On Mon, 25 Jan 2010 21:26:05 +, Ashley Sheridan wrote:
> On Mon, 2010-01-25 at 22:13 +0100, Nisse Engström wrote:
>
>> The HTTP spec allows cookies to be sent after the content,
>> in trailing headers, but it's not usable practically. Few
>> browsers support it, and PHP certainly doesn't. You
On Mon, 2010-01-25 at 22:13 +0100, Nisse Engström wrote:
> On Thu, 21 Jan 2010 08:43:58 +1100, clanc...@cybec.com.au wrote:
>
> > When you are working with sessions, provided you start your program with
> > session_id(), you
> > can then do anything you like with session variables at any point i
On Thu, 21 Jan 2010 08:43:58 +1100, clanc...@cybec.com.au wrote:
> When you are working with sessions, provided you start your program with
> session_id(), you
> can then do anything you like with session variables at any point in your
> program. In my
> original question I asked if there was a
On Sun, 24 Jan 2010 17:44:16 +1100, clanc...@cybec.com.au wrote:
>On Sat, 23 Jan 2010 15:10:11 +, nrix...@gmail.com (Nathan Rixham) wrote:
>
>
>>
>>To answer your specific questions though - what can be done to make this
>>process more secure - no matter what ap
clanc...@cybec.com.au wrote:
On Sat, 23 Jan 2010 09:32:37 -0500, tedd.sperl...@gmail.com (tedd) wrote:
At 1:13 PM +1100 1/23/10, clanc...@cybec.com.au wrote:
but I would be grateful for any suggestions how I
could make this procedure more secure.
We have given you advice that you should NOT u
On Sat, 23 Jan 2010 15:10:11 +, nrix...@gmail.com (Nathan Rixham) wrote:
>
>To answer your specific questions though - what can be done to make this
>process more secure - no matter what approach you take, when working via
>http and needing logged in / secure f
On Sat, 23 Jan 2010 09:32:37 -0500, tedd.sperl...@gmail.com (tedd) wrote:
>At 1:13 PM +1100 1/23/10, clanc...@cybec.com.au wrote:
>> but I would be grateful for any suggestions how I
>>could make this procedure more secure.
>
>We have given you advice that you should NOT use Cookies in any
>fash
tedd wrote:
At 1:13 PM +1100 1/23/10, clanc...@cybec.com.au wrote:
but I would be grateful for any suggestions how I
could make this procedure more secure.
We have given you advice that you should NOT use Cookies in any fashion
to secure your site, but you remain steadfast that you know bett
clanc...@cybec.com.au wrote:
> On Thu, 21 Jan 2010 22:00:30 +, a...@ashleysheridan.co.uk (Ashley
> Sheridan) wrote:
>
>> On Fri, 2010-01-22 at 08:58 +1100, clanc...@cybec.com.au wrote:
>>
>>> On Thu, 21 Jan 2010 08:54:44 -0500, tedd.sperl...@gmail.com (tedd) wrote:
>>>
At 12:15 PM +1100
At 1:13 PM +1100 1/23/10, clanc...@cybec.com.au wrote:
but I would be grateful for any suggestions how I
could make this procedure more secure.
We have given you advice that you should NOT use Cookies in any
fashion to secure your site, but you remain steadfast that you know
better -- so, wh
clanc...@cybec.com.au wrote:
My reasoning in using a cookie for user recognition, rather than relying on the
session
ID, was that with a cookie I could ensure that the connection effectively
lasted for some
specified period, whereas the session ID lifetime seems to be somewhat short and
ill-d
On Thu, 21 Jan 2010 22:00:30 +, a...@ashleysheridan.co.uk (Ashley Sheridan)
wrote:
>On Fri, 2010-01-22 at 08:58 +1100, clanc...@cybec.com.au wrote:
>
>> On Thu, 21 Jan 2010 08:54:44 -0500, tedd.sperl...@gmail.com (tedd) wrote:
>>
>> >At 12:15 PM +1100 1/21/10, clanc...@cybec.com.au wrote:
>>
At 8:58 AM +1100 1/22/10, clanc...@cybec.com.au wrote:
On Thu, 21 Jan 2010 08:54:44 -0500, tedd.sperl...@gmail.com (tedd) wrote:
At 12:15 PM +1100 1/21/10, clanc...@cybec.com.au wrote:
On Wed, 20 Jan 2010 20:05:42 -0200, bsfaja...@gmail.com (Bruno
Fajardo) wrote:
>Well, I hope this informa
clanc...@cybec.com.au wrote:
Yes; I'm doing that too. I am setting up a private website, and using cookies
to control
access to it.
