--- Hardik Doshi <[EMAIL PROTECTED]> wrote:
> I read your article about session security on php magazine as well
> as on php architect. Both are very nice articles.
Thank you. :-)
> I would like to ask you what is the reason you are not suggesting
> to use IP address as one of the parts in genera
> > Nice article by the way, and I am indeed already
> using those same
> > methods to secure the user session. (I use SHA1 on
> the IP, PHPSESSIONID,
> > user agent, and a secret...)
>
> Thanks for the kind words. I must point out that
> you'll never see me
> suggesting to use the IP address for
--- Tim Traver <[EMAIL PROTECTED]> wrote:
> what I meant by the session data getting stored locally is that it is
> local to the web server, not locally on the client browser.
I see. My apologies.
Perhaps we should both refrain from using locally and instead use server
and client to be clear. :-)
Chris,
ok, let me start over a little bit...
what I meant by the session data getting stored locally is that it is local
to the web server, not locally on the client browser. I understand how
session variables work. I just said local, and i was thinking
server...sorry about that...
what i mea
On 8 Mar 2004 Tim Traver wrote:
> I sent a new session ID with the link to the new window like this :
>
>
>
> but all it does is change the current session id to the new one, so if I go
> back to the main window, it carries the new session into it.
I think this is trickier than it sounds. Ca
--- Tim Traver <[EMAIL PROTECTED]> wrote:
> I sent a new session ID with the link to the new window like this :
>
>
>
> but all it does is change the current session id to the new one, so if
> I go back to the main window, it carries the new session into it.
Yeah, you're only using one browser,
hthat didn't work.
I sent a new session ID with the link to the new window like this :
but all it does is change the current session id to the new one, so if I go
back to the main window, it carries the new session into it.
The reason I'm doing the access control through sessions is s
--- Tim Traver <[EMAIL PROTECTED]> wrote:
> As an administrator, you log in to the main application. session id's
> keep track that you are authenticated, and who you are.
>
> In the application, you can get a list of the other users on the
> system. From that user list, I want to be able to launc
Chris,
ok, here's what the application is about.
As an administrator, you log in to the main application. session id's keep
track that you are authenticated, and who you are.
In the application, you can get a list of the other users on the system.
From that user list, I want to be able to laun
--- Tim Traver <[EMAIL PROTECTED]> wrote:
> What I want to be able to do is to open a new window from my
> application that has a new session, without disturbing the current
> session.
Can you elaborate on this a little? This approach seems very odd to me,
and I feel certain that it must be unnece
I quess you should start another session with another name
session_name("newApp");
session_start();
Vincent
-Original Message-
From: Tim Traver [mailto:[EMAIL PROTECTED]
Sent: dinsdag 9 maart 2004 0:01
To: Jason Davidson
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] new sess
Hthat would mean that anywhere I used sessions I would have to
specify a window name, right ?
and where do I determine the window name ?
not sure that would work with what I want to do...I just want to start a
new window like I would start it if I opened a fresh IE window. Each of
thos
could create an array to hold the same session?
This may not at all be what your looking for, but ive used something
similar to this when building a wizard class to handle storing states
in wizard steps.
like
$_SESSION['mySessions']['WindowOne'] = array($userid, $loginTime, $etc)
$_SESSION['mySes
13 matches
Mail list logo
