My Auth code works locally but not on my host, and I'm debugging it to
find out, why not.
Except where noted, I'll be referring to my webhost's configuration.
I'm using a .htaccess "AddHandler " directive, to force php5
I notice with the help of phpinfo(), I'm locally using "Apache 2
Handler" but my host uses CGI.
session.auto_st art Off Off
I'm actually hosting this alpha site, wholly contained in a
subdirectory, but use relative references and links, so this should not
be an issue.
I do have access to logs.
The authentication will be used, for a business site, to determine the
user and which office and data they should have access to. Since my
host ruled out using "auto_prepend_f ile", I've come up with variation
that should be equally effective.
Structure is something like this:
Any file that has processing or reports that are office specific will
force authentication:
include('MyAcce ssControl.php") ; //(MAC) which consists of alot of
mixed mode php/html
The purpose of MAC is as follows:
- If you have a session and a user, use minimal processing and get
through
- If you don't provide an auth form ( with action, back to
$_SERVER['PHP_SELF'] )
also, loop (restrict or exit) until user-password values match to
those in DB
MAC psuedo code
session_start() ;
$user = get from $_SESSION or from $_POST
if (!isset(user)) provide form, etc
the key of course is action=$_SERVER['PHP_SELF'] which is not MAC
but the file that included MAC, ie: MyOfficeReport. php (MOR)
I'm not getting back to MOR, but I'm not getting any error either.
I'm getting a minimal html page, basically empty html-head-body
Pre test: Noted when 1st seeing the auth form, source had
PHPSESSIONID=.. . Looked good
One test: print to a file the basename($_SERV ER['PHP_SELF']) That
looked fine.
Two test: set up a session and user, then link to MOR, to see if it
would display correctly or show the Auth form ( it showed the auth
form ).
sorry for this explanation being long. Anyone have a suggestion on
this ? TIA 4 2259
I'm finding a few sources of problems in the CGI log ( of shared host )
Is this an Apache log, filtered by errors on my domain ?
Hoping to clean up and run error-free asap.
I had a few fatal errors, based on require("foo"), which I can fix,
but I'm concerned with this one at this point. see below
PHP Warning: Unknown: Failed to write session data (files). Please
verify that the current setting of session.save_pa th is correct
(/var/php_sessions) in Unknown on line 0
PHP Warning: Unknown:
open(/var/php_sessions/sess_cf7ce45dd2 a55dd3be34a1a66 6321330, O_RDWR)
failed: No such file or directory (2) in Unknown on line 0
seems pretty obvious, this is a hosting issue.
awebguynow wrote:
I'm finding a few sources of problems in the CGI log ( of shared host
) Is this an Apache log, filtered by errors on my domain ?
Hoping to clean up and run error-free asap.
I had a few fatal errors, based on require("foo"), which I can fix,
but I'm concerned with this one at this point. see below
PHP Warning: Unknown: Failed to write session data (files). Please
verify that the current setting of session.save_pa th is correct
(/var/php_sessions) in Unknown on line 0
PHP Warning: Unknown:
open(/var/php_sessions/sess_cf7ce45dd2 a55dd3be34a1a66 6321330, O_RDWR)
failed: No such file or directory (2) in Unknown on line 0
seems pretty obvious, this is a hosting issue.
Well, a configuration issue:
<?php
session_save_pa th('/a/path/that/does/exists');
?>
Which should be a path outside of the webroot (or at least protected by an
..htaccess file) that has writing permissions.
Further information to be found at: http://www.php.net/manual/en/ref.session.php
Grtz,
--
Rik Wasmus
I'm making note of your comments, Rik
and also noticing some of the PHP user notes:
session_save_pa th() required on every page that saves or accesses a
var.
also security concerns, by webmaster at gardenchemicals
It looks like path should be FQ path from root of machine.
I'll check on write permissions and best place to store sessions.
Cookie path, I assume would be relative to htdocs/
session.cookie_ path / /
session.save_pa th /var/php_sessions /var/php_sessions
awebguynow wrote:
I'm making note of your comments, Rik
and also noticing some of the PHP user notes:
session_save_pa th() required on every page that saves or accesses a
var.
