session

Kill ASP .NET user session from admin session

I own a gaming website. From time to time I need to suspend users for different reasons. They cheat or they are bad users with bad intention. After suspending users, they can't login anymore on my site, until the suspend period expire. However, after suspending an user he still can acces the site, can chat with other users, can create f...

check if a users has already logged in?

how do you check if a user already has logged in? so that if a user in another browser cant log in with the same account. also, is this a good solution or should i let the user log in in the other browser and then log out the current user and display a message (you are logged in from another location) just like messenger does? ...

sensitive data storage in sessions?

Is it safe to store sensitive data inside a session variable? Or can it be modified by the client? ...

ASP.NET session switching.

Hello. We have a private site for customers. Clients often tell us that they see profile of another user. Our authentication procedure looks like this: credentials -> check the DB table -> UserId saved in Session. As I understand, the user somehow switches to another user's session. Can anyone name at least one possibility for it? ...

Why hibernate session.close() does not flushes the data automatically?

When hibernate closes a session, the purpose of close is basically to close the underlying connection and the clean up the first level cache. Why the flush also does not happens automatically here? ...

How to create a DCOM server on a specific windows session?

Hello, My questions regards DCOM servers and windows sessions: I have a windows service, running in win 2008 platform. on some scenarios, this service has to show some UI (Open a window). Despite the ugly design , it is the service it self that has to trigger the window opening. In order to do so, i have a DCOM server that is created ...

How can Forms Authentication redirect to Login.aspx in the same browser session?

When I click on my Login link it takes me to the Login.aspx page in the same browser session as expected. But when I click on a page the user needs to be authenticated to see, it redirects to the login.aspx page in a new browswer tab. Thus it now has two tabs open. Anybody know how to stop this behavior? I would like the app to switch...

PHP - foreach affects session value

How can foreach loop affect session variable? session_start(); $_SESSION[test] = "Session content"; echo $_SESSION[test].'<br />'; $test_array = array("test", "array", "something", "array end"); foreach($test_array as $test){ echo $test.'<br />'; } echo '<br />Session content after foreach: '.$_SESSION[test].'<br />'; When I ru...

CakePHP dropping session between pages

Hi, I have an application with multiple regions and various incoming links. The premise, well it worked before, is that in the app_controller, I break out these incoming links and set them in the session. So I have a huge beforeFilter() in my *app_controller* which catches these and sets two variables in the session. Viewing.region and...

Prevent session timeout on big uploads

Pretty obvious from the title I guess :) Well, problem is that if user is uploading a big file, his session might timeout in that time. How could I prevent session timeouts? I am using Struts2 with AjaxUpload. ...

store a queryset in the session with django

I have problem storing a big queryset in the session. This queryset is from a search and I need to store it for paginate inside every result. This is the code in my view: c = queryset.order_by('-order') request.session['query_search'] = c You can see an example in my site: http://www.lukmi.com/classifieds/chicas/escorts/barcelona/ Th...

IList stored in Session is updated when local copy of the IList is changed.

Hi, I am building a large, multi-area MVC project. (MVC 2 Beta). I have a session wrapper class, in its own project, MySession, that looks like this: Public Class MySession Private Shared _userlist As String = "UserList" Public Shared Property UserList() As IList Get If HttpContext.Current.Session(_userlist) Is Nothing ...

Is it possible to edit $_SESSION by hacker?

I save some important info in $_SESSION, not in $_COOKIE. So, my question, is it dangerous? Or hacker is not able to edit $_SESSION and I'm fine? Thank you. edited: By the way, is it possible also to edit $_COOKIE? I heard yes, but if yes, then how? ...

How do I mock/fake the session object in ASP.Net Web forms?

Is there a way to mock/fake the session object in ASP.Net Web forms when creating unit tests? I am currenclty storing user details in a session variable which is accessed by my business logic. When testing my business logic, in isolation, the session is not available. This seems to indicate a bad design (though im not sure). Should the...

Kill Session on browser close.

Here's my Application.cfc code: < cfcomponent> < cfset this.applicationname="cfGossip"> < cfset this.applicationname="true"> < cfset this.sessionManagement = true /> < /cfcomponent> My session is called "Session.MM_Username" I want to 'kill' it when a browser is closed. How do I do this? Can somebody try construct the code for ...

Disadvantages of J2EE session management in ColdFusion

Manual page tells about bunch of advantages of the J2EE session management (SM) over the ColdFusion SM, but what about other side? Which problems can appear when using J2EE SM? Also, if J2EE SM is so cool, why ColdFusion SM is still default? I can see one obvious reason: backwards compatibility. And this is typical for Adobe. Same time...

How to implement the session compression in Java?

I was listening .Net Rocks! podcast (with Scott Hunter) where it was mentioned about session compression. I wonder how can I achieve the session compression in Java? ...

Access to non-current-user sessions data in PHP

Is it possible to access data in other users sessions than the sessions which is active with the currently connecting client ($_SESSION)? If so, how? ...

Secure Member Login Using Cookies

Hello, Is storing username & password of the user in a cookie a good practice? I really want to know how big websites like (Facebook, digg, twitter) handle this. My code is like that: <?php $username = mysql_real_escape_string($_POST['username']); $password = md5($_POST['password']); ?> After every successful login i store the $use...

ASP .NET create other Session when switch to http://example.com or http://www.example.com

If I type http://example.com and login to my site and close my browser, re-open it and retype http://example.com then I am logged in. However, when I type http://example.com, login, close the browser, re-open it, type http://www.example.com then I am NOT logged in. I do not use ASP .NET authentication classes. I run IIS 6 with both ex...