { // this sets session and logs user in session_start(); session_regenerate_id (true); //prevent against session fixation attacks. // this sets variables in the session $_SESSION['user_id']= $id; $_SESSION['user_name'] = $full_name; $_SESSION['user_level'] = $user_level; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); //update the timestamp and key for cookie $stamp = time(); $ckey = GenKey(); mysql_query("update users set `ctime`='$stamp', `ckey` = '$ckey' where id='$id'") or die(mysql_error()); //set a cookie if(isset($_POST['remember'])){ setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_key", sha1($ckey), time()+60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_name",$_SESSION['user_name'], time()+60*60*24*COOKIE_TIME_OUT, "/"); } if(empty($err)){ header("Location: myaccount.php"); } } else { //$msg = urlencode("Invalid Login. Please try again with correct user email and password. "); $err[] = "Invalid Login. Please try again with correct user email and password."; //header("Location: login.php?msg=$msg"); } } else { $err[] = "Error - Invalid login. No such user exists"; } }

    Read the article

< Previous Page | 63 64 65 66 67 68 69 70 71 72 73 74  | Next Page >