Search Results

Search found 9490 results on 380 pages for 'session hijacking'.

Page 74/380 | < Previous Page | 70 71 72 73 74 75 76 77 78 79 80 81  | Next Page >

  • Adding keys to superglobals in php

    - by gautam kumar
    Is there any way by which I can add keys to superglobals in php without defining the corresponding values to those key? For example: $_SESSION['key']='set';//key` automatically gets defined. But I want to do something like this add_key($_SESSION,'key')//key is added to $_SESSION array. Is it possible?

    Read the article

  • How to refresh site if $_SESSION variable has changed

    - by 4ndro1d
    I'm writing in my $_SESSION variable from a database, when i clicked a link. public function getProjectById($id){ $query="SELECT * FROM projects WHERE id=\"$id\""; $result=mysql_query($query); $num=mysql_numrows($result); while ($row = mysql_fetch_object($result)) { $_SESSION['projectid'] = $row->id; $_SESSION['projecttitle'] = $row->title; $_SESSION['projectinfo'] = $row->info; $_SESSION['projecttext'] = $row->text; $_SESSION['projectcategory'] = $row->category; } } Now my variable is overwritten and I want to show these variables in my index.php like this: <div id="textContent"> <?php if(isset($_SESSION['projecttext']) && !empty($_SESSION['projecttext'])) { echo $_SESSION['projecttext']; }else { echo 'No text'; } ?></div> But of course, my page will not refresh automatically. How can I do that?

    Read the article

  • Connection: Keep-Alive and PHP sessions not working

    - by user366667
    We have a VB application that needs to run an specific flow on a PHP page. This application was correctly catching the PHPSESSID cookie and using it for all subsequent requests. However, PHP wasn't able to restore any changes made on $_SESSION variable. The variable was changed, saved, and on the next request it was restored as an empty array. We found out that changing the Connection header from "Keep-Alive" to "Close" fixed the issue. I couldn't find anything on the web saying that PHP sessions shouldn't be restored under Keep-Alive connections. Does anyone know why this was happening? PS: We didn't find anything weird or different on Apache, ModSecurity or PHP configuration settings.

    Read the article

  • CF Client Variables: is the CDATA - CGLOBAL relationship always 1:1?

    - by ciaranarcher
    Hi We've noticed something odd with our Coldfusion 8 client variables DB. We have many more (about 3 times as many) CGlobal entries as we have CData entries. I would have assumed that the relationship would be 1:1 on the cfid column. Has any one else noticed this before? I have ruled out old data, my sample is less than 3 hours old. We're using SQL Server 2000 to host the tables. Thanks in advance, Ciaran

    Read the article

  • php variable persistance

    - by Illes Peter
    I have two files: index.php /lib/user.php Index contains the form: <div class="<? echo $msgclass; ?>"> <? echo $msg; ?> </div> <form id="signin" action="/lib/user.php" method="post"> ... </form> User.php makes all the processing. It sets $msg to 'some error message' and $msgalert to 'error' in case of any error. At the end of processing it uses header() to redirect to index.php But after redirection $msg and $msgalert no longer persist and index only gets empty vars. How can i fix this?

    Read the article

  • Put objects which are decorated with [DataContract] into a StateServer?

    - by Dave
    Is there anyway to stick objects which are decorated with DataContract attributes but not decorated with Serializable attributes in to a SqlServer StateServer? In other words, I would prefer not having to decorate these objects with the Serializable attribute as I will also have to implement IXmlSerizable on all of these objects because they do not have empty contstructors, and non-public setters for properties.

