Search Results

Search found 12291 results on 492 pages for 'session scope'.

Page 77/492 | < Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >

  • asp classic and javascript to check for session status

    - by StealthRT
    Hey all, i am in need of some help with trying to figure out how to go about checking the users session and seeing if they are still logged in or not. The problem being is because i have a static page that pretty much loads everything into "tabs" using jquery. So when they use navigates the page, it really never leaves that same page they started out on. Hints my problem in trying to determine if they are still logged in or not when they click on update their information on their profile or whatnot. Any suggestions/help would be great! :o) David

    Read the article

  • Is this a legitimate implementation of a 'remember me' function for my web app?

    - by user246114
    Hi, I'm trying to add a "remember me" feature to my web app to let a user stay logged in between browser restarts. I think I got the bulk of it. I'm using google app engine for the backend which lets me use java servlets. Here is some pseudo-code to demo: public class MyServlet { public void handleRequest() { if (getThreadLocalRequest().getSession().getAttribute("user") != null) { // User already has session running for them. } else { // No session, but check if they chose 'remember me' during // their initial login, if so we can have them 'auto log in' // now. Cookie[] cookies = getThreadLocalRequest().getCookies(); if (cookies.find("rememberMePlz").exists()) { // The value of this cookie is the cookie id, which is a // unique string that is in no way based upon the user's // name/email/id, and is hard to randomly generate. String cookieid = cookies.find("rememberMePlz").value(); // Get the user object associated with this cookie id from // the data store, would probably be a two-step process like: // // select * from cookies where cookieid = 'cookieid'; // select * from users where userid = 'userid fetched from above select'; User user = DataStore.getUserByCookieId(cookieid); if (user != null) { // Start session for them. getThreadLocalRequest().getSession() .setAttribute("user", user); } else { // Either couldn't find a matching cookie with the // supplied id, or maybe we expired the cookie on // our side or blocked it. } } } } } // On first login, if user wanted us to remember them, we'd generate // an instance of this object for them in the data store. We send the // cookieid value down to the client and they persist it on their side // in the "rememberMePlz" cookie. public class CookieLong { private String mCookieId; private String mUserId; private long mExpirationDate; } Alright, this all makes sense. The only frightening thing is what happens if someone finds out the value of the cookie? A malicious individual could set that cookie in their browser and access my site, and essentially be logged in as the user associated with it! On the same note, I guess this is why the cookie ids must be difficult to randomly generate, because a malicious user doesn't have to steal someone's cookie - they could just randomly assign cookie values and start logging in as whichever user happens to be associated with that cookie, if any, right? Scary stuff, I feel like I should at least include the username in the client cookie such that when it presents itself to the server, I won't auto-login unless the username+cookieid match in the DataStore. Any comments would be great, I'm new to this and trying to figure out a best practice. I'm not writing a site which contains any sensitive personal information, but I'd like to minimize any potential for abuse all the same, Thanks

    Read the article

  • Cookie parameter value problem

    - by cagin
    Hi there I want to use cookie in my project. But now i m using session. And i have some session parameters in .aspx pages.. for example: <SelectParameters> <asp:SessionParameter Name="refKlinik_id" SessionField="refKlinik_id" /> </SelectParameters> Now i want to use Cookie Paramter like that: <SelectParameters> <asp:CookieParameter Name="refKlinik_id" CookieName="refKlinik_id" </SelectParameters> but cookie's value is like that: sauidpU655614411262762102024i1600369917542431520431414503529630051999*CoreID683251601618012627621046&c but i need an integer value like 24. How can i convert cookie's value to int32 Thanks for your helps

    Read the article

  • Randomly Losing Session Variables Only In Google Chrome & URL Rewriting

    - by Toby
    Using Google Chrome, I'm seemingly losing/corrupting session data when navigating between pages (PHP 5.0.4, Apache 2.0.54). The website works perfectly fine in IE7/8, Firefox, Safari & Opera. The issue is only with Google Chrome. I narrowed down the problem. I'm using search friendly URL's, and hiding my front controller (index.php) via a .htaccess file. So the URL looks like: www.domain.com/blah/blah/ Here's the .htaccess file contents: Options +FollowSymlinks RewriteEngine on #allow cool urls RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*) index.php [L] #allow to have Url without index.php If I remove the .htaccess file, and expose the front controller in the URL: www.domain.com/index.php/blah/blah/, Chrome works perfectly fine. Any thoughts ideas? I'm thinking it's some kind of problem with how Chrome identifies what cookie to use and send to the server? This happens in Chrome 4 & 5. Thanks!

    Read the article

  • Approaches to timing out sessions on a web app using AJAX autorefreshes

    - by Braintapper
    I'm writing a web application that autorefreshes data with an AJAX call at set intervals. Because it's doing that, server side user sessions never time out, since the last activity is refreshed with every ajax call. Are there good client side rules I could implement to time out the user? I.e. should I track mouse movements in the browser, etc., or should I point the AJAX calls to URLs that don't refresh the session? I like that my AJAX calls hit a session-enabled URL, because I can also validate that the user is logged in, etc. Any thoughts in terms of whether I should even bother timing out the users?

    Read the article

  • Prevent PHP sesison hijack, are these good ideas?

    - by matthew Rhodes
    I'm doing a simple shopping cart for a small site. I plan to store cart items as well as logged in user_id in session variables. to make things a little more secure, I thought I'd do this: sha1() the user_id before storing it in the session. Also sha1() and store the http_user_agent var with some salt, and check this along with the user_id. I know there is more one can do, but I thought this at least helps quite a bit right? and is easy for me to implement.

    Read the article

  • GameKit server disconnect makes session invalid

    - by Markus
    Hi everyone, I'm trying to build a 4 player multiplayer game using GameKit. I tried many things and I'm currently using client/server mode, meaning that I have 1 session in GKSessionModeServer and 3 other sessions connecting to this one in GKSessionModeClient. My goal is, that when a user leaves the game or gets disconnected for whatever reason, that the others can continue their game. So far this works if any of the Clients leave the game, but if the Sevrer leaves the game, send and receive calls are not reaching the other peers anymore. I tried the same with 4 peers in GKSessionModePeer with the same result (where the player who accepts connections cannot quit). Does anyone had better success in making this work? Any help is highly appreciated. Thanks!

    Read the article

  • deny direct access to a php file by typing the link in the url

    - by aeonsleo
    hi, I am using php session for a basic login without encryption for my site. I want to prevent a user from directly accessing a php page by typing the url when he/she is not signed in. But this is not happening. I am using session_start(), initializing session variables and aslo unsetting and destroying sesssion during logout. Also if I type the link in a different browser the page is getting displayed. I am not very well versed with php , only a beginner. I googled for such problem and found few alternatives as keeping all files in a seperate folder from the web root, using .htaccess etc. Can someone explain in simple terms what could be a good solution.thanks in advance.

    Read the article

  • Removing DOM event handlers in long-running browser session

    - by Chris Beck
    I have a browser interface with a ul#contacts list on the left and div#contact property panel (email, phone) on the right. Click a contact in the list and my app makes an XHR request to get the contact property HTML fragment and update div#contact.innerHTML. Each contact fragment has an "Edit Contact" link. With JS, I progressively upgrade that link with an event listener that performs an XHR request to replace the static property panel with an in-place edit form. This can happen many times during a single browser session. How should I clean up my "Edit Contact" event listener? Do I need to remove it manually before the form overwrites the property panel? Or is the event listener cleaned up automatically when the contents of div#contact (and the node that I'm listening on) is overwritten? FWIW, I still consider IE6 to be part of my target market.

    Read the article

  • How and when to log account access login with PHP?

    - by Nazgulled
    I want to implement a basic login system in some PHP app where no cookies will be involved. I mean, the user closes the browser and the login expires, it will remain active during the browser session (or if the user explicitly logs out) otherwise. I want to log all this activity and I'm thinking that every time the user refreshes the page, opens a different link or logs out, I record that time as the last access made by that user, overwriting the previous access log. But my problem is when and how should I insert another record into the database instead of overwriting the last one? Should I just define a timeout and if the last access was made above that timeout, another log should be inserted into the database? Should the session expire too after that timeout? Or is there a better way? Ideally, I would like to log the "log out action" when the browser was closed, but I don't think there's a way to detect that is there? Suggestions?

    Read the article

  • Make user object available to all Controllers in Zend?