Clancy
The only variable I store in a cookie is the session id.
Everything else is stored in the session database.
--
PHP General Mailing List (http://www.p
On Fri, 2010-01-22 at 08:58 +1100, clanc...@cybec.com.au wrote:
> On Thu, 21 Jan 2010 08:54:44 -0500, tedd.sperl...@gmail.com (tedd) wrote:
>
> >At 12:15 PM +1100 1/21/10, clanc...@cybec.com.au wrote:
> >>On Wed, 20 Jan 2010 20:05:42 -0200, bsfaja...@gmail.com (Bruno Fajardo)
> >>wrote:
> >>
> >
On Thu, 21 Jan 2010 08:54:44 -0500, tedd.sperl...@gmail.com (tedd) wrote:
>At 12:15 PM +1100 1/21/10, clanc...@cybec.com.au wrote:
>>On Wed, 20 Jan 2010 20:05:42 -0200, bsfaja...@gmail.com (Bruno Fajardo) wrote:
>>
>> >Well, I hope this information is helpful.
>>
>>Yes, thanks to everyone who con
At 12:15 PM +1100 1/21/10, clanc...@cybec.com.au wrote:
On Wed, 20 Jan 2010 20:05:42 -0200, bsfaja...@gmail.com (Bruno Fajardo) wrote:
>Well, I hope this information is helpful.
Yes, thanks to everyone who contributed. I now have a better
understanding of what
cookies are, and have turned on
On Wed, 20 Jan 2010 20:05:42 -0200, bsfaja...@gmail.com (Bruno Fajardo) wrote:
>2010/1/20 :
>> When you are working with sessions, provided you start your program with
>> session_id(), you
>> can then do anything you like with session variables at any point in your
>> program.
>
>Hi,
>
>You mea
Bruno Fajardo wrote:
You don't need to use output buffering at all. You only need this
mechanism if your script needs to output stuff before the
session_start() or setcookie() functions get executed.
Output buffering is also used if you need to "output" something before
the headers are sent eith
2010/1/20 :
> When you are working with sessions, provided you start your program with
> session_id(), you
> can then do anything you like with session variables at any point in your
> program.
Hi,
You meant session_start() instead of session_id(), right? But yes,
once you started a session (b
On Thu, 2010-01-21 at 08:43 +1100, clanc...@cybec.com.au wrote:
> On Wed, 20 Jan 2010 13:19:03 +, a...@ashleysheridan.co.uk (Ashley
> Sheridan) wrote:
>
> >On Wed, 2010-01-20 at 15:45 +1100, clanc...@cybec.com.au wrote:
> >
> >> On Tue, 19 Jan 2010 22:45:14 -0500, phps...@gmail.com (Phpster)
On Wed, 20 Jan 2010 13:19:03 +, a...@ashleysheridan.co.uk (Ashley Sheridan)
wrote:
>On Wed, 2010-01-20 at 15:45 +1100, clanc...@cybec.com.au wrote:
>
>> On Tue, 19 Jan 2010 22:45:14 -0500, phps...@gmail.com (Phpster) wrote:
>>
>> >The first setcookie call is empty which produces the errors t
On Wed, 2010-01-20 at 15:45 +1100, clanc...@cybec.com.au wrote:
> On Tue, 19 Jan 2010 22:45:14 -0500, phps...@gmail.com (Phpster) wrote:
>
> >The first setcookie call is empty which produces the errors that cause
> >the second cookie to fail.
>
> I'm afraid not. I modified the program started
On Tue, 19 Jan 2010 22:45:14 -0500, phps...@gmail.com (Phpster) wrote:
>The first setcookie call is empty which produces the errors that cause
>the second cookie to fail.
