Ashley Sheridan a écrit :
But *how* does it offer more security? You've not actually mentioned
that!
Because you need database slice access to manage the session, and not
only file access in /tmp/ (where sessions belongs, by default). So now
the problem is : and what about the configuration
Andrew Ballard wrote:
> On Wed, Jul 22, 2009 at 9:59 AM, Robert Cummings wrote:
>> A custom session handler that writes to files could easily encrypt session
>> data so that only the user with the correct session ID can decrypt it. I
>> think you're confusing the issue by claiming database sessions
On Wed, Jul 22, 2009 at 9:59 AM, Robert Cummings wrote:
> A custom session handler that writes to files could easily encrypt session
> data so that only the user with the correct session ID can decrypt it. I
> think you're confusing the issue by claiming database sessions are more
> secure when wha
Floyd Resler wrote:
The nice thing about the database, though, is that you can specify
which MySQL user has access to the sessions table. That way you can
really lock it down by giving access to only INSERT, SELECT, UPDATE,
and DELETE just for that table.
Thanks!
Floyd
On Jul 22, 2009, a
The nice thing about the database, though, is that you can specify
which MySQL user has access to the sessions table. That way you can
really lock it down by giving access to only INSERT, SELECT, UPDATE,
and DELETE just for that table.
Thanks!
Floyd
On Jul 22, 2009, at 9:36 AM, Andrew Bal
On Wed, Jul 22, 2009 at 8:36 AM, Ashley
Sheridan wrote:
> But *how* does it offer more security? You've not actually mentioned
> that!
>
One way would be to encapsulate data access in stored procedures and
deny direct table access on the session data. That way, even though
the PHP account has acce
With proper permissions I'm not sure that it's any more secure but it
certainly is a whole lot more scalable. And it is very easy to set
up. A web search will yield a lot of examples of using a database. I
use a PHP class which I really like.
Take care,
Floyd
On Jul 22, 2009, at 8:36 AM
On Wed, 2009-07-22 at 08:32 -0400, Floyd Resler wrote:
> You can do so much more with storing sessions in a database. For
> example, I can determine which of my users is currently on by looking
> in the sessions table. Not only does using a database for sessions
> offer more security, it al
You can do so much more with storing sessions in a database. For
example, I can determine which of my users is currently on by looking
in the sessions table. Not only does using a database for sessions
offer more security, it also offers more flexibility.
Take care,
Floyd
On Jul 22, 2009
On Wed, 2009-07-22 at 16:07 +0700, Lenin wrote:
> On Wed, Jul 22, 2009 at 2:46 PM, Ashley Sheridan
> wrote:
>
> > On Wed, 2009-07-22 at 03:45 +0700, Lenin wrote:
> >
>
>
> > > >
> > > As Floyd suggested keeping your sessions in the DB will give you better
> > > session management and security as
On Wed, Jul 22, 2009 at 2:46 PM, Ashley Sheridan
wrote:
> On Wed, 2009-07-22 at 03:45 +0700, Lenin wrote:
>
> > >
> > As Floyd suggested keeping your sessions in the DB will give you better
> > session management and security as well.
>
> Why would putting the session data in a database offer mo
On Wed, 2009-07-22 at 03:45 +0700, Lenin wrote:
> On Wed, Jul 22, 2009 at 3:24 AM, L.Guruprasad wrote:
>
> > Hi,
> > Floyd Resler wrote:
> >
> >> Keep in mind that sessions are based on the domain. I've run into
> >> situations where someone will be working in several different sites that we
> >
On Wed, Jul 22, 2009 at 3:24 AM, L.Guruprasad wrote:
> Hi,
> Floyd Resler wrote:
>
>> Keep in mind that sessions are based on the domain. I've run into
>> situations where someone will be working in several different sites that we
>> host. Each site is accessed via http://domain/site. Each sit
By default sub-domains do not share sessions but you can make them to share
the session
On Wed, Jul 22, 2009 at 1:54 AM, L.Guruprasad wrote:
> Hi,
> Floyd Resler wrote:
>
>> Keep in mind that sessions are based on the domain. I've run into
>> situations where someone will be working in several
Hi,
Floyd Resler wrote:
Keep in mind that sessions are based on the domain. I've run into
situations where someone will be working in several different sites that
we host. Each site is accessed via http://domain/site. Each site has
it's own database, users, etc. However, because they all ha
Keep in mind that sessions are based on the domain. I've run into
situations where someone will be working in several different sites
that we host. Each site is accessed via http://domain/site. Each
site has it's own database, users, etc. However, because they all
hang off the same doma
On Jul 21, 2009, at 3:12 PM, Guruprasad wrote:
Hi all,
I have a doubt with creating and destroying sessions in PHP using
session_destroy(). Supposing there is a PHP-based website hosted on
a web server. Now I add another site that I developed using PHP on
that web server using virtualho
Yes. You are right. Session variables are associated with the session id so
only that appropriate website's session variables will get destroyed.