    - by Sled
    Hey guys, I'm using Zend_Auth to identify a user in my application. This creates a session with the userobject. My question is how do I make this object available to every Controller and action, so I don't have to pull it out of the session every time I need data from this object? I'm guessing this should be done in bootstrap.php or index.php but I don't really know how to makte it available to every controller.. so any code examples would be appreciated! Thanks!

    Read the article

  • PHP Captcha without session

    - by Anton N
    Ok, here is an issue: in the project i'm working on, we can't rely on server-side sessions for any functionality. The problem is that common captcha solutions from preventing robotic submits require session to store the string to match captcha against. The question is - is there any way to solve the problem without using sessions? What comes to my mind - is serving hidden form field, containing some hash, along with captcha input field, so that server then can match these two values together. But how can we make this method secure, so that it couldn't be used to break captcha easily.

    Read the article

  • Sharing session (or cookie) using Grails acegi plugin

    - by firnnauriel
    Is it possible for two different Grails project, also having different domains, to share a session/cookie? Let's say I have 2 sites: www.mycompany.com, and, www.othercompany.com. Assume that both sites are having same domains, and same database and records too. What I want to know is if this code: authenticateService.userDomain() or even the authenticateService.isLoggedIn() will behave and return exactly the same object/result whether it is called in either of the site. Basically, what we need is a solution for sharing/identifying logged in user between two different sites. Need more details on how to implement this using acegi 0.5.2 and grails 1.2.1. Hoping for any leads on this. Thank you.

    Read the article

  • How do I stack Plack authentication handlers?

    - by Schwern
    I would like to have my Plack app try several different means of authorizing the user. Specifically, check if the user is already authorized via a session cookie, then check for Digest authentication and then fall back to Basic. I figured I could just enable a bunch of Auth handlers in the order I wanted them to be checked (Session, Digest, Basic). Unfortunately, the way that Plack::Middleware::Auth::Digest and Plack::Middleware::Auth::Basic are written they both return 401 if digest or basic auth doesn't exist, respectively. How is this normally dealt with in Plack?

    Read the article

  • Hudson build fails when a user logs out of RDP session

    - by sjohnston
    We are using Hudson to build mixed C++/Java projects with an Ant script. It is running in Tomcat 6, on a Win XP virtual machine. I have noticed recently that when a user logs off the machine (from a remote desktop session), builds that are currently running tend to suddenly fail without an error message. Has anyone encountered anything similar or have an idea what might be causing this effect? I can post additional information about our setup if needed, I'm just not sure what's relevant in this case.

    Read the article

  • Rails - Dynamic cookie domains using Rack

    - by Tim B.
    I'm fairly new to Rails and Rack, but this guy had a seemingly straightforward write-up about using Rack to implement dynamic session domain middleware. The code looks good to and I've implemented it here on my local machine, but I'm still not able to transcend top level domains on a single login. Here's the middleware code: class SetCookieDomain def initialize(app, default_domain) @app = app @default_domain = default_domain end def call(env) host = env["HTTP_HOST"].split(':').first env["rack.session.options"][:domain] = custom_domain?(host) ? ".#{host}" : "#{@default_domain}" @app.call(env) end def custom_domain?(host) domain = @default_domain.sub(/^\./, '') host !~ Regexp.new("#{domain}$", Regexp::IGNORECASE) end end And then in environment.db: config.load_paths += %W(#{RAILS_ROOT}/app/middlewares) Lastly in production.db (and development.db): config.middleware.use "SetCookieDomain", ".example.org" Any help is greatly appreciated. EDIT: I'm running Rails 2.3.3 and Rack 1.0

    Read the article

  • session set for some Actions in Zend framework

    - by user202127
    I'm working on a website , in CV part users have some articles that only logged in users can download them.I want to make changes to the log in Action or preDispatch() to set session for guess users to download the articles, can some one tell me how it can be or give me some reference links. here is my preDispatch(): public function preDispatch() { $userInfo=$this->_auth->getStorage()->read(); $identity= $this->_auth->getIdentity(); if(!$this->_auth->hasIdentity()) { return $this->_helper->redirector('login','login'); } if(!isset($userInfo["member_id"]) || strlen($userInfo["member_id"])==0) { return $this->_helper->redirector('forbidden','login'); } $this->_accessType=2; }

