Getting the following error when trying to start a session: Warning: session_start() [function.session-start]: Node no longer exists in file.php on line 3 The script uses SimpleXML to parse XML files from remote hosts. It's running on a Linux Ubuntu server with PHP 5.2.6. Has anyone come across this message before or have an insight i...
Hello. I want to handle following scenarios in my new web application. If multiple users log into the application with same credentials, the application should deny access. Since I have out of process session store, I would be able to make out when this situation happens. So I can deny all requests after first successful attempt. This ...
In one web page we use a flash upload control but becouse a flash bug in the upload event the session is lost as its posted back with a new session. We have tought of using a table with ip and old session id or a query string with the old session id in order to reassing it in the uploaded event... Knowing the old session id how can i ...
I have an J2EE compliant web application. I use a session based token to append a secondary id to all incoming link generated by my application. To prevent my application against CSRF attack, I validate the secondary id before I allow the user session to work off the subsequent page. Recently, while working with session replication mech...
What is the most standard or best way to persist data between requests? Should I use cookies or session variables? I'm interested in keeping data like sort order, sort column, and page number (for paginiation). I'm coming from a webforms background so normally this type of thing was automatically handled for me in the viewstate of th...
Hi, I have an application with different sections. Each section is accessed through a domain. Ex.: www.section1.com, www.section2.com, www.section3.com. I need to preserve the session when the user navigates from one to another URL. The application is the same in IIS. How to accomplish that? Thanks. ...
Hi, In ASP.NET if I declare a variable (or object) static (or if I make a singleton) I can have it persist across multiple sessions of multiple users (it it registered in a server scope) so that I don't have to initialize it at every request. Is there such a feature in PHP? Thanks ...
For testing I have 1 isolated page - no masters, controls, …. My sessions are lost after about 30 seconds. I’ve tried setting timeout on the page itself, in web.config, both, and neither. Tried forms authentication with timeout and windows authentication. Recycle the AppPool after changes. I can response.write from the Session_Start ,...
I have a Rails application using with an authentication system using Restful Authentication without any modification. Users have reported finding themselves logged in as the wrong user. In at least one case it was on their very first page view, never having logged in before. Is it possible their session ids are getting mixed up? Would ...
I am using adldap http://adldap.sourceforge.net/ And I am passing the session from page to page, and checking to make sure the username within the session is a member of a certain member group, for this example, it is the STAFF group. <?php ini_set('display_errors',1); error_reporting(E_ALL); require_once('/web/ee_web/inclu...
Is it possible for the session data of one war file to be shared by other war file ...
I create a login form to bind to the ldap server, if successful, it creates a session (which the user's username is stored within), then I go to another page that has session_start(); and it works fine. What I want to do now, is add code to test if that user is a member of a specific group. So in theory, this is what I want to do if(u...
Hi folks, I need to setup temporary User models for each visitors, where the visitors are obviously tied by session data. I might not be aware of it, but does Django support attaching data to Anonymous users? The only way, I am currently aware of, is to use the session dictionary part of the request object. Help would be very muc...
Hi, I'm a newbie to Rails and am starting a new project that uses AuthLogic. I'm just a little confused about whether AuthLogic provides everything I need to store session state, or whether I still have to include the Rails mechanism (rake db:sessions:create). Thanks! Tim ...
Hello This may be a 'Python Web Programming 101' question, but I'm confused about some code in the aeoid project (http://github.com/Arachnid/aeoid). here's the code: _current_user = None def get_current_user(): """Returns the currently logged in user, or None if no user is logged in.""" global _current_user if not _curren...
Session contains objects whose class definition isn\'t available. Remember to require the classes for all objects kept in the session I am trying to integrate http://github.com/binarylogic/authlogic for authentication into my rails application . I follwed all the steps into mentioned in the documentation . Now i seem to be getting thi...
I have some sessions that are saved. I want to destroy all the sessions if the user closes the browser window or a single tab or navigates away from the page. Is there any way I can do this? ...
Common problem, but I'm stumped. Session variables are passing across pages on my local (localhost) deployment, but not on my (www) host. I use a common includes file for each page with this code: $sessionDomain = "/"; @ini_set("session.cookie_path",$sessionDomain); $sessionName = "ccSID".md5('/store/'); session_name($sessionName); se...
Hi all, I am developing a bookmarklet which essentially adds a toolbar to a web page user is currently looking at. To use it, user needs to be logged in. To login user clicks on 'Singin' which displays a standard form containing Username, Password etc fields. When user successfully logs in they may chose to navigate to a different web-...
I'm developing my own PHP framework. It seems all the security articles I have read use vastly different methods for user authentication than I do so I could use some help in finding security holes. Some information that might be useful before I start. I use mod_rewrite for my MVC url's. Passwords are encrypted with 24 character salt un...