Hi Folk
Forgive me for asking such a basic question... I have a site where I want to
track the user from start till end... To do this, I have setup the
following structure for each page, referring to startup.php, where the
session is managed. Can anyone check that I am doing it right. I thought I
was doing it right, but then the site started doing really, really funny
stuff, basically loosing track of sessions ...
I want my application to be as portable as possible, so I want to override
all the php.ini values that are important.
Thanks in advance (TIA)
- Nicolaas
<?php
include_once("startup.php");
if ( !startup( ) ) {
die("could not load application");
}
...
...//page content here
...
echo '<a href="testme.php?'.sid(false).'">link one on the page</a>';
echo '<a href="testme.php?a=3'.sid(true).'">link two on the page</a>';
....
....//more page content here
....
?>
/*startup.php file: */
//function to start session
function startup() {
$expiry = 60 * 60 * 24 * 1000;
ini_set('session.cache_limiter', 'nocache');
ini_set('session.use_trans_sid', 1);
ini_set('arg_separator.output', "&");
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 0);
setcookie("CookieTest", "t"); //set a cookie so next time we know if the
user can do cookies
ini_set('session.cookie_lifetime', $expiry);
session_start();
}
//function to include session ID in case they do not accept cookies
function sid($withamp) {
if($_COOKIE["CookieTest"] == "t") {
return '';
}
$s = session_id();
if($s) {
if($withamp) {
$v = '&';
}
$v .= 'PHPSESSID='.$s;
return $v;
}
}
/* end of startup.php */ 14  1762 
On Sun, 6 Nov 2005 11:09:58 +1300, windandwaves <wi*********@coldmail.com>
wrote: Hi Folk
Forgive me for asking such a basic question... I have a site where I
want to
track the user from start till end... To do this, I have setup the
following structure for each page, referring to startup.php, where the
session is managed. Can anyone check that I am doing it right. I
thought I
was doing it right, but then the site started doing really, really funny
stuff, basically loosing track of sessions ...
I want my application to be as portable as possible, so I want to
override
all the php.ini values that are important.
Thanks in advance (TIA)
- Nicolaas
<?php
include_once("startup.php");
if ( !startup( ) ) {
die("could not load application");
}
...
...//page content here
...
echo '<a href="testme.php?'.sid(false).'">link one on the page</a>';
echo '<a href="testme.php?a=3'.sid(true).'">link two on the page</a>';
...
...//more page content here
...
?>
/*startup.php file: */
//function to start session
function startup() {
$expiry = 60 * 60 * 24 * 1000;
ini_set('session.cache_limiter', 'nocache');
ini_set('session.use_trans_sid', 1);
ini_set('arg_separator.output', "&");
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 0);
setcookie("CookieTest", "t"); //set a cookie so next time we know if the
user can do cookies
ini_set('session.cookie_lifetime', $expiry);
session_start();
}
session_start() should first in output to browser. Try to place
thesetcookie() after session_start().
//function to include session ID in case they do not accept cookies
function sid($withamp) {
if($_COOKIE["CookieTest"] == "t") {
return '';
}
$s = session_id();
if($s) {
if($withamp) {
$v = '&';
}
$v .= 'PHPSESSID='.$s;
return $v;
}
}
/* end of startup.php */
--
Exact Meta Search | Major Search Engine http://exactsearcher.com
Berimor wrote:
...... session_start() should first in output to browser. Try to place
thesetcookie() after session_start().
Ok, interesting ;-) Can you explain me why that is? Just so that I
understand.. Will do
//function to include session ID in case they do not accept cookies
function sid($withamp) {
if($_COOKIE["CookieTest"] == "t") {
return '';
}
$s = session_id();
if($s) {
if($withamp) {
$v = '&';
}
$v .= 'PHPSESSID='.$s;
return $v;
}
}
/* end of startup.php */
On Sun, 6 Nov 2005 14:49:20 +1300, windandwaves <wi*********@coldmail.com>
wrote: Berimor wrote:
..... session_start() should first in output to browser. Try to place
thesetcookie() after session_start().
Ok, interesting ;-) Can you explain me why that is? Just so that I
understand.. Will do
the PHP Manual says
" ... Note: If you are using cookie-based sessions, you must call
session_start() before anything is output to the browser.
"
the nature of sesion mechanism is more complex than just cookie. You can
set cookie at any place of script - you just make easy operation - write
the information to broweser's cookie. When session starts it uses cookie
only to save session identificator but behind the curtains huge piece of
work being done - session prepares the, so called, session environment. I
have never dig it deeply though :)
Let mne know if this helped.
