473,320 Members | 1,978 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Sessions - Not working with IE

Forgive my ignorance, but I am just starting to learn about sessions in
PHP and how to pass data from one page to the next. What I'm about to
explain could just be my misunderstanding of how sessions work.

I have two test scripts. The first starts a session, displays a few
details and a form. When the form is submitted it jumps to the second
page. The first script looks like this.

<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Session test : Page 1</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"
/>
</head>
<body>
<ul>
<?php
$_SESSION['session_var'] = "testing";
echo "<li>Your session id is ".session_id()."</li>\n";
echo "<li>The SESSION array contains<br />\n";
print_r($_SESSION);
echo "</li>\n";
echo "<li>The SID is ".SID."</li>\n";
echo "<li>PHPSESSID = ".$PHPSESSID."</li>\n";
?>
</ul>
This is the test of the sessions feature
<form action="session2.php" method="post">
<input type="hidden" name="form_var" value="testing" />
<input type="submit" value="Go to next page" />
</form>
</body>
</html>

The second script displays the same variables as the first. In addition
it dislpays the value of a variable passed by the _$SESSION array and a
value passed via a form. It looks like this.

<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Session test : Page 2</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"
/>
</head>
<body>
<ul>
<?php
echo "<li>Your session id is ".session_id()."</li>\n";
echo "<li>The SESSION array contains<br />\n";
print_r($_SESSION);
echo "</li>\n";
echo "<li>The SID is ".SID."</li>\n";
echo "<li>PHPSESSID = ".$PHPSESSID."</li>\n";
echo "<li>session_var = {".$_SESSION['session_var']."}</li>\n";
echo "<li>form_var = {".$_POST['form_var']."}</li>\n";
?>
</ul>
</body>
</html>

When run under IE6, I get the following output.

Script 1

· Your session id is d7e201df8eb6ac9fd76915e53051666d
· The SESSION array contains
Array ( [session_var] =testing )
· The SID is PHPSESSID=d7e201df8eb6ac9fd76915e53051666d
· PHPSESSID =

Script 2

· Your session id is 40211048ab6869c74dc8e9dff6098dc0
· The SESSION array contains
Array ( )
· The SID is PHPSESSID=40211048ab6869c74dc8e9dff6098dc0
· PHPSESSID =
· session_var = {}
· form_var = {testing}

Note how the session id is different and the variable passed by the
_$SESSION array is blank.

When run under Firefox 2.0 I get the following;

· Your session id is 00802b0742fdb87cda553cba85027c30
· The SESSION array contains
Array ( [session_var] =testing )
· The SID is PHPSESSID=00802b0742fdb87cda553cba85027c30
· PHPSESSID =

and

· Your session id is 00802b0742fdb87cda553cba85027c30
· The SESSION array contains
Array ( [session_var] =testing )
· The SID is
· PHPSESSID =
· session_var = {testing}
· form_var = {testing}

This time, the session ids are the same and the variable is passed.

Any ideas why the difference?
With Firefox, why is SID populated on the first page and not the
second?
Why is PHPSESSID blank?

In case it helps, the values from the php.ini file for session are;

session.auto_start = 0
session.cache_expire = 180
session.cache_limiter = nocache
session.cookie_domain =
session.cookie_lifetime = 0
session.cookie_path = /
session.entropy_file =
session.entropy_length = 0
session.gc_maxlifetime = 1440
session.gc_probability = 1
session.name = PHPSESSID
session.referer_check =
session.save_handler = files
session.save_path = /tmp
session.serialize_handler = php
session.use_cookies = 1
session.use_trans_sid = 1

Regards
Steve Wright

Oct 26 '06 #1
7 2977
Steve Wright wrote:
Forgive my ignorance, but I am just starting to learn about sessions in
PHP and how to pass data from one page to the next. What I'm about to
explain could just be my misunderstanding of how sessions work.

I have two test scripts. The first starts a session, displays a few
details and a form. When the form is submitted it jumps to the second
page. The first script looks like this.

<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Session test : Page 1</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"
/>
</head>
<body>
<ul>
<?php
$_SESSION['session_var'] = "testing";
echo "<li>Your session id is ".session_id()."</li>\n";
echo "<li>The SESSION array contains<br />\n";
print_r($_SESSION);
echo "</li>\n";
echo "<li>The SID is ".SID."</li>\n";
echo "<li>PHPSESSID = ".$PHPSESSID."</li>\n";
?>
</ul>
This is the test of the sessions feature
<form action="session2.php" method="post">
<input type="hidden" name="form_var" value="testing" />
<input type="submit" value="Go to next page" />
</form>
</body>
</html>

The second script displays the same variables as the first. In addition
it dislpays the value of a variable passed by the _$SESSION array and a
value passed via a form. It looks like this.

<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Session test : Page 2</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"
/>
</head>
<body>
<ul>
<?php
echo "<li>Your session id is ".session_id()."</li>\n";
echo "<li>The SESSION array contains<br />\n";
print_r($_SESSION);
echo "</li>\n";
echo "<li>The SID is ".SID."</li>\n";
echo "<li>PHPSESSID = ".$PHPSESSID."</li>\n";
echo "<li>session_var = {".$_SESSION['session_var']."}</li>\n";
echo "<li>form_var = {".$_POST['form_var']."}</li>\n";
?>
</ul>
</body>
</html>

When run under IE6, I get the following output.

Script 1

· Your session id is d7e201df8eb6ac9fd76915e53051666d
· The SESSION array contains
Array ( [session_var] =testing )
· The SID is PHPSESSID=d7e201df8eb6ac9fd76915e53051666d
· PHPSESSID =

Script 2

· Your session id is 40211048ab6869c74dc8e9dff6098dc0
· The SESSION array contains
Array ( )
· The SID is PHPSESSID=40211048ab6869c74dc8e9dff6098dc0
· PHPSESSID =
· session_var = {}
· form_var = {testing}

Note how the session id is different and the variable passed by the
_$SESSION array is blank.

When run under Firefox 2.0 I get the following;

· Your session id is 00802b0742fdb87cda553cba85027c30
· The SESSION array contains
Array ( [session_var] =testing )
· The SID is PHPSESSID=00802b0742fdb87cda553cba85027c30
· PHPSESSID =

and

· Your session id is 00802b0742fdb87cda553cba85027c30
· The SESSION array contains
Array ( [session_var] =testing )
· The SID is
· PHPSESSID =
· session_var = {testing}
· form_var = {testing}

This time, the session ids are the same and the variable is passed.

Any ideas why the difference?
With Firefox, why is SID populated on the first page and not the
second?
Why is PHPSESSID blank?

In case it helps, the values from the php.ini file for session are;

session.auto_start = 0
session.cache_expire = 180
session.cache_limiter = nocache
session.cookie_domain =
session.cookie_lifetime = 0
session.cookie_path = /
session.entropy_file =
session.entropy_length = 0
session.gc_maxlifetime = 1440
session.gc_probability = 1
session.name = PHPSESSID
session.referer_check =
session.save_handler = files
session.save_path = /tmp
session.serialize_handler = php
session.use_cookies = 1
session.use_trans_sid = 1

Regards
Steve Wright
Hi Steve,

This is strange indeed.
Did you by any chance disable cookies on IE?

Also look for a ini value named:
session.use_only_cookies
(That one is added in version 4.3)

Or are you maybe using an older version of PHP?
(If so, please upgrade.)

