Kevin Murphy wrote:
I've got a site (password protected, sorry) where I have this in the top
of my template:
session_start();
$iSessionId = session_id();
$iSessionName = session_name();
Then I have a bunch of links like this in the site:
echo "Departments";
The first time, and on
On Wed, August 16, 2006 10:56 pm, Michael B Allen wrote:
> On Thu, 17 Aug 2006 12:06:08 +1000
> Chris <[EMAIL PROTECTED]> wrote:
>
>> Michael B Allen wrote:
>> > Searching through the logs and browsing my site (see sig) I
>> sometimes see
>> > PHPSESSID is used as opposed to cookies. I know it's no
On Wed, August 16, 2006 8:44 pm, Michael B Allen wrote:
> Searching through the logs and browsing my site (see sig) I sometimes
> see
> PHPSESSID is used as opposed to cookies. I know it's not simply that
> the
> client doesn't support cookies because I can see the same IP
> transition
> to and fro
On Thu, 17 Aug 2006 12:06:08 +1000
Chris <[EMAIL PROTECTED]> wrote:
> Michael B Allen wrote:
> > Searching through the logs and browsing my site (see sig) I sometimes see
> > PHPSESSID is used as opposed to cookies. I know it's not simply that the
> > client doesn't support cookies because I can s
On Thu, 17 Aug 2006 14:26:17 +1000
Chris <[EMAIL PROTECTED]> wrote:
> Michael B Allen wrote:
> > On Thu, 17 Aug 2006 12:06:08 +1000
> > Chris <[EMAIL PROTECTED]> wrote:
> >
> >> Michael B Allen wrote:
> >>> Searching through the logs and browsing my site (see sig) I sometimes see
> >>> PHPSESSID
Michael B Allen wrote:
On Thu, 17 Aug 2006 12:06:08 +1000
Chris <[EMAIL PROTECTED]> wrote:
Michael B Allen wrote:
Searching through the logs and browsing my site (see sig) I sometimes see
PHPSESSID is used as opposed to cookies. I know it's not simply that the
client doesn't support cookies be
Michael B Allen wrote:
Searching through the logs and browsing my site (see sig) I sometimes see
PHPSESSID is used as opposed to cookies. I know it's not simply that the
client doesn't support cookies because I can see the same IP transition
to and from using PHPSESSID. Can someone explain why th
[snip]
ini_set('session.use_trans_sid', '0');
[/snip]
I think, at least according to the manual
session.use_trans_sid can only be set in php.ini, .htaccess or
httpd.conf
http://www.php.net/ini_set look at session.use_trans_sid
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe,
Sorry, but I tried this : session.use_cookies = 0 in php.ini
and I have always the bug.
And if I use htmldoc on command line with same args it works fine.
Could php forbidden using of PHPSESSID ?
Nicolas
Le mar 23/03/2004 à 16:37, Raditha Dissanayake a écrit :
> Guillouet Nicolas wrote:
>
>
Guillouet Nicolas wrote:
Hi,
I discover a surprising thing with PHPSESSID, I try something like this
:
$var="htmldoc -t html --quiet ''
'https://login:[EMAIL
PROTECTED]/file.php?documentIdent=157&typeAffiche=3&PHPSESSID=068dd351a106bb6ead80e11a27f75100'";
echo 'var='.$var;
passthru($var);
passt
phpsessid is the default name of the session cookie sent from the browser to
PHP. So it becomes part of the $_COOKIE array, which PHP automatically
turns into a global variable for you.
Therefore I use $_COOKIE['phpsessid'] to retrieve it.
But often I use session_name() to replace phpsessid with
--- Kris Yates <[EMAIL PROTECTED]> wrote:
> What php.ini setting causes the following:
>
> A link in a document index gets
> modified by PHP, so that the end-user sees
> index
>
> in the source? How do you turn this off?
session.use_trans_sid = 1
Make that 0.
Chris
=
Become a better Web d
On Wednesday 16 July 2003 22:45, Kris Yates wrote:
> What php.ini setting causes the following:
>
> A link in a document index gets modified by PHP,
> so that the end-user sees
> index
>
> in the source? How do you turn this off?
session.use_trans_sid
--
Jason Wong -> Gremlins Associates -> www.
Hi Henrik,
Take a look at session_id, you can use it to get or set the session id.
Using some of my random generation functions I juse 72 to 96 character
session ids for my more secure PHP applications. Remember if you want
it to remain secure you need to pass it through SSL, longer keys do no
> I'm working on securing my application, and am running into a slight
issue
> that I cannot seem to find a fix for. If the attacker changes his
> PHPSESSID
> cookie to contain illegal characters, it causes an error on the screen
> upon
> session_start().
>
> How can I check to see if this is a va
I think it might have something to do with --enable-trans-sid
read up on that
Jim
- Original Message -
From: "Liam Gibbs" <[EMAIL PROTECTED]>
To: "php list" <[EMAIL PROTECTED]>
Sent: Friday, March 07, 2003 8:45 PM
Subject: [PHP] $PHPSESSID
First of all, thanks all who helped with the mi
At 05:45 08.03.2003, Liam Gibbs said:
[snip]
>Here's the newest brain teaser: I have cookies disabled (well, I have IE set
>to the highest security mode, where it disables cookies). I understand that
>with cookies enabled, $PHPSESSID will return nothing whe
On Thursday 29 August 2002 08:00, Todd Pasley wrote:
> > On a clients first visit to a site, the PHPSESSID gets written into the
> > URL, but not on any additional requests.
> >
> > Has anyone had this problem? It wasn't happening before the upgrade.
> >
> > Running:
> >
> > Redhat 7.3
> > PHP 4.
>
> On a clients first visit to a site, the PHPSESSID gets written into the
> URL, but not on any additional requests.
>
> Has anyone had this problem? It wasn't happening before the upgrade.
>
> Running:
>
> Redhat 7.3
> PHP 4.2.2
> Apache 1.3.26
The same thing happens to me, however, sessions
Actually, over the weekend, I started using sessions in my scripts.
All I did was start it using session_start();
I only noticed this behaviour using Opera 6.02 Linux browser running
under FBSD 4.6-Stable.
(It may have happened in mozilla 1.0 r3, but I may have not paid
attention to it).
I load
On Tuesday 09 April 2002 17:20, Nick Wilson wrote:
> Hi all
> I've just moved host and I'm getting a very ugly PHPSESSID string
> appended to my url's
This happens when php is compiled with the "--enable-trans-sid" option.
> I know this can be fixed but can't remember how, my ISP is not so brig
JNT> If I do this:
JNT> echo $PHPSESSID;
I've encountered the same when instaling the Mandrake Linux 8.1 with a
precompiled php - also 4.1.0.
Sessions just doesn't seem to work no matter how I access them.
I installed Redhat 7.1 on my server again, and left the problem for my
ISP.
Kind reg
Hi
One way is or if cookies aren't used try
$PHPSESSID seems to only get set if it comes back as a cookie
Tom
At 04:39 AM 18/12/01, Julio Nobrega Trabalhando wrote:
> Hi All,
>
> I have a few scripts using $PHPSESSID to softly disable cookies
>requirement on some pages. I just installed PH
If the user's browser does not support the session cookie like it should,
PHP will automatically "rewrite" your url's and add "?PHPSESSID=".
So you don't need to force PHPSESSID to be sent, but you could always just
add ?PHPSESSID= onto all the urls you want.
It's just really ugly that way.
--
othing changed, look for a second evil twin of php.ini
-Ben
-Original Message-
From: trogers [mailto:[EMAIL PROTECTED]]
Sent: Sunday, April 08, 2001 6:59 PM
To: 'PHP General List. (E-mail)'
Subject: Re: [PHP] PHPSESSID sticks to every link after upgrate of
Apache/PHP
Hi
You will proba
Hi
You will probably need to make clean and rebuild php config and do a new
make against the new version of apache.
Just a guess
Tom
At 12:28 PM 5/04/01 +0900, Maxim Maletsky wrote:
>
>Hello,
>
>my co-worker has reinstalled Apache and PHP over the last night.
>
>The Apache was upgraded to the ne
Hm...what browser are you using to test the site?
By using the trans_id option I believe that tells PHP to append the sessid
into the url if the cookie is not being accepted.
Try turning it off and trying it, and you may need to comment out the
url.rewriter thing directly under that option.
Tr
Maxim Maletsky wrote:
>
> Site uses sessions and, somehow, after this upgrade started carrying
> PHPSESSID through HREF.
Sounds to me like php was compliled with the --enable-trans-sid option
which does exactly that.
Just a guess.
Regards
Joseph
--
PHP General Mailing List (http://ww
>Where is the temp session file held at? I have a script that uses sessions
but I can't find the session file.
>My php.ini file indicates that the session.save_path = c:\php\sessiondata
but there is not any files there when there should be.
Change those \ to / and keep all the players happy.
>It
29 matches
Mail list logo