    Read the article

  • log in and send sms with java

    - by noobed
    I'm trying to log into a site and afterwards to send a SMS (you can do that for free by the site - it's nothing more than just enter some text into some fields and 'submit'). I've used wireshark to track some of the post/get requests that my machine has been exchanging with the server - when using the browser. I'd like to paste some of my Java code: URL url; String urlP = "maccount=myRawUserName7&" + "mpassword=myRawPassword&" + "redirect_http=http&" + "submit=........"; String urlParameters = URLEncoder.encode(urlP, "CP1251"); HttpURLConnection connection = null; // Create connection url = new URL("http://www.mtel.bg/1/mm/smscenter/mc/sendsms/ma/index/mo/1"); connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("POST"); //I'm not really sure if these RequestProperties are necessary //so I'll leave them as a comment // connection.setRequestProperty("Content-Type", // "application/x-www-form-urlencoded"); // connection.setRequestProperty("Accept-Charset", "CP1251"); // connection.setRequestProperty("Content-Length", // "" + Integer.toString(urlParameters.getBytes().length)); // connection.setRequestProperty("Content-Language", "en-US"); connection.setUseCaches(false); connection.setDoInput(true); connection.setDoOutput(true); // Send request DataOutputStream wr = new DataOutputStream( connection.getOutputStream()); wr.writeBytes(urlParameters); wr.flush(); wr.close(); String headerName[] = new String[10]; int count = 0; for (int i = 1; (headerName[count] = connection.getHeaderFieldKey(i)) != null; i++) { if (headerName[count].equals("Set-Cookie")) { headerName[count++] = connection.getHeaderField(i); } } //I'm not sure if I have to close the connection here or not if (connection != null) { connection.disconnect(); } //the code above should be the login part //----------------------------------------- //this is copy-pasted from wireshark's info. String smsParam="from=men&" + "sender=0&" + "msisdn=359886737498&" + "tophone=0&" + "smstext=tova+e+proba%21+1.&" + "id=&" + "sendaction=&" + "direction=&" + "msgLen=84"; url = new URL("http://www.mtel.bg/moyat-profil-sms-tsentar_3004/" + "mm/smscenter/mc/sendsms/ma/index"); connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("POST"); connection.setRequestProperty("Cookie", headerName[0]); connection.setRequestProperty("Cookie", headerName[1]); //conn urlParameters = URLEncoder.encode(urlP, "CP1251"); connection.setUseCaches(false); connection.setDoInput(true); connection.setDoOutput(true); wr = new DataOutputStream( connection.getOutputStream()); wr.writeBytes(urlParameters); wr.flush(); wr.close(); //I'm not rly sure what exactly to do with this response. // Get Response InputStream is = connection.getInputStream(); BufferedReader rd = new BufferedReader(new InputStreamReader(is, "CP1251")); String line; StringBuffer response = new StringBuffer(); while ((line = rd.readLine()) != null) { response.append(line); response.append('\r'); } rd.close(); System.out.println(response.toString()); if (connection != null) { connection.disconnect(); } so that's my code so far. When I execute it ... I don't receive any text on my phone - so it clearly doesn't work as supposed to. I would appreciate any guidance or remarks. Is my cookie handling wrong? Is my login method wrong? Do I pass the right URLs. Do I encode and send the parameter string correctly? Is there any addition valuable data from these POSTs I should take? P.S. just in any case let me tell you that the username and password is not real. For security reasons I don't want to give valid ones. (I think this is appropriate approach) Here are the POST requests: POST /1/mm/auth/mc/auth/ma/index/mo/1 HTTP/1.1 Host: www.mtel.bg User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mtel.bg/1/mm/smscenter/mc/sendsms/ma/index/mo/1 Cookie: __utma=209782857.541729286.1349267381.1349270269.1349274374.3; __utmc=209782857; __utmz=209782857.1349267381.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __atuvc=28%7C40; PHPSESSID=q0mage2usmv34slcv3dmd6t057; __utmb=209782857.3.10.1349274374 Content-Type: multipart/form-data; boundary=---------------------------151901450223722 Content-Length: 475 -----------------------------151901450223722 Content-Disposition: form-data; name="maccount" myRawUserName -----------------------------151901450223722 Content-Disposition: form-data; name="mpassword" myRawPassword -----------------------------151901450223722 Content-Disposition: form-data; name="redirect_https" http -----------------------------151901450223722 Content-Disposition: form-data; name="submit" ........ -----------------------------151901450223722-- HTTP/1.1 302 Found Server: nginx Date: Wed, 03 Oct 2012 14:26:40 GMT Content-Type: text/html; charset=Utf-8 Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: /moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/index Content-Length: 0 The above text is vied with wireshark's follow tcp stream when pressing the log in button. POST /moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/index HTTP/1.1 *same as the above ones* Referer: http://www.mtel.bg/moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/index Cookie: __utma=209782857.541729286.1349267381.1349270269.1349274374.3; __utmc=209782857; __utmz=209782857.1349267381.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __atuvc=29%7C40; PHPSESSID=q0mage2usmv34slcv3dmd6t057; __utmb=209782857.4.10.1349274374 Content-Type: application/x-www-form-urlencoded Content-Length: 147 from=men&sender=0&msisdn=35988888888&tophone=0&smstext=this+is+some+FREE+SMS+text%21+100+char+per+sms+only%21&id=&sendaction=&direction=&msgLen=50 HTTP/1.1 302 Found Server: nginx Date: Wed, 03 Oct 2012 14:31:38 GMT Content-Type: text/html; charset=Utf-8 Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: /moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/success/s/1 Content-Length: 0 The above text is when you press the send button.