Regards,
Erwin Moller
Oct 26 '06 #2


On Oct 26, 9:49 am, Erwin Moller
<since_humans_read_this_I_am_spammed_too_m...@spam yourself.comwrote:
Steve Wright wrote:
Forgive my ignorance, but I am just starting to learn about sessions in
PHP and how to pass data from one page to the next. What I'm about to
explain could just be my misunderstanding of how sessions work.
I have two test scripts. The first starts a session, displays a few
details and a form. When the form is submitted it jumps to the second
page. The first script looks like this.
[script snipped]
>
The second script displays the same variables as the first. In addition
it dislpays the value of a variable passed by the _$SESSION array and a
value passed via a form. It looks like this.
[Script snipped]
>
When run under IE6, I get the following output.
Script 1
· Your session id is d7e201df8eb6ac9fd76915e53051666d
· The SESSION array contains
Array ( [session_var] =testing )
· The SID is PHPSESSID=d7e201df8eb6ac9fd76915e53051666d
· PHPSESSID =
Script 2
· Your session id is 40211048ab6869c74dc8e9dff6098dc0
· The SESSION array contains
Array ( )
· The SID is PHPSESSID=40211048ab6869c74dc8e9dff6098dc0
· PHPSESSID =
· session_var = {}
· form_var = {testing}
Note how the session id is different and the variable passed by the
_$SESSION array is blank.
When run under Firefox 2.0 I get the following;
· Your session id is 00802b0742fdb87cda553cba85027c30
· The SESSION array contains
Array ( [session_var] =testing )
· The SID is PHPSESSID=00802b0742fdb87cda553cba85027c30
· PHPSESSID =
and
· Your session id is 00802b0742fdb87cda553cba85027c30
· The SESSION array contains
Array ( [session_var] =testing )
· The SID is
· PHPSESSID =
· session_var = {testing}
· form_var = {testing}
This time, the session ids are the same and the variable is passed.
Any ideas why the difference?
With Firefox, why is SID populated on the first page and not the
second?
Why is PHPSESSID blank?
In case it helps, the values from the php.ini file for session are;
session.auto_start = 0
session.cache_expire = 180
session.cache_limiter = nocache
session.cookie_domain =
session.cookie_lifetime = 0
session.cookie_path = /
session.entropy_file =
session.entropy_length = 0
session.gc_maxlifetime = 1440
session.gc_probability = 1
session.name = PHPSESSID
session.referer_check =
session.save_handler = files
session.save_path = /tmp
session.serialize_handler = php
session.use_cookies = 1
session.use_trans_sid = 1
Regards
Steve WrightHi Steve,

This is strange indeed.
Did you by any chance disable cookies on IE?

Also look for a ini value named:
session.use_only_cookies
(That one is added in version 4.3)

Or are you maybe using an older version of PHP?
(If so, please upgrade.)

Regards,
Erwin Moller
As far as I can tell, I have not disabled cookies. The website runs in
the trusted zone and the security level on that zone is set to "Low".
Is there any other settings I should be checking in IE6?

The session.use_only_cookies is not defined in the php.ini. According
to my book (APRESS Beginning PHP and MySQL5 by Jason Gilmore), the
default value for this is 0.
>From the phpinfo() call, the session section says the following
Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.hash_bits_per_character 4 4
session.hash_function 0 0
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path no value no value
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid 0

We are running PHP v5.0.4

I wouldn't mind if it worked under IE and not FF, but this is an
intranet application and IE6 is the company standard :-(

Oct 26 '06 #3
Cracked it!

Because I have access to work from home over a VPN, the company have
installed a firewall (Zone Alarm integrity client). This was blocking
the cookies.

As I am at work and behind the corporate firewall, I have shutdown my
local firewall. IE6 now works.

Interesting how IE6 was affected when the local firewall in in
operation, but Firefox wasn't.

Thanks for the help

Oct 26 '06 #4
In article <11**********************@m7g2000cwm.googlegroups. com>,
st***********@googlemail.com says...
Cracked it!

Because I have access to work from home over a VPN, the company have
installed a firewall (Zone Alarm integrity client). This was blocking
the cookies.

As I am at work and behind the corporate firewall, I have shutdown my
local firewall. IE6 now works.

Interesting how IE6 was affected when the local firewall in in
operation, but Firefox wasn't.

Thanks for the help

You should notify your tech support department - clearly they are not
aware their firewall doesnt work if Firefox is in use - if that is the
case your company doesn't actually have a firewall it has a bit of wet
tissue paper instead.
Oct 26 '06 #5
Steve Wright wrote:
Cracked it!

Because I have access to work from home over a VPN, the company have
installed a firewall (Zone Alarm integrity client). This was blocking
the cookies.

As I am at work and behind the corporate firewall, I have shutdown my
local firewall. IE6 now works.

Interesting how IE6 was affected when the local firewall in in
operation, but Firefox wasn't.