    Read the article

  • Passing PHP session variable to AJAX URL

    - by user547794
    Hello, I am trying to pass a session variable into an AJAX loaded page. Here is the code I am using: jQuery(document).ready(function(){ $("#userdetail").click(function() { $.ajax({ url: "userdetail.php?id=<?php $_SESSION['uid']?>", success: function(msg){ $("#results").html(msg); } }); }); }); This is the HTML URL I had working, not sure how to get this into the AJAX call: userdetail.php?id=<?php $_SESSION['uid']?> I should also mention that if I manually pass in the userID it works fine url: "userdetail.php?id=1",

    Read the article

  • Displaying objects based on if a user is logged in or not

    - by MaxMackie
    I'm learning about PHP sessions for user authentication on my website. I know how to restrict the viewing of a complete page using sessions (simply check if the 'uid' session variable is set and if it is, show content, if not redirect to an error). However I'm trying to figure out the best way to selectively show and hide different objects (div, text, images) based on if a user is logged in or not. Is it as simple as checking for the 'uid' session variable and displaying based on if it set or not? Is there a more efficient way of doing this id there are a lot of conditional elements on a page?

    Read the article

  • Warning: session_start(): Cannot send session cache limiter - headers already sent

    - by shyam
    I am receiving this warning in a page while I try starting the session. <?php session_start(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Video</title> </head> -this is the part of the code. There are no characters (not even space) before the first line. This page is reached after logging in from another page, through redirection. Any help? (PHP version is 5.2)

    Read the article

  • Pass a variable from javascript to php in the same session OnClickFunction

    - by MickyScion
    I was seeing through stackoverflow the solutions for this kind of problems but any of them are executing the code of javascript in the same session...please i want some help with this...i have this in my session <script> function show_alert() { var ProdAntes = document.getElementById("productoseleccionado").value; var CantAntes = document.getElementById("cantidadantes").value; var PrecAntes = document.getElementById("precioantes").value; var FecAntes = document.getElementById("fechaantes").value; var ProdAhora = document.getElementById("SoyaProductorProduccionProducto").value; var CantAhora = document.getElementById("SoyaProductorProduccionCantidadtm").value; var PrecAhora = document.getElementById("SoyaProductorProduccionPreciodolar").value; var FecAhora = document.getElementById("select_date").value; } </script> and in my html stuff i have this <?php echo $this->Form->create('SoyaProductorProduccion');?> <fieldset> <?php echo $this->Form->hidden('id', array('value' => $this->data['SoyaProductorProduccion']['id'])); echo $this->Form->input('operacion', array('type' => 'hidden', 'value'=>'Produccion')); //-------------------------------------------------------------- $productoseleccionado = $this->data['SoyaProductorProduccion']['producto']; echo $this->Form->input('productoseleccionado', array('type' => 'hidden','style'=>'width:500px; height:30px;','id' => 'productoseleccionado' , 'value' => $productoseleccionado)); echo $this->Form->input('producto', array( 'options' => array( $productoseleccionado => $productoseleccionado, 'Torta solvente de soya' => 'Torta solvente de soya', 'Torta solvente de girasol' => 'Torta solvente de girasol', 'Harina integral de soya' => 'Harina integral de soya', 'Harina de girasol' => 'Harina de girasol', 'Cascarilla de soya' => 'Cascarilla de soya', 'Cascarilla de girasol' => 'Cascarilla de girasol', 'Aceite de soya refinado' => 'Aceite de soya refinado', 'Aceite de soya crudo' => 'Aceite de soya crudo', 'Aceite de girasol refinado' => 'Aceite de girasol refinado', 'Aceite de girasol crudo' => 'Aceite de girasol crudo', ),'label'=>'Tipo de Producto' )); foreach ($soyacambiodolares as $soyacambiodolar): $dolar=$soyacambiodolar['SoyaCambioDolar']['cambio']; endforeach; echo $this->Form->input('cambio', array('type' => 'hidden','value' => $dolar)); //----------------------------------------------------------------------------- $cantidadantes = $this->data['SoyaProductorProduccion']['cantidadtm']; echo $this->Form->input('cantidadantes', array('type' => 'hidden','style'=>'width:500px; height:30px;', 'value' => $cantidadantes,'id' => 'cantidadantes')); echo $this->Form->input('cantidadtm', array('label' => 'Cantidad en tonelada(s) métrica(s) del producto (TM)','style'=>'width:500px; height:30px;')); //----------------------------------------------------------------------------- $precioantes = $this->data['SoyaProductorProduccion']['preciodolar']; echo $this->Form->input('precioantes', array('type' => 'hidden','style'=>'width:500px; height:30px;', 'value' => $precioantes,'id' => 'precioantes')); echo $this->Form->input('preciodolar', array('label' => 'Precio en Dolares Americanos por tonelada métrica (TM / $us)','style'=>'width:500px; height:30px;')); //----------------------------------------------------------------------------- ?> <table style="width: 600px"> <tr> <td > <?php //---------------------------------------------------------------- $fechaantes = $this->data['SoyaProductorProduccion']['fecharegistro']; echo $this->Form->input('fechaantes', array('type' => 'hidden','style'=>'width:500px; height:30px;', 'value' => $fechaantes, 'id' => 'fechaantes')); //---------------------------------------------------------------- echo $this->Form->input("fecharegistro", array( 'label' => '<strong>Periodo al que corresponde la declaración</strong>', 'type' => 'text', 'style' => 'width: 110px', 'class' => 'fl tal vat w300p', 'error' => false , 'id' => 'select_date')); ?> <?php echo $this->Html->div('datepicker_img w100p fl pl460p pa', $this->Html->image('datepicker_calendar_icon.gif'),array('id' => 'datepicker_img')); ?> <?php echo $this->Html->div('datepicker fl pl460p pa', ' ' ,array('id' => 'datepicker')); ?> </td> </tr> </table> <?php echo $this->Form->submit('Modificar Existencia', array('class' => 'form-submit', 'title' => 'Presione aqui para agregar datos', 'onclick' => 'return show_alert();')); ?> </fieldset> <?php echo $this->Form->end(); ?> my function is ok but i want these: when i click the submit button i want to compare wich field had been changed, and i want to create a chain of detailed changes like "change in the field 1, change in the fiel 2.--" and so on...and this has to be saved in my database so i have to pass to a variable in my php before saving...thanks!