You can try it in your local system.
On Wed, Jul 22, 2009 at 12:42 AM, Guruprasad wrote:
> Hi all,
> I have a doubt with creating and destroying sessi
Hi all,
I have a doubt with creating and destroying sessions in PHP using
session_destroy(). Supposing there is a PHP-based website hosted on a
web server. Now I add another site that I developed using PHP on that
web server using virtualhost. I destroy a session in my website using
session_de
I'm gonna guess that there might be some syntaxis problems or something,
since I would guess the following make sense to the PHP language.
Arrays: Since the + operator already gives the union of two arrays, why
isn't the - operator for differences and | for intersections? I would find
those to be
At 5:58 PM +0200 7/20/06, Jochem Maas wrote:
> >> On Thu, 2006-07-20 at 01:03, suresh kumar wrote:
> >>> Hi,
>maybe there could be a limit to the number of emails the OP is allowed
>to send without ever replying to anyone who offers a possible answer to
>his question. :-)
I think you need to under
Chris wrote:
> Robert Cummings wrote:
>> On Thu, 2006-07-20 at 01:03, suresh kumar wrote:
>>> Hi,
>>> I am having one doubt,i am using session variable for storing details.
>>> but i am afraid if there is around 1 users,wherether session will
>>> be able to store all the datas of 1 users,a
Robert Cummings wrote:
On Thu, 2006-07-20 at 01:03, suresh kumar wrote:
Hi,
I am having one doubt,i am using session variable for storing details.
but i am afraid if there is around 1 users,wherether session will
be able to store all the datas of 1 users,as i know abt session
is that a
On Thu, 2006-07-20 at 01:03, suresh kumar wrote:
> Hi,
> I am having one doubt,i am using session variable for storing details.
> but i am afraid if there is around 1 users,wherether session will
> be able to store all the datas of 1 users,as i know abt session
> is that a temporary file
Hi,
I am having one doubt,i am using session variable for storing details.but
i am afraid if there is around 1 users,wherether session will be able to
store all the datas of 1 users,as i know abt session is that a temporary
file will be created in /tmp directory with session id na
i am having back to home link ,by default its status is 0 in "mail table "
database .when any user click the back to home link.i want to change status
=1 in user table.is there any possible to call php function in javascript.i am
using javascript onclick function.but javascript is not support
check your SMTP settings in yout PHP.ini file.
Please dont post the same topic multiple times..
Jochem Maas wrote:
suresh kumar wrote:
this is my code
if(@mail('[EMAIL PROTECTED]','subject','hai this is
the test','[EMAIL PROTECTED]')):
print "mail sent succesfully";
suresh kumar wrote:
this is my code
if(@mail('[EMAIL PROTECTED]','subject','hai this is
the test','[EMAIL PROTECTED]')):
print "mail sent succesfully";
else:
print "mail can send";
endif;
i dont know whether there is any problem
with my coding or se
suresh kumar wrote:
hello everybody,
i am having one doubt in sending mail
the way I read it you don't have a 'doubt' but a 'problem' ...
(an example of the proper use of the word would be:
"I doubt whether you bothered to research your
problem at all before
this is my code
if(@mail('[EMAIL PROTECTED]','subject','hai this is
the test','[EMAIL PROTECTED]')):
print "mail sent succesfully";
else:
print "mail can send";
endif;
i dont know whether there is any problem
with my coding or server problem.both from
On Mon, 2006-02-13 at 10:05 +, suresh kumar wrote:
> both from and to address are valid but mail
> is not receiving to [EMAIL PROTECTED],
>
The PHP mail() function will use sendmail/postfix/etc (your hosts MTA),
if you plan on using a mail relay i.e. an SMTP server to send mail, you
hello everybody,
i am having one doubt in sending mail
in php.in my company our mail server is in windows,but
my php code for mail function in linux,i set the code
as
if(@mail('[EMAIL PROTECTED]','hi suresh','this is
test','From:[EMAIL PROTECTED]')):
both from and to addr
hi,
for eg
while(list(t1,t2,...)=mysql_fetch_row($result)):
endwhile;
while i use $t1 ouside while loop ,its corresponding
value is not displaying,how can i display the value
of $t1.