//function to include session ID in case they do not accept cookies
function sid($withamp) {
if($_COOKIE["CookieTest"] == "t") {
return '';
}
$s = session_id();
if($s) {
if($withamp) {
$v = '&';
}
$v .= 'PHPSESSID='.$s;
return $v;
}
}
/* end of startup.php */
--
Exact Meta Search | Major Search Engine http://exactsearcher.com
I dont know why PHP is so picky, but on the top of every page i write
that requires sessions the very first line is
<?php session_start(); ?>
and then i do everything else in a new <?php ?> block. I spent about 2
days figuring that out when i was teaching myself PHP and found that
was the best way to do it. If anyone else knows a different method
then please let me know.
-Rick
----------------------------
Looking for a place to drink tonight? Visit HappyHourHotSpots.com!
Berimor wrote: the nature of sesion mechanism is more complex than just cookie. You
can set cookie at any place of script - you just make easy operation -
write the information to broweser's cookie.
Actually, a cookie is part of the header. So cookies must be sent before
content http://dk2.php.net/setcookie
Message-ID: <43***********************@dtext01.news.tele.dk> from myname
contained the following: the nature of sesion mechanism is more complex than just cookie. You
can set cookie at any place of script - you just make easy operation -
write the information to broweser's cookie.
Actually, a cookie is part of the header. So cookies must be sent before
content
Cookies are sent by the client to the server as long as they have
previously been set by the server . A cookie cannot be set and sent
simultaneously. I find this confuses the hell out of my students...
--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
> Cookies are sent by the client to the server as long as they have previously been set by the server . A cookie cannot be set and sent
simultaneously. I find this confuses the hell out of my students...
Sure, do doubt.
But if you read whole thread, problem was about SETTING session variable
and cookies, not sending.
So, if setcookie() was called before session_start() - sure there will be
a problem registering session in your browser - mean writing session ID to
it.
If php ini file set correct the interpretator will rise error.
--
---
Exact Meta Search | Major Search Engine http://exactsearcher.com
On Mon, 07 Nov 2005 09:17:27 +0200, myname <none@invalid> wrote: Actually, a cookie is part of the header. So cookies must be sent before
content
http://dk2.php.net/setcookie
its Manual!!!
the PHP Manual says
" ... Note: If you are using cookie-based sessions, you must call
session_start() before anything is output to
the browser.
"
---
Exact Meta Search | Major Search Engine http://exactsearcher.com
Berimor wrote: its Manual!!!
the PHP Manual says
" ... Note: If you are using cookie-based sessions, you must call
session_start() before anything is output to
the browser.
"
I was referring to the part where you said:
"You can set cookie at any place of script"
That is only true, as long there has not been sent anything to the
client. Or if using output buffering
On Mon, 07 Nov 2005 14:13:37 +0200, myname <none@invalid> wrote: Berimor wrote:
its Manual!!!
the PHP Manual says
" ... Note: If you are using cookie-based sessions, you must call
session_start() before anything is output to
the browser.
"
I was referring to the part where you said:
"You can set cookie at any place of script"
That is only true, as long there has not been sent anything to the
client. Or if using output buffering
sure - i always use buffering.
Note: As of PHP 4, you can use output buffering to send output prior to
the call of this function, with the overhead of all of your output to the
browser being buffered in the server until you send it. You can do this by
calling ob_start() and ob_end_flush() in your script, or setting the
output_buffering configuration directive on in your php.ini or server
configuration files.
--
---
Exact Meta Search | Major Search Engine http://exactsearcher.com
windandwaves wrote:
<snip> . Can anyone check that I am doing it right. I thought I
was doing it right, but then the site started doing really, really funny
stuff, basically loosing track of sessions ...
I want my application to be as portable as possible, so I want to override
all the php.ini values that are important.
<snip> echo '<a href="testme.php?'.sid(false).'">link one on the page</a>';
echo '<a href="testme.php?a=3'.sid(true).'">link two on the page</a>';
<snip> /*startup.php file: */
//function to start session
function startup() {
$expiry = 60 * 60 * 24 * 1000;
ini_set('session.cache_limiter', 'nocache');
ini_set('session.use_trans_sid', 1);
I couldn't find errors in the code. But,
ini_set('session.use_trans_sid', 1) is possible only in PHP 5.
<snip> //function to include session ID in case they do not accept cookies
function sid($withamp) {
<snip>
This looks overkill. You don't have to append the URL's manually
when you use trans sid.
--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/
HappyHourHotSpots.com wrote: I dont know why PHP is so picky, but on the top of every page i write
that requires sessions the very first line is
<?php session_start(); ?>
and then i do everything else in a new <?php ?> block. I spent about
2 days figuring that out when i was teaching myself PHP and found that
was the best way to do it. If anyone else knows a different method
then please let me know.
-Rick
----------------------------
Looking for a place to drink tonight? Visit HappyHourHotSpots.com!
I dont think you have to. I think you had some script that accidentally
outputted something (e.g. a line or a space).
My scripts go like this
<?php
session_start();
...
.....
....
?>
and it works fine.
R. Rajesh Jeba Anbiah wrote: windandwaves wrote:
<snip> . Can anyone check that I am doing it right. I thought I
was doing it right, but then the site started doing really, really
funny stuff, basically loosing track of sessions ...
I want my application to be as portable as possible, so I want to
override all the php.ini values that are important. <snip> echo '<a href="testme.php?'.sid(false).'">link one on the page</a>';
echo '<a href="testme.php?a=3'.sid(true).'">link two on the
page</a>';
<snip> /*startup.php file: */
//function to start session
function startup() {
$expiry = 60 * 60 * 24 * 1000;
ini_set('session.cache_limiter', 'nocache');
ini_set('session.use_trans_sid', 1);
I couldn't find errors in the code. But,
ini_set('session.use_trans_sid', 1) is possible only in PHP 5.
hmmm, i kept wondering why it did not work. I am using php 4.2
<snip> //function to include session ID in case they do not accept cookies
function sid($withamp) {
<snip>
This looks overkill. You don't have to append the URL's manually
when you use trans sid.
see above. If use_trans_sid does not work then I will have to manually add
the session IDs for people without cookies???
Thanks for the reply. Much appreciated.
- Nicolaas
Berimor wrote:
..... Note: As of PHP 4, you can use output buffering to send output prior
to the call of this function, with the overhead of all of your output
to the browser being buffered in the server until you send it. You
can do this by calling ob_start() and ob_end_flush() in your script,
or setting the output_buffering configuration directive on in your
php.ini or server configuration files.
I just started to use this. It is absolutely f. brilliant! I now delete
any extra spaces in my html using this system using the function below:
function trimmer($buffer) {
$buffer = preg_replace("/[\r\n]+[\s\t]*[\r\n]+/","\n",$buffer); //strip
blank lines (blank, with tab or whitespaces)
$buffer = trim(str_replace("\r\n", " ", $buffer)); //removes line-breaks
$buffer = trim(str_replace("\n", " ", $buffer));
$buffer = trim(str_replace("\t", " ", $buffer)); //removes tabs
$buffer = trim(eregi_replace(" +", " ", $buffer)); //removes spaces
return $buffer;
}
Works a treat. It makes the loading funny, because before I used this
function, I would slowly see the page being developed on the screen, while
now, you see a blank space for about a second and then the whole page shows
up at once. Something I also noticed on www.cnn.com, while my local
newspaper www.stuff.co.nz does it my old way (you slowly see the page being
build). This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Paul |
last post by:
Hmmm, didn't seem to work. I have set session.use_cookies = 1 and
session.use_trans_sid = 1 in my php.ini file. Index.php contains:...
|
by: mrbog |
last post by:
Tell me if my assertion is wrong here:
The only way to prevent session hijacking is to NEVER store
authentication information (such as name/password) in the session.
Well, to never authenticate...
|
by: mudge |
last post by:
I'm running PHP Version 4.3.10. I'm trying to make it so that when a
person logs in using a user name and password that their session is
valid and continues for a few months so they don't have to...
|
by: doltharz |
last post by:
Please Help me
i'm doing something i though was to be REALLY EASY but it drives me
crazy
The complete code is at the end of the email
(i mean newsgroup article),
i always use Option...
|
by: Mark |
last post by:
Ok, I know that .net inherently does not share session data across asp.net
projects, but is there any decent work around to this.
We already have a big chunk of our application using the asp.net...
|
by: Vishal |
last post by:
Hello,
can anybody tell me how I can extend the session
expiry time? Is it done via code or via IIS? Sorry I am
new and dont know about this.
|
by: BillE |
last post by:
Some ASP.NET applications use Session Variables extensively to maintain
state.
These should be re-written to use viewstate, hidden fields, querystring,
etc. instead.
This is because if a user...
|
by: Gordon Burditt |
last post by:
I had this idea about preventing session fixation, and I'm wondering
what anyone else thinks about it. The idea is, essentially, don't
allow session ids that YOUR PHP didn't generate (and aren't...
|
by: Control Freq |
last post by:
Hi,
Not sure if this is the right NG for this, but, is there a convention
for the variable names of a Session variable?
I am using .NET 2.0 in C#. I am new to all this .NET stuff, So, any...
|
by: MrHelpMe |
last post by:
Hello again all,
I've finished my whole application and now I don't like the whole
session variables that I am using. I have a form, user fills in info
clicks submit and using CDOSYSMail an...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
