Re: session

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Look at the URL when you pass it? It does not show anything, in fact the session is still using cookies or other means to tansfer the data.
You should also be able to sniff the data being passed by the URL and not see any of the session data.

----- Original Message ----- From: "H. J. Wils" <double_u1@xxxxxxxxxxx>
To: <bbonkosk@xxxxxxxxxxxxxxx>; <php-db@xxxxxxxxxxxxx>
Sent: Sunday, October 17, 2004 10:17 AM
Subject: Re: session


hey thanx it works, but....

why is that? i mean, session are there to save data which te user cant see... isnt there another way to pass the SID? i have the feeling passing the SID trhough the url-paramters is harming the security, am i right?

From: "Brad Bonkoski" <bbonkosk@xxxxxxxxxxxxxxx>
To: "H. J. Wils" <double_u1@xxxxxxxxxxx>, <php-db@xxxxxxxxxxxxx>
Subject: Re: session
Date: Sun, 17 Oct 2004 09:46:06 -0400
MIME-Version: 1.0
Received: from pb1.pair.com ([216.92.131.4]) by mc5-f14.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Sun, 17 Oct 2004 06:47:55 -0700
Received: (qmail 35123 invoked by uid 1010); 17 Oct 2004 13:47:04 -0000
Received: (qmail 33188 invoked by uid 1010); 17 Oct 2004 13:46:19 -0000
X-Message-Info: JGTYoYF78jGDHqvDtc0+QckXsrFscNGe
Mailing-List: contact php-db-help@xxxxxxxxxxxxx; run by ezmlm
Precedence: bulk
list-help: <mailto:php-db-help@xxxxxxxxxxxxx>
list-unsubscribe: <mailto:php-db-unsubscribe@xxxxxxxxxxxxx>
list-post: <mailto:php-db@xxxxxxxxxxxxx>
Delivered-To: mailing list php-db@xxxxxxxxxxxxx
Delivered-To: ezmlm-scan-php-db@xxxxxxxxxxxxx
Delivered-To: ezmlm-php-db@xxxxxxxxxxxxx
Message-ID: <002e01c4b44f$a72b8600$6500a8c0@BRADWIN>
References: <BAY2-F31z02H67yRLVb0004cb0c@xxxxxxxxxxx>
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-Virus-Scanned: Symantec AntiVirus Scan Engine
Return-Path: php-db-return-36870-double_u1=hotmail.com@xxxxxxxxxxxxx
X-OriginalArrivalTime: 17 Oct 2004 13:47:55.0249 (UTC) FILETIME=[E77EF610:01C4B44F]

I believe you need to pass the session variable along to the next page...
Something like:

On page 1:
if session is set
{
   $s = SID;
   echo "<a href=\"page.php?$s\">Link</a>";
}


----- Original Message ----- From: "H. J. Wils" <double_u1@xxxxxxxxxxx>
To: <php-db@xxxxxxxxxxxxx>
Sent: Sunday, October 17, 2004 9:38 AM
Subject:  session


sorry, forgot to change the subject :), just to be sure here is my question again..

Hi everybody,

For quite a while i'm struggeled with my session. It doesn't seem to work, can anyone help me?

This is my code:

page 1:
session_start();
$_SESSION["test"] = "tryin...";
if (isset($_SESSION["test"]))
{
 echo "<a href='session2.php'>next page</a>";
 echo "<br>".session_id();
}

page 2:

session_start();

if (isset($_SESSION["test"]))
{
 echo $_SESSION["test"];
}else
{
 echo "No sessionvariable found..";
}
echo "<br>".session_id()."<br>";

On page two, there's always the 'no sessionvariable found...'-message, further the session id also changes... i dont understand what i am doing wrong...

_________________________________________________________________
Play online games with your friends with MSN Messenger http://messenger.msn.nl/

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

_________________________________________________________________
MSN Search, for accurate results! http://search.msn.nl

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]
  Powered by Linux