|
by: mrbog |
last post by:
Tell me if my assertion is wrong here:
The only way to prevent session hijacking is to NEVER store
authentication information (such as name/password) in the session.
Well, to never authenticate a user from information you got from the
session. Each secure app on a site must challenge the user for name
and password, each and every time the user accesses it (not just once
and then store it in the session). If a secure app is multi-page,...
|
by: Robert Tweed |
last post by:
Does anyone know a good resource discussing the issues involved in session
theft? I've read a couple, but none that really address the problem apart
from acknowledging that it is a problem; you just don't seem to be able to
do much about it.
Does anyone have some tried-and-tested measures for preventing session
theft, that aren't already built into PHP? For that matter, what measures
_are_ already built into PHP? Are there significant...
|
by: Vishal |
last post by:
Hello,
can anybody tell me how I can extend the session
expiry time? Is it done via code or via IIS? Sorry I am
new and dont know about this.
|
by: Just D. |
last post by:
Do we have any access to the Session object from a different Session? The
idea is to save Session of a current user and then if he logs in again
then return the Session back. It's not a problem to store, there is only one
complicated object in this Session, but to get it on SessionStart to make
a copy this is a problem.
Maybe using Application or whatever? Or this data is divided and
inaccessible anyway?
Just D.
|
by: jensen bredal |
last post by:
Hello,
i'm struggling with a somehow badly understood session scenario.
I provide acces to my pages based on form authentication using
Session cookies.
Som of my pages are supposed to be running continuously and refreshing once
an hour.
I there set timeout= 61 in <sessionState section and on my page it says
<meta http-equiv="refresh" content="3600">.
I also set timeout=120 in the <forms section of web.config to make sure
|
|
by: Alexander Widera |
last post by:
hi,
who has seen the follow problem or could help please?
i visit a page .... i read a sesssion-var . ... everythink works...... i
visit the page again..... error ... the sessionvar is null .... i visit
again .... null ... again .... it works ..... again ... it works ... again
..... null....... and so on and on ....
it does randomly work or not....
what is this effect?
|
by: tshad |
last post by:
I have been using the default session state (InProc) and have found that I
have been loosing my information after a period of time (normally 20
minutes).
Is there anyway to find out how much more time I have on a session?
If I do a refresh, does reset the session clock?
Do you have have to go to another page to reset the session timeout or will
a postback also do it? This is important as we have a few pages that a user
|
by: ari |
last post by:
hey all,
i'm trying to make my app as stateless as possible. is it ok to create a
dataset and store in viewstate and whenever the user decides to select a from
that dataset, to move from viewstate, to session, and on the details page
back to viewstate. Or does that sound like too much work?
thanks,
ari
|
by: Mr Newbie |
last post by:
I have written a Custom Control Menu. Its fairly simple but it works well
enough. In order to simplify things I decided to store the Menu1 custom
control in Session. In the page load event below, it retreives the Menu
from session and assigns its reference to Menu1.
Within the Page_Load event I can see its internal values which have been
retreived for each menu item and so it looks good. However, when the Render
method is called of...
|
by: =?Utf-8?B?RGF2aWQgVGhpZWxlbg==?= |
last post by:
I tried:
<sessionState timeout="1">
</sessionState>
bounced IIS, and after 1 minute still had a session.
???
--
thanks - dave
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
|