Hi guys, I have read through the php manual for this problem and it seems quite a common issue but i have yet to find a solution. I am saving sessions in a database. My code is as follows: // session $_SESSION['userID'] = $user->id; header('Location: /subdirectory/index.php'); Then at the top of index.php after the session_...
I've created a custom clipboard because it's not possible to make my whole class map serializable - which is a requirement for the windows clipboard. However, I need to distinguish between users who are using my clipboard through a unique id. Basically, I want to be able identify a person who is sat at one PC with one or more copies of ...
Does size matter when choosing the right algorithm to use for a session hash. I recently read this article and it suggested using whirlpool to create a hash for session id. Whirlpool generates a 128 character hash string, is this too large? The plan is to store the session hash in a db. Is there much of a difference between maybe using...
I have two identical applications setup on IIS on different virtual directories (I have done some workaround to ensure that they both have the same application name). Is there a way to share session id across two asp.net web applications? Since I'm storing the session in StateServer, they should both be getting the same session data, h...
So its a ASP.NET problem where two users using the same machine, same browser. User 1 logs in the domain. User 1 changes some data without saving it. User 2 logs in the domain in a separate tab. User 1 switches back to his tab and saves the data. User 1 actually saved the data into User 2!! This is caused by the following mechanism: ...
How can I distinguish different users with actionscript, or is that possible? ...
I was creating a login system with PHP and I wondered: Why are sessions needed? If I store a cookie with the userid and the sessionid doesn't it pose the exact same security risks to storing a cookie with userid and password hash (given that the password hash is strong enough)? Yeah, someone could potentially steal the cookie, but isn't...
I'm using PHP version 5.3.2 on both my local development server and remote web server. I'm trying to use uploadify to upload several files to the server. In the receiving script, I would like to use data stored in the session, however because uploadify sends files to the script using flash it doesn't send the session cookie. The workar...
Hi, First, yes i know this is a big security NONO. But the scenario is this; In the checkout of a webshop i use a payment-gateway, which can proxy my checkout form through their SSL. (following url's is just the theory, other urls apply for the application) The way it works, website redirects user to their https://gateway.org/secure-...
Using a process identifier, I can get the user identifier. Indeed, if the process is executed in the user environment, I can get the user session id... But how can I derive a Windows session ID by only user name? (Of course, if the user is not logged, no session id can be derived). My situation is the following: I have a service (sy...
Hi, At localhost (Debian Sid machine), PHP creates session files in /var/lib/php5. When I open sess_cd2ct9hud284gn01os13nk5mi7, for example, i can see something like that: Qms6wztHQ9u79B7jjiihLX0cKc_fXgwo0NeVE34jFhdE__1JDOliUDteHQVXgMAjcGZgJ1EkBft0IUsqBdWrck7s0Vjghsm3vk681u_GV8KRK-ExrAEbvbgXfl51Z83tyh5h2JtRy0qLZmhqwLtUFykm1XbdBBxx5xJpNp...
Hi, I was wondering if anyone knew what was the format of a ASP.NET SessionID? It's not a GUID or base64, what is its type? Also does it vary from version to version of the .NET framework? thanks ...
I'm having trouble forcing sessions to restart in PHP. Here's the problem: I can get my session id with session_id(), copy it, and add to the very top of my script: session_id('the_session_id'); session_start(); And when I open a new browser, the session from the other browser is not carried over. What settings can I check? ...
Hi, I am new to SQL Server and I am more familiar with ORACLE database. I'd like to know if there's a way to set client identifier context like in Oracle by using DBMS_SESSION.set_client_identifier and grab the value using a function. I am trying to track data changes including who/which username made the changes. My plan to create Tri...
How do I extract the SID and RID values used in the BOSH transport protocol for XMPP? Specifically, I'm using xmpphp. ...
Hi, I'm writing some logging code that is based on SessionID... However, when I log out (calling Session.Abandon), and log in once again, SessionID is still the same. Basically every browser on my PC has it's own session id "attached", and it won't change for some reason :/ Any ideas what is going on? My Session config looks like thi...
I have an MVC application, and I need to create and store a unique session Id for each application instance. In standard ASP.NET this is easy, I would have simply added a hidden field in the master page and stored a Guid there on the first Page_Load. However, there is not code behind in MVC, and I also believe that you can't implement a...
I saw this example in php manual page http://www.php.net/manual/en/session.examples.php The example will create a global session for all client. Can I use this example to create some global application for all client, instead of save it to DB or local file. What're the pros and cons of this method? Thanks for any help. ...