Dear Jasper,
I think the session hash function is set to 32, and MD5 is selected, as the
following lines of code show:
----------------------------------------------------------
function Session($sessionName="SESSID") {
$this->sendNoCacheHeader();
// Session-Namen setzen, Session initialisieren
session_name(isset($sessionName)
? $sessionName
: session_name());
@session_start();
// Prüen ob die Session-ID die Standardlänge
// von 32 Zeichen hat,
// ansonsten Session-ID neu setzen
if (strlen(session_id()) != 32)
{
mt_srand ((double)microtime()*1000000);
session_id(md5(uniqid(mt_rand())));
}
----------------------------------------------------------
The sentence die($_COOKIE[session_name()]), when executed, shows this value:
211b78tfl8umggkdh1ak7jrbf3 (a string of 26 characters long).
Thank you very much, again!
Nancy.
----- Original Message -----
From: "Jasper Bryant-Greene" <jasper@xxxxxxxxxxxxxxxxxx>
To: "php" <php-general@xxxxxxxxxxxxx>
Sent: Tuesday, August 30, 2005 8:48 AM
Subject: Re: Cookies.
Nancy Ferracutti Kincaide wrote:
I am trying to install a web application that tests if cookies are
enabled the following way:
$this->usesCookies =
(isset($_COOKIE[session_name()]) &&
@strlen($_COOKIE[session_name()])
== 32);
As it gives as a result, that cookies are NOT ENABLED, I can't go on with
the SETUP phase.
The responsible of the FALSE result, in the sentence above, is the LENGTH
of the string $_COOKIE[session_name()]. Its actual value is 26 instead of
32, as expected. ¿Could anyone tell me if that LENGTH should be 32? ¿Is
this value mandatory to admit that cookies are enabled?
That would depend on what the session hash function was set to. Normally
it should be 32 or 40 depending on whether MD5 or SHA1 was selected.
Just the fact that $_COOKIE[session_name()] is set would indicate that
cookies are enabled, but the application may be performing some sort of
sanity check, which is obviously failing...
Put a die($_COOKIE[session_name()]); just before that line, and tell us
what it shows.
--
Jasper Bryant-Greene
Freelance web developer
http://jasper.bryant-greene.name/
If you find my advice useful, please consider donating to a poor
student! You can choose whatever amount you think my advice was
worth to you. http://tinyurl.com/7oa5s
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php