Thanks for the help
Hi Steve,

Glad you solved it, but check as 'readme' said why FF is working without
cookiefiltering.

I do not understand: why would a firewall filter cookies out?
Cookies are a normal part of a http-request.
What kind of 'security improvement' does that offer?
I don't get it.

Does the firewall also check the HTML for undesired text?
Does it add missing </td>'s?

Seriously, can anybody explain to me why a firewall filters cookies?

Regards,
Erwin Moller

Oct 26 '06 #6
In article <45*********************@news.xs4all.nl>,
si**********************************...y ourself.com says...
Steve Wright wrote:
Cracked it!

Because I have access to work from home over a VPN, the company have
installed a firewall (Zone Alarm integrity client). This was blocking
the cookies.

As I am at work and behind the corporate firewall, I have shutdown my
local firewall. IE6 now works.

Interesting how IE6 was affected when the local firewall in in
operation, but Firefox wasn't.

Thanks for the help

Hi Steve,

Glad you solved it, but check as 'readme' said why FF is working without
cookiefiltering.

I do not understand: why would a firewall filter cookies out?
Cookies are a normal part of a http-request.
What kind of 'security improvement' does that offer?
I don't get it.

Does the firewall also check the HTML for undesired text?
Does it add missing </td>'s?

Seriously, can anybody explain to me why a firewall filters cookies?

Regards,
Erwin Moller

Because cookies are dangerous.
Cookies have always been dangerous
cookies will always be dangerous
If anyone tells you different - they are wrong.
Oct 27 '06 #7
"holly" <ho*****@xmashouse.co.ukpíše v diskusním pøíspìvku
news:MP************************@news-text.blueyonder.co.uk...
In article <45*********************@news.xs4all.nl>,
si**********************************...y ourself.com says...
>Steve Wright wrote:
Because cookies are dangerous.
Cookies have always been dangerous
cookies will always be dangerous
If anyone tells you different - they are wrong.
Cookies are good and I'm right. Jam cookies, cottage cookies or poppy
cookies and tea ...

--

Petr Vileta, Czech republic
(My server rejects all messages from Yahoo and Hotmail. Send me your mail
from another non-spammer site please.)
Oct 27 '06 #8

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
by: Chewy509 | last post by:
Hi Everyone, I'll just start, and say I am not a PHP developer (I'm a sysadmin, who has gotten lumped with a non-working website). But since I like to do this type of stuff, I though I might...
7
by: John | last post by:
Hello. I want to get this blasted .htaccess file sorted out, so I can have sessions without register_globals being on. I have looked everywhere for info on this and I mean everywhere...
22
by: Theo | last post by:
Question for the group The authentication system for the site Im working on seems to function properly and all is good. A session keeps track of everything and a cookie is used to accept or deny...
3
by: Gary W | last post by:
Hello, I have used SESSIONS on mission critical pages on my site, and if sessions are not enabled / supoorted - these pages will fail. When and why would a session fail? They do not store any...
3
by: Will Woodhull | last post by:
Hi, I'm new here-- I've been reading the group for a couple of days. Nice group; I like the way n00b33 questions are handled. I've been using a Javascript routine in index.html to determine a...
0
by: Jerad Rose | last post by:
I have an odd scenario. I am working on a hybrid site that uses various development platforms, namely traditional ASP and Lasso (a Mac scripting language). The site uses its own custom sessions...
2
by: PulsarSL | last post by:
Hey I have a WAMP setup (windows/apache/mysql/php). I'm running the latest version of all of them with a default installation of all of them. PHP works great with apache (as a module, not...
1
by: Duncan | last post by:
I have a strange problem with sessions in PHP 5. I have a simple script that prints a random number both as a string and a picture on the screen. When I run the script for the first time, it works...
2
abdoelmasry
by: abdoelmasry | last post by:
Hi all i have problem while using sessions i was working with php4 on apache with This Functions: session_start(); session_register("username"); $username="abdoelmasry"; it was working...
13
Frinavale
by: Frinavale | last post by:
One of the most fundamental topics in web design is understanding how to pass information collected on one web page to another web page. There are many different ways you could do this: Cookies,...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.