A.suresh
Suresh,
suresh kumar wrote:
> hi,
>for eg
>
> while(list(t1,t2,...)=mysql_fetch_row($result)):
> endwhile;
You could start with list($t1, $t2, ...) instead. Personally, I'd done
it without assuming mysql_fetch_row is returning an array.
Hi
How to set cookies using header() function and using setcookie function?
Setcookie('testcookie','Balaji',time()+3600,'/','10.145.0.1',1);
If I want to write same thing with header function how can I do that?
Is it like
header("Set-Cookie:
name=testcookie,value=Balaji,domain=10.145.0.1,sec
Hi
Make sure you have an auto_increment field in your table, do the insert
first, then use mysql_insert_id() to get the number of the last which you
can use for the customer number. See the notes at the following page:
http://www.php.net/manual/en/function.mysql-insert-id.php
Regards
Girish
-
You really need to put in more of the code as it ACTUALLY appears...
ed
At 05:39 PM 5/29/2002 -0700, r wrote:
>Hey guys,
>
>I have written a program and being a newbie I dont know if this is good or
>will give me problems in the future, so will appreciate it if you could just
>have a look at the
> // connected to the database successfully and running this query:
> {
> mysql_query.etc
> $r=select max(cno)+1 from customer;
> insert into customer values($r,'$name');
> }
> print("Your customer number is: $r");
>
> what do you think? And will this return the correct values if 2 people
Hey guys,
I have written a program and being a newbie I dont know if this is good or
will give me problems in the future, so will appreciate it if you could just
have a look at the function and give me your "esteemed opinion" ;-)
This is just a snip from the program...its pretty easy so your guru
Hi,
> When i'm using the declare construct i'm getting
> an error "Cannot open the site. The connection
> with the server was reset". Culd u please help me in this...
Show us some code!
Cheers
Jon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/u
Hi ,
When i'm using the declare construct i'm getting an error "Cannot
open the site.The connection with the server was reset".
Culd u please help me in this...
Thanks in advance..
Shiju
Hi,
I'm new to this group. I have a problem with a php script that I'm
creating to upload files to the server.
The uploaded files have their owner as "apache" and not me as the owner.
Hence I'm not able to delete the files that are uploaded.
How do I solve this problem?
Thanks,
Line 29:
$sql2="UPDATE inventory SET inv_status="assigned" where inv_tag='$inv_tag' ";
will give a php error - it should read either
$sql2="UPDATE inventory SET inv_status='assigned' where inv_tag='$inv_tag' ";
or
$sql2="UPDATE inventory SET inv_status=\"assigned\" whe
At 14:11 28/07/01 +0530, Balaji Ankem wrote:
> $sql2="UPDATE inventory SET inv_status="assigned" where
> inv_tag='$inv_tag' "; // This is line number 29.
Try: inv_status='assigned' -- use single quotes, not double.
HTH,
Simon
--
PHP General Mailing List (http://www.php.net/)
To un
Hi dearest friend,
can we update the same row immediately
after selection.
please see the following code at line number 29 it is giving
error.
code
// Connect to
MySQL
$connection = mysql_connect(
'localhost', 'balaji', 'pingpong
umm, no, you assigned $string to the output and you flushed it and
you echoed $string. maybe you mean ob_end_clean()?
-aaron
At 12:22 AM -0300 4/6/01, Christian Dechery wrote:
>take a look at this small code:
>
>ob_start();
>echo "something";
>echo "something else";
>$string=ob_get_contents();
take a look at this small code:
ob_start();
echo "something";
echo "something else";
$string=ob_get_contents();
ob_end_flush();
echo $string."";
shouldn't this be the output?
something
something else
so why it outputs this?
something
something else
something
something else
Hello..friend...
..i have a doubt? how i can do for run php in console mode, or better say,
that run script in my shell not in a browser...
..and, you give me a hand an i get the arm, how i can get the argument of
the line of command?exist ARGV or ARGC?
Roberto Celestino
El sitio, "Tu portal en I
How i can get further information about the installation of MCAL extension
in a Solaris 2.7 environment?
Roberto Celestino
Universidad Nacional de la Matanza
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail:
49 matches
Mail list logo