Only if you use session_save_pa th() on any page. If php is configured
correctly it is not needed.
also security concerns, by webmaster at gardenchemicals
I saw that also and completely dismissed it for too many reasons to go
into here.
Remember - user notes are exactly that - USER NOTES. They do not
indicate the expertise level of whomever is posting the notes. And they
may or may not be accurate.
It looks like path should be FQ path from root of machine.
I'll check on write permissions and best place to store sessions.
Cookie path, I assume would be relative to htdocs/
session.cookie_ path / /
session.save_pa th /var/php_sessions /var/php_sessions
Best place for session data IMHO is /tmp. But others have different
opinions, also.
--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attgl obal.net
=============== === This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Xizor |
last post by:
Let's say I run a server. I have two people using the server. Bill and Joe.
Bill is at address.com/bill and Joe is at address.com/joe.
Let's say Joe and Bill are both using PHP with sessions on their web pages.
Let's say they both create the session variable $_SESSION. Each uses
yo for a different purpose.
Now we have a user accessing address.com. He goes to Bill's site and his
session his started with the $_SESSION created.
|
by: Rea |
last post by:
Hi!
I've searched high and low for this on the net but stil haven't found an
answer.
I'm trying to install both postnuke and xoops on a win2k server with php
4.3.3. and mysql installed.
Both applications are loading terribly slow. When the page finally has been
rendered I got the following error:
|
by: |
last post by:
I have a problem with session in my version of PHP
I use WinXP (FAT32), Apache, latest PHP.
In Linux, Apache, latest PHP instead it works fine!
So, my program is:
----------------In Windows returns always NULL!---------------
<?php
session_start();
var_dump($_SESSION);
$_SESSION = 'value';
?>
|
by: Mimi |
last post by:
Hello,
I am having trouble using the session vars in
PHP 4.3.9
OS: Win XP Prof
Web Server IIS (is local and there are no links to other servers from
the web pages I work on)
Browser: IE 6.0
The problem I am having is that each time I reload the same PHP page, I get
|
by: jrefactors |
last post by:
When we open a new web browser, all the windows that are open from that
web browser belong to the same session. However, if we open a new web
browser, then it will be different sessions. Is that the correct
concept?
Another question is if session id is generated by the web server?
Session ID is determined by the cookies? Otherwise, how can the web
server know this is new session, or old session?
| |
by: bajopalabra |
last post by:
hi
session("myVar") = rs.getRows( )
don't work when number of records
is greater than 10
does anybody know WHY ???
is it a Session object limitation ???
thanks
|
by: Abhilash.k.m |
last post by:
This is regarding the session management using Out of
proc session management(SQL SERVER). Among the samples
below which one is better to set the session?
1. There are 20 session variables and all of them
are being stored into session and accessed from session
and individual session object. Example: Session
= "XYZ", Session=100, Session="NAME", etc.
|
by: Just D. |
last post by:
Do we have any access to the Session object from a different Session? The
idea is to save Session of a current user and then if he logs in again
then return the Session back. It's not a problem to store, there is only one
complicated object in this Session, but to get it on SessionStart to make
a copy this is a problem.
Maybe using Application or whatever? Or this data is divided and
inaccessible anyway?
Just D.
|
by: Gavin Lyons via .NET 247 |
last post by:
Hello,
I'm writing a newsletter application which uses backgroundthreading. I'm using Session variable to report on progresswhile it loops through a dataset. The 'Status.aspx' pagerefreshes every 5 seconds while outputing the Session variables.My problem is, once the page redirects to 'Status.aspx' its showthe that's it only gets half through the dataset. If I increaseThread.Sleep to 2000 goes all the way through. I don't get anyerror...
|
by: Simon Smith |
last post by:
Hi,
I have a web application in which I need to restrict user access to 1
session per user. I've done this my creating a cache entry when a user logs
in, and checking on subsequent logins for that entry, and refusing access if
the user is already present.
However, this gives me a problem if the user forgets to log out, as they
then need to wait until the session time out before they can log in again.
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |