Ashley Sheridan a écrit :
But *how* does it offer more security? You've not actually mentioned
that!
Because you need database slice access to manage the session, and not
only file access in /tmp/ (where sessions belongs, by default). So now
the problem is : and what about the configuration
Andrew Ballard wrote:
> On Wed, Jul 22, 2009 at 9:59 AM, Robert Cummings wrote:
>> A custom session handler that writes to files could easily encrypt session
>> data so that only the user with the correct session ID can decrypt it. I
>> think you're confusing the issue by claiming database sessions
On Wed, Jul 22, 2009 at 9:59 AM, Robert Cummings wrote:
> A custom session handler that writes to files could easily encrypt session
> data so that only the user with the correct session ID can decrypt it. I
> think you're confusing the issue by claiming database sessions are more
> secure when wha
Floyd Resler wrote:
The nice thing about the database, though, is that you can specify
which MySQL user has access to the sessions table. That way you can
really lock it down by giving access to only INSERT, SELECT, UPDATE,
and DELETE just for that table.
Thanks!
Floyd
On Jul 22, 2009, a
The nice thing about the database, though, is that you can specify
which MySQL user has access to the sessions table. That way you can
really lock it down by giving access to only INSERT, SELECT, UPDATE,
and DELETE just for that table.
Thanks!
Floyd
On Jul 22, 2009, at 9:36 AM, Andrew Bal
On Wed, Jul 22, 2009 at 8:36 AM, Ashley
Sheridan wrote:
> But *how* does it offer more security? You've not actually mentioned
> that!
>
One way would be to encapsulate data access in stored procedures and
deny direct table access on the session data. That way, even though
the PHP account has acce
With proper permissions I'm not sure that it's any more secure but it
certainly is a whole lot more scalable. And it is very easy to set
up. A web search will yield a lot of examples of using a database. I
use a PHP class which I really like.
Take care,
Floyd
On Jul 22, 2009, at 8:36 AM
On Wed, 2009-07-22 at 08:32 -0400, Floyd Resler wrote:
> You can do so much more with storing sessions in a database. For
> example, I can determine which of my users is currently on by looking
> in the sessions table. Not only does using a database for sessions
> offer more security, it al
You can do so much more with storing sessions in a database. For
example, I can determine which of my users is currently on by looking
in the sessions table. Not only does using a database for sessions
offer more security, it also offers more flexibility.
Take care,
Floyd
On Jul 22, 2009
On Wed, 2009-07-22 at 16:07 +0700, Lenin wrote:
> On Wed, Jul 22, 2009 at 2:46 PM, Ashley Sheridan
> wrote:
>
> > On Wed, 2009-07-22 at 03:45 +0700, Lenin wrote:
> >
>
>
> > > >
> > > As Floyd suggested keeping your sessions in the DB will give you better
> > > session management and security as
On Wed, Jul 22, 2009 at 2:46 PM, Ashley Sheridan
wrote:
> On Wed, 2009-07-22 at 03:45 +0700, Lenin wrote:
>
> > >
> > As Floyd suggested keeping your sessions in the DB will give you better
> > session management and security as well.
>
> Why would putting the session data in a database offer mo
On Wed, 2009-07-22 at 03:45 +0700, Lenin wrote:
> On Wed, Jul 22, 2009 at 3:24 AM, L.Guruprasad wrote:
>
> > Hi,
> > Floyd Resler wrote:
> >
> >> Keep in mind that sessions are based on the domain. I've run into
> >> situations where someone will be working in several different sites that we
> >
On Wed, Jul 22, 2009 at 3:24 AM, L.Guruprasad wrote:
> Hi,
> Floyd Resler wrote:
>
>> Keep in mind that sessions are based on the domain. I've run into
>> situations where someone will be working in several different sites that we
>> host. Each site is accessed via http://domain/site. Each sit
By default sub-domains do not share sessions but you can make them to share
the session
On Wed, Jul 22, 2009 at 1:54 AM, L.Guruprasad wrote:
> Hi,
> Floyd Resler wrote:
>
>> Keep in mind that sessions are based on the domain. I've run into
>> situations where someone will be working in several
Hi,
Floyd Resler wrote:
Keep in mind that sessions are based on the domain. I've run into
situations where someone will be working in several different sites that
we host. Each site is accessed via http://domain/site. Each site has
it's own database, users, etc. However, because they all ha
Keep in mind that sessions are based on the domain. I've run into
situations where someone will be working in several different sites
that we host. Each site is accessed via http://domain/site. Each
site has it's own database, users, etc. However, because they all
hang off the same doma
On Jul 21, 2009, at 3:12 PM, Guruprasad wrote:
Hi all,
I have a doubt with creating and destroying sessions in PHP using
session_destroy(). Supposing there is a PHP-based website hosted on
a web server. Now I add another site that I developed using PHP on
that web server using virtualho
Yes. You are right. Session variables are associated with the session id so
only that appropriate website's session variables will get destroyed.
You can try it in your local system.
On Wed, Jul 22, 2009 at 12:42 AM, Guruprasad wrote:
> Hi all,
> I have a doubt with creating and destroying sessi
At 5:58 PM +0200 7/20/06, Jochem Maas wrote:
> >> On Thu, 2006-07-20 at 01:03, suresh kumar wrote:
> >>> Hi,
>maybe there could be a limit to the number of emails the OP is allowed
>to send without ever replying to anyone who offers a possible answer to
>his question. :-)
I think you need to under
Chris wrote:
> Robert Cummings wrote:
>> On Thu, 2006-07-20 at 01:03, suresh kumar wrote:
>>> Hi,
>>> I am having one doubt,i am using session variable for storing details.
>>> but i am afraid if there is around 1 users,wherether session will
>>> be able to store all the datas of 1 users,a
Robert Cummings wrote:
On Thu, 2006-07-20 at 01:03, suresh kumar wrote:
Hi,
I am having one doubt,i am using session variable for storing details.
but i am afraid if there is around 1 users,wherether session will
be able to store all the datas of 1 users,as i know abt session
is that a
On Thu, 2006-07-20 at 01:03, suresh kumar wrote:
> Hi,
> I am having one doubt,i am using session variable for storing details.
> but i am afraid if there is around 1 users,wherether session will
> be able to store all the datas of 1 users,as i know abt session
> is that a temporary file
check your SMTP settings in yout PHP.ini file.
Please dont post the same topic multiple times..
Jochem Maas wrote:
suresh kumar wrote:
this is my code
if(@mail('[EMAIL PROTECTED]','subject','hai this is
the test','[EMAIL PROTECTED]')):
print "mail sent succesfully";
suresh kumar wrote:
this is my code
if(@mail('[EMAIL PROTECTED]','subject','hai this is
the test','[EMAIL PROTECTED]')):
print "mail sent succesfully";
else:
print "mail can send";
endif;
i dont know whether there is any problem
with my coding or se
suresh kumar wrote:
hello everybody,
i am having one doubt in sending mail
the way I read it you don't have a 'doubt' but a 'problem' ...
(an example of the proper use of the word would be:
"I doubt whether you bothered to research your
problem at all before
On Mon, 2006-02-13 at 10:05 +, suresh kumar wrote:
> both from and to address are valid but mail
> is not receiving to [EMAIL PROTECTED],
>
The PHP mail() function will use sendmail/postfix/etc (your hosts MTA),
if you plan on using a mail relay i.e. an SMTP server to send mail, you
Suresh,
suresh kumar wrote:
> hi,
>for eg
>
> while(list(t1,t2,...)=mysql_fetch_row($result)):
> endwhile;
You could start with list($t1, $t2, ...) instead. Personally, I'd done
it without assuming mysql_fetch_row is returning an array.
Hi
Make sure you have an auto_increment field in your table, do the insert
first, then use mysql_insert_id() to get the number of the last which you
can use for the customer number. See the notes at the following page:
http://www.php.net/manual/en/function.mysql-insert-id.php
Regards
Girish
-
Hi,
> When i'm using the declare construct i'm getting
> an error "Cannot open the site. The connection
> with the server was reset". Culd u please help me in this...
Show us some code!
Cheers
Jon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/u
Line 29:
$sql2="UPDATE inventory SET inv_status="assigned" where inv_tag='$inv_tag' ";
will give a php error - it should read either
$sql2="UPDATE inventory SET inv_status='assigned' where inv_tag='$inv_tag' ";
or
$sql2="UPDATE inventory SET inv_status=\"assigned\" whe
At 14:11 28/07/01 +0530, Balaji Ankem wrote:
> $sql2="UPDATE inventory SET inv_status="assigned" where
> inv_tag='$inv_tag' "; // This is line number 29.
Try: inv_status='assigned' -- use single quotes, not double.
HTH,
Simon
--
PHP General Mailing List (http://www.php.net/)
To un
umm, no, you assigned $string to the output and you flushed it and
you echoed $string. maybe you mean ob_end_clean()?
-aaron
At 12:22 AM -0300 4/6/01, Christian Dechery wrote:
>take a look at this small code:
>
>ob_start();
>echo "something";
>echo "something else";
>$string=ob_get_contents();
32 matches
Mail list logo