    Read the article

  • Accessing HttpApplication.Application variables from a class

    - by Young Ninja
    I set up various global parameters in Global.asax, as such: Application["PagePolicies"] = "~/Lab/Policies.aspx"; Application["PageShare"] = "/Share.aspx"; Application["FileSearchQueries"] = Server.MapPath("~/Resources/SearchQueries.xml"); ... I have no problem accessing these variables form .ascx.cs or .aspx.cs file -- ie. files that are part of the Web content. However, I can't seem to access 'Application' from basic class objects (ie. standalone .cs files). I read somewhere to use a slight variations in .cs files, as follows, but it always comes throws an exception when in use: String file = (String)System.Web.HttpContext.Current.Application["FileSearchQueries"];

    Read the article

  • Big task - problems with page refresh and ajax

    - by user1830414
    I have a navigation which load dynamically content via ajax. But if I refresh the page or visit another url and go back the current content is away and I see the old content under the first menu tab. Now I have to solve this problem. The index.php include the elements header_registrated.inc.php, navigation.inc.php and main_container.inc.php index.php: <?php include("inc/incfiles/header_registrated.inc.php"); ?> <?php if (!isset($_SESSION["userLogin"])) { echo "<meta http-equiv=\"refresh\" content=\"0; url=http://localhost/project\">"; } else { echo ""; } ?> <?php include("inc/incfiles/navigation.inc.php"); ?> <?php include("inc/incfiles/main_container.inc.php"); ?> <?php include("inc/incfiles/footer.inc.php"); ?> header_registrated.inc.php: <?php include ("inc/scripts/mysql_connect.inc.php"); session_start(); $user = $_SESSION["userLogin"]; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>title</title> <link href="css/style.css" rel="stylesheet" type="text/css" /> <script language="JavaScript" src="js/framework/jquery.js"></script> <script language="JavaScript" src="js/dropdown/window.js"></script> <script language="JavaScript" src="js/navigation/navigation.js"></script> </head> <body> </body> navigation.inc.php: <div class="navigation"> <ul> <li id="1"> <div id="menuImage1" class="menuImage"></div> <div class="menuText"><p>Punkt 1</p></div> <div class="navigationDart"></div> </li> <li id="2"> <div id="menuImage2" class="menuImage"></div> <div class="menuText"><p>Punkt 2</p></div> </li> <li id="3"> <div id="menuImage3" class="menuImage"></div> <div class="menuText"><p>Punkt 3</p></div> </li> <li id="4"> <div id="menuImage4" class="menuImage"></div> <div class="menuText"><p>Punkt 4</p></div> </li> <li id="5"> <div id="menuImage5" class="menuImage"></div> <div class="menuText"><p>Punkt 5</p></div> </li> <li id="6"> <div id="menuImage6" class="menuImage"></div> <div class="menuText"><p>Punkt 6</p></div> </li> </ul> </div> main_container.inc.php: <div class="mainContainer"> <div class="containerHeader"> <div class="contentHeader"> </div> </div> <div class="contentContainer"> <div class="content"> </div> <div class="advertisement"> </div> </div> </div> Now the divs content, cnotentHeader and advertisement (in file main_content.inc.php) is filled via ajax. Also the navigation has some jquery effects which also have to be the same after page refresh. navigation.js: $(document).ready(function() { $.get('inc/incfiles/content_container/header/1.php', function(data) { $('.contentHeader').html(data); }); $.get('inc/incfiles/content_container/content/1.php', function(data) { $('.content').html(data); }); $.get('inc/incfiles/content_container/advertisement/1.php', function(data) { $('.advertisement').html(data); }); var current = '1.php'; $(".navigation li").click(function() { var quelle = $(this).attr('id') + ".php"; // the current content doesn't load again if(current === quelle) { return; } current = quelle; // content $(".content").fadeOut(function() { $(this).load("inc/incfiles/content_container/content/" + quelle).fadeIn('normal'); }) // advertisement $(".advertisement").fadeOut(function() { $(this).load("inc/incfiles/content_container/advertisement/" + quelle).fadeIn('normal'); }) // header $(".contentHeader").fadeOut(function() { $(this).load("inc/incfiles/content_container/header/" + quelle).fadeIn('normal'); }) }); $(".navigation li").click(function() { $(".menuImage").removeClass("menuImageActive1"); $(".menuImage").removeClass("menuImageActive2"); $(".menuImage").removeClass("menuImageActive3"); $(".menuImage").removeClass("menuImageActive4"); $(".menuImage").removeClass("menuImageActive5"); $(".menuImage").removeClass("menuImageActive6"); }); $("#1").mousedown(function() { $("#menuImage1").addClass("menuImageClick1"); // new class on mouse button press }); $("#1").mouseup(function() { $("#menuImage1").removeClass("menuImageClick1"); //remove class after mouse button release }); $("#1").click(function() { $("#menuImage1").addClass("menuImageActive1"); }); $("#2").mousedown(function() { $("#menuImage2").addClass("menuImageClick2"); // new class on mouse button press }); $("#2").mouseup(function() { $("#menuImage2").removeClass("menuImageClick2"); //remove class after mouse button release }); $("#2").click(function() { $("#menuImage2").addClass("menuImageActive2"); }); $("#3").mousedown(function() { $("#menuImage3").addClass("menuImageClick3"); // new class on mouse button press }); $("#3").mouseup(function() { $("#menuImage3").removeClass("menuImageClick3"); //remove class after mouse button release }); $("#3").click(function() { $("#menuImage3").addClass("menuImageActive3"); }); $("#4").mousedown(function() { $("#menuImage4").addClass("menuImageClick4"); // new class on mouse button press }); $("#4").mouseup(function() { $("#menuImage4").removeClass("menuImageClick4"); //remove class after mouse button release }); $("#4").click(function() { $("#menuImage4").addClass("menuImageActive4"); }); $("#5").mousedown(function() { $("#menuImage5").addClass("menuImageClick5"); // new class on mouse button press }); $("#5").mouseup(function() { $("#menuImage5").removeClass("menuImageClick5"); //remove class after mouse button release }); $("#5").click(function() { $("#menuImage5").addClass("menuImageActive5"); }); $("#6").mousedown(function() { $("#menuImage6").addClass("menuImageClick6"); // new class on mouse button press }); $("#6").mouseup(function() { $("#menuImage6").removeClass("menuImageClick6"); //remove class after mouse button release }); $("#6").click(function() { $("#menuImage6").addClass("menuImageActive6"); }); $("#1").click(function(){ $(".navigationDart").animate({ top: "16px" }, 500 ); }); $("#2").click(function(){ $(".navigationDart").animate({ top: "88px" }, 500 ); }); $("#3").click(function(){ $(".navigationDart").animate({ top: "160px" }, 500 ); }); $("#4").click(function(){ $(".navigationDart").animate({ top: "232px" }, 500 ); }); $("#5").click(function(){ $(".navigationDart").animate({ top: "304px" }, 500 ); }); $("#6").click(function(){ $(".navigationDart").animate({ top: "376px" }, 500 ); }); }); My idea was it to work with if(isset($_SESSION['ajaxresponse'])) but I don't no how to do this. Please help me. I have the feeling that I've searched the whole web to find an answer.

    Read the article

  • Cross domain secure cookie usage?

    - by asdasda
    I have a website that came with a SSL site for HTTPS but its on a different server. Example being my website: http://example.com my SSL site: http://myhostingcompany.com/~myuseraccount/ So I can do transactions over HTTPS and we have user accounts and everything but it is located on a different domain. The cookie domain is set for that one. Is there a way I can check on my actual site to see if a cookie is set for the other one? And possibly grab its data and auth a user? I think this violates a major principle of security and can't be done for good reasons, but am i wrong? is this possible?

    Read the article

  • maintain user login status in express.js

    - by chenliang
    when user login the app the username will be display in the header, this is my header.jade div#header_content input(type='text',name='search',id='globle_search') span#user_status if(req.isAuthenticated()) a(class='user_menu_btn',href='home', target='_blank' ) req.user.username a(class='user_menu_btn',href='logout') Logout else a(id='login_btn',href='login',class='user_status_btn') login run the app i get the error says ReferenceError: F:\shopping\views\includes\header.jade:4 req is not defined this is my index route: app.get('/',index.index); exports.index = function(req, res){ res.render('index', { title: 'Express' }); }; how to maintain login ststus in the heaedr? by the way am using passport to login user

    Read the article

  • Control user actions with jQuery

    - by SonOfOmer
    Hi everyone, I want to write javascript that will kill sestion on the web page if user did not make any action for some time taken from configuration. How can I know that user did not make any actions by using jQuery. Thanks a lot.

    Read the article

  • User Inactivity Logout PHP

    - by user342391
    I want my users to be logged out automatically after X minutes of inactivity. I also want to have all sessions destroyed. How can this be done? How can I check for inactivity then perform a function to log them out???

    Read the article

  • How Google is managing authentication between multiple domains?

    - by vaibhav
    I think everyone here would be knowing that, if I am logged in any of the google's website(i.e www.orkut.com), I don't need to authenticate again for www.gmail.com. How google is managing this. I think, it would be a cookie stored on user's browser. But, if it is a cookie, how different domains are able to read this cookie. What do you say.

    Read the article

  • Is this the right way to set a cookie?

    - by AAA
    // if login is ok then we add a cookie $_POST['user_name'] = stripslashes($_POST['user_name']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['user_name'], $hour); setcookie(Key_my_site, $_POST['password'], $hour); Is this a right way to set cookies? Its been causing me serious redirect errors. See here: PHP Redirect problem with subdomain

    Read the article

  • used structdelete and now Elementemployee.id is undefined in SESSION.

    - by Robert
    using coldfuion 9 I used structdelete(session,"Elementemployee.id") in one of my .cfm display files.Also in my application.cfc it defined as is <cfset tArray[1][2] = "#session.employee_id#"> and the error is `Elementemployee.id is undefined in SESSION.` Is there a way that i can reset it without following the method shown below Navigate to the page Server Settings => Memory Variablesin the Coldfusion Administrator. Uncheck the option Use J2EE session variables and check the options Enable Application Variables and Enable Session Variables. Click the button to submit the changes.

    Read the article

  • Sessions not sticking linux server

    - by Jacob Windsor
    I have just moved the dev site over to my linux server for production but the sessions don't seem to be sticking for very long. I am guessing it is the server settings and not the php because it does the same thing with the plesk panel. Whenever a script is executed the sessions seems to get unset. I see nothing in the error log so not sure what it is. It all worked fine on wamp. Anyway I uploaded the php.ini file which was in the wamp server as it had all the settings i needed and all was working on localhost. Not sure what the problem is and this is the final thing that I have to sort out before going into production. And just too add the sessions are being started as they last for a little bit just don't stick around long. Here is the relevent part of my login script just in case there is something wrong with the code: // if login is ok then we add a cookie if($flag == 0) { $pass = htmlspecialchars(mysql_real_escape_string($_POST['pass'])); $username = htmlspecialchars(mysql_real_escape_string($_POST['username'])); $_SESSION['username']=$username; $_SESSION['password']=$pass;

    Read the article

  • Php static variables across sessions

    - by pistacchio
    Hi, In ASP.NET if I declare a variable (or object) static (or if I make a singleton) I can have it persist across multiple sessions of multiple users (it it registered in a server scope) so that I don't have to initialize it at every request. Is there such a feature in PHP? Thanks

    Read the article

  • How can I close the currently running server app when I launch new debug session?

    - by Eonil
    Google App Engine (GAE) Java SDK uses eclipse as main IDE. IDE runs a server app when I launch debugging session. And it runs another server app when I launch debugging session again. It closes the server app when I stop the debugging session, but it doesn't when I re-launch debugging session. Re-launching means stop and launch again. Why does it stop existing app? So I have to close the server app manually at each time. Is there a way to close existing running app when re-launching debugging session?

    Read the article

  • Cookie in Tomcat

    - by Richard
    Sorry... can anybody help me out? I'm a complete neewbiee to tomcat, but I have to set a cookie with the name 'lastlogin' with the actual timestamp as a value. How am I supposed to do it? Thanks a lot.

    Read the article

< Previous Page | 70 71 72 73 74 75 76 77 78 79 80 81  | Next Page >