I own a gaming website. From time to time I need to suspend users for different reasons. They cheat or they are bad users with bad intention. After suspending users, they can't login anymore on my site, until the suspend period expire. However, after suspending an user he still can acces the site, can chat with other users, can create f...
how do you check if a user already has logged in? so that if a user in another browser cant log in with the same account. also, is this a good solution or should i let the user log in in the other browser and then log out the current user and display a message (you are logged in from another location) just like messenger does? ...
Is it safe to store sensitive data inside a session variable? Or can it be modified by the client? ...
Hello. We have a private site for customers. Clients often tell us that they see profile of another user. Our authentication procedure looks like this: credentials -> check the DB table -> UserId saved in Session. As I understand, the user somehow switches to another user's session. Can anyone name at least one possibility for it? ...
When hibernate closes a session, the purpose of close is basically to close the underlying connection and the clean up the first level cache. Why the flush also does not happens automatically here? ...
Hello, My questions regards DCOM servers and windows sessions: I have a windows service, running in win 2008 platform. on some scenarios, this service has to show some UI (Open a window). Despite the ugly design , it is the service it self that has to trigger the window opening. In order to do so, i have a DCOM server that is created ...
When I click on my Login link it takes me to the Login.aspx page in the same browser session as expected. But when I click on a page the user needs to be authenticated to see, it redirects to the login.aspx page in a new browswer tab. Thus it now has two tabs open. Anybody know how to stop this behavior? I would like the app to switch...
How can foreach loop affect session variable? session_start(); $_SESSION[test] = "Session content"; echo $_SESSION[test].'<br />'; $test_array = array("test", "array", "something", "array end"); foreach($test_array as $test){ echo $test.'<br />'; } echo '<br />Session content after foreach: '.$_SESSION[test].'<br />'; When I ru...
Hi, I have an application with multiple regions and various incoming links. The premise, well it worked before, is that in the app_controller, I break out these incoming links and set them in the session. So I have a huge beforeFilter() in my *app_controller* which catches these and sets two variables in the session. Viewing.region and...
Pretty obvious from the title I guess :) Well, problem is that if user is uploading a big file, his session might timeout in that time. How could I prevent session timeouts? I am using Struts2 with AjaxUpload. ...
I have problem storing a big queryset in the session. This queryset is from a search and I need to store it for paginate inside every result. This is the code in my view: c = queryset.order_by('-order') request.session['query_search'] = c You can see an example in my site: http://www.lukmi.com/classifieds/chicas/escorts/barcelona/ Th...
Hi, I am building a large, multi-area MVC project. (MVC 2 Beta). I have a session wrapper class, in its own project, MySession, that looks like this: Public Class MySession Private Shared _userlist As String = "UserList" Public Shared Property UserList() As IList Get If HttpContext.Current.Session(_userlist) Is Nothing ...
I save some important info in $_SESSION, not in $_COOKIE. So, my question, is it dangerous? Or hacker is not able to edit $_SESSION and I'm fine? Thank you. edited: By the way, is it possible also to edit $_COOKIE? I heard yes, but if yes, then how? ...
Is there a way to mock/fake the session object in ASP.Net Web forms when creating unit tests? I am currenclty storing user details in a session variable which is accessed by my business logic. When testing my business logic, in isolation, the session is not available. This seems to indicate a bad design (though im not sure). Should the...
Here's my Application.cfc code: < cfcomponent> < cfset this.applicationname="cfGossip"> < cfset this.applicationname="true"> < cfset this.sessionManagement = true /> < /cfcomponent> My session is called "Session.MM_Username" I want to 'kill' it when a browser is closed. How do I do this? Can somebody try construct the code for ...
Manual page tells about bunch of advantages of the J2EE session management (SM) over the ColdFusion SM, but what about other side? Which problems can appear when using J2EE SM? Also, if J2EE SM is so cool, why ColdFusion SM is still default? I can see one obvious reason: backwards compatibility. And this is typical for Adobe. Same time...
I was listening .Net Rocks! podcast (with Scott Hunter) where it was mentioned about session compression. I wonder how can I achieve the session compression in Java? ...
Is it possible to access data in other users sessions than the sessions which is active with the currently connecting client ($_SESSION)? If so, how? ...
Hello, Is storing username & password of the user in a cookie a good practice? I really want to know how big websites like (Facebook, digg, twitter) handle this. My code is like that: <?php $username = mysql_real_escape_string($_POST['username']); $password = md5($_POST['password']); ?> After every successful login i store the $use...
If I type http://example.com and login to my site and close my browser, re-open it and retype http://example.com then I am logged in. However, when I type http://example.com, login, close the browser, re-open it, type http://www.example.com then I am NOT logged in. I do not use ASP .NET authentication classes. I run IIS 6 with both ex...