    Read the article

  • What magical thing could be killing my Drupal session and anywhere from 15-45 minutes of activity?

    - by jini
    I am using a standard Drupal install hosted on a LAMP stack. My settings.php has the following set: ini_set('session.gc_probability', 1); ini_set('session.gc_divisor', 100); ini_set('session.gc_maxlifetime', 200000); ini_set('session.cookie_lifetime', 2000000); my php.ini file has: session.gc_probability = 1 session.gc_divisor = 1000 session.gc_maxlifetime = 1440 Also I have checked that the safe mode is off so that my settings.php file is able to override main php.ini variables. Also since the person can get log out at 15 minutes, it is making me wonder whether php.ini has anything to do with it anyways. I have combed through my code and it seems to work fine on my local host however on server it is having issues. Where else can i possibly check?????

    Read the article

  • PHP Session Array Value keeps showing as "Array"

    - by Nerathas
    Hello, When sending data from a form to a second page, the value of the session is always with the name "Array" insteed of the expected number. The data should get displayed in a table, but insteed of example 1, 2, 3 , 4 i get : Array, Array, Array. (A 2-Dimensional Table is used) Is the following code below a proper way to "call" upon the stored values on the 2nd page from the array ? $test1 = $_SESSION["table"][0]; $test2 = $_SESSION["table"][1]; $test3 = $_SESSION["table"][2]; $test4 = $_SESSION["table"][3]; $test5 = $_SESSION["table"][4]; What exactly is this, and how can i fix this? Is it some sort of override that needs to happen? Best Regards.

    Read the article

  • Redirecting a page when session expires using asp.net mvc

    - by Naidu
    In my web.config file i have the following code: <system.web> <assemblies> <authentication mode="Forms"> <forms loginUrl="/Account/Login" slidingExpiration="true" timeout="1" /> </authentication> <sessionState timeout="1"></sessionState> </assemblies> </system.web> And I have main page Project and in that there will sub pages. I have given the [Authorize] attribute for each view index method. After the session complete when we select any view then the page inside the project main page will be redirecting. But I want the whole page to be redirected. Any Help is appreciated.

    Read the article

< Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >