I have read an article about session hijacking. please tell me asp.net session is how much secure. can people also do session hijacking with asp.net session. and also tell me how can i prevent my application from session hijacking. if you have any good example than also tell me that how people do it and how i can make my asp.net applicat...
Hi, I ran across an odd problem while trying to transfer a project to a windows machine. In my project I use a session handler (http://gaeutilities.appspot.com/session) it works fine on my mac but on windows I get: Traceback (most recent call last): File "C:\Program Files (x86)\Google\google_appengine\google\appengine\ext\webapp_init...
Hi, I'm wondering if someone knows how to store an array into a user session? This is the method to store a single attribute: $this->getUser()->setAttribute('something', $something); And the documentation says: "User attributes can store any type of data (strings, arrays, and associative arrays)" ... but doesn't say anything more....
I'm building a payment page in asp.net, however the page where you order your items is run in HTTP (non-secure) on my domain. When redirecting the user to the payment site, I have to go through a different domain (my payment provider, from whom I borrow the SSL certificate), so my payment url ends up like https://www.paymentprovider.com...
hello folks. a cakePHP newbie here.... I have created a custom helper. I need to get a session value in this helper and i need to get some data from a table. How i can make these things possible. I have tried var $helper=array('Session'); but then also when i use $this->Session->read('userid'); it returns error Undefined pr...
Hi there, I have a php site that lets registered users login (with a valid passord) and sets up a session based on their UserID. However I'm pretty sure thisis being hijacked and I've found "new" files on my server I didn't put there. My site cleans all user input for SQL injections and XSS but this keeps happening. Has anyone got any i...
I have some code which works fine on one server but is giving a session header warning: Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent on another. I have checked the php.ini settings on the two servers and they are identical. I know that the warning message is supposed to s...
Hi everyone, I'm following the Agile RoR book somewhat to apply it to a project for school. It's going good until I get to sessions. I continually get Authenticity Invalid Tokens and when I look at my sessions table in the database, there's a new session being created every time I refresh the page. Is that right or is something messed u...
Using Jetty 7.0.2, I am unable to set a custom session cookie path. I am hosting multiple sites on the same server using apache to proxy requests to the proper context. (replaced http as htp as stackoverflow thinks my multiple links might be spam) <VirtualHost *:80> ServerName context.domain.com ProxyRequests On ProxyPreserveHo...
Hi, Its my 1st App using ZF. As our client requirement i have made separate admin and front panel. Without using Zend_Acl. I have problem when session expires it always takes me on front end log in page . I have tried to solve it by session but it's using single session for both admin anf front panel. I there any way so i can create sep...
I have a function that I use on index.php page and I would like to call it from other php page (other.php). How to make this function available without redeclaration? I think it's achievable using sessions, but I am not sure how to do it exactly. Th problem is that it works in index.php, because it uses some API declaration, but it doe...
Okay so the following line returns null because its path cannot be found: System.IO.FileInfo fi = di.GetFiles()[position]; What I am currently doing is: <asp:ScriptManager ID="ScriptManager1" runat="server"> </asp:ScriptManager> <ctl:Gallery runat="server" ID="Gallery1" FolderUrl="~/images/1/" Size="100" /> When this is invoked Sys...
Is SQLCacheDependency used in context of ASP.net or can it be used for a project of .net only. Rather tahn using ASP.net i am receiving request by listening on a port.I want to store data for my session in cache.If this data is fetched from database then i want it to be updated using something like SQLCacheDependency.Can I configure it f...
The problem is that I want to store authentication in a cookie that I can present to django piston rather than requiring user/password to be typed in each time (without hardcoding or storing the user/pass combo somewhere on disk). I was hoping to accomplish this with cookies like someone would without the piston API. Am I missing somet...
I'm working on a content dripper custom plugin in WordPress that my client asked me to build. He says he wants it to catch a page view event, and if it's the right time of day (24 hours since last post), to pull from a resource file and output another post. He needed it to also raise a flag and prevent other sessions from firing that sam...
Hi How do I know how many seconds it will be until a php session expires? I'm building a web application where users might spend a lot of time typing into big text fields, but for security reasons I still want sessions to time out after a reasonably short period. I want to warn them if their session is about to expire so they can save ...
Hello i have a login page so once the user enters the correct details he enters into the home page. Now i want to implement 3 things once he clicks the button 'log out' he must be redirected to a page saying" logged out successfully " n even if clicks the back button in the browser, he should not be able to access. if the user leaves ...
If I use mechanize, I can, for instance, create a new google analytics profile for a website. I do this by programmatically filling out the login form and storing the cookies in the database. Then, for at least until the cookie expires, I can access my analytics admin panel without having to enter my username and password again. Assum...
I have a php site optimized for iphone, its currently running inside of an iframe in a uiwebview objective c wrapper. Everything currently works except for the sessions inside of the iframe, Im assuming this is due to the cross domain issue with iframes and sessions? my solution is to save the sessions to the db. Is this the best solutio...
Totally confused by this one... We have a WAMPServer installation set up, running a number of virtual hosts from various document roots. Just recently, one particular domain has started hanging the server. We traced it down to session_start(). If we comment it out, there are no problems (except, of course, for the fact that we can't do...