I'm afraid not. I modified the program started to read:
http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsu
On Tue, 19 Jan 2010 16:45:37 +0530, kranthi...@gmail.com (kranthi) wrote:
>> When I first started using sessions, I was alarmed to read a very similar
>> statement about
>> sessions, but I soon found that if I started my program with the statement
>> "session_start();" I could then set up, access
The first setcookie call is empty which produces the errors that cause
the second cookie to fail.
Bastien
Sent from my iPod
On Jan 19, 2010, at 10:16 PM, clanc...@cybec.com.au wrote:
On Tue, 19 Jan 2010 09:12:17 -0200, bsfaja...@gmail.com (Bruno
Fajardo) wrote:
2010/1/19 :
I am trying
On Tue, 19 Jan 2010 09:12:17 -0200, bsfaja...@gmail.com (Bruno Fajardo) wrote:
>2010/1/19 :
>> I am trying for the first time to use cookies. The manual contains the
>> statement "Cookies
>> are part of the HTTP header, so setcookie() must be called before any output
>> is sent to
>> the browse
On Tue, Jan 19, 2010 at 12:42 PM, Paul M Foster wrote:
> On Tue, Jan 19, 2010 at 10:06:26PM +1100, clanc...@cybec.com.au wrote:
>
> > I am trying for the first time to use cookies. The manual contains the
> > statement "Cookies
> > are part of the HTTP header, so setcookie() must be called before
On Tue, Jan 19, 2010 at 10:06:26PM +1100, clanc...@cybec.com.au wrote:
> I am trying for the first time to use cookies. The manual contains the
> statement "Cookies
> are part of the HTTP header, so setcookie() must be called before any
> output is sent to
> the browser."
>
> When I first started
Be aware that there is a limit of 20 cookies per domain
Bastien
Sent from my iPod
On Jan 19, 2010, at 6:12 AM, Bruno Fajardo wrote:
2010/1/19 :
I am trying for the first time to use cookies. The manual contains
the statement "Cookies
are part of the HTTP header, so setcookie() must be cal
Hi,
> However I have almost immediately found that while I appear to be able to
> read cookies at
> any time, I cannot set them when I would like to. Is there any similar trick
> which will
> work with cookies?
Keep in mind that cookies are set by sending an HTTP header as part of
the response,
> When I first started using sessions, I was alarmed to read a very similar
> statement about
> sessions, but I soon found that if I started my program with the statement
> "session_start();" I could then set up, access, modify or clear any session
> variable at
> any time in my program. This is
2010/1/19 :
> I am trying for the first time to use cookies. The manual contains the
> statement "Cookies
> are part of the HTTP header, so setcookie() must be called before any output
> is sent to
> the browser."
>
> When I first started using sessions, I was alarmed to read a very similar
> s
Paul M Foster wrote:
This is in two parts. First cookies. I'm a little unclear on how they
work. From what I've read, cookies are stored by the browser. When a
request for that cookie comes in from the server, the browser returns
only the value, and no other data. One question: When the browser
r
It brings up another question, though. Let's say that I have a
session_start() call at the beginning of a bunch of pages. So that each
time one of these pages is called, the call is made to session_start().
It seems like it would screw things up royally if each call to
session_start() generated
On Mon, Mar 09, 2009 at 11:35:57PM -0400, APseudoUtopia wrote:
> On Mon, Mar 9, 2009 at 10:26 PM, Paul M Foster
> wrote:
> > This is in two parts. First cookies. I'm a little unclear on how they
> > work. From what I've read, cookies are stored by the browser. When a
> > request for that cookie c
Hi
I don't think PHP stores Session information in Cookies. However It dose
store the sessionId (a unique alphanumeric string) in cookies.
This SessionId is used to identify the requests sent from one user.
The Session information is by default stored in the /tmp directory on your
system in a flat
On Mon, Mar 9, 2009 at 10:26 PM, Paul M Foster wrote:
> This is in two parts. First cookies. I'm a little unclear on how they
> work. From what I've read, cookies are stored by the browser. When a
> request for that cookie comes in from the server, the browser returns
> only the value, and no othe
Paul M Foster wrote:
This is in two parts. First cookies. I'm a little unclear on how they
work. From what I've read, cookies are stored by the browser. When a
request for that cookie comes in from the server, the browser returns
only the value, and no other data. One question: When the browser
r
Thanx a bunch you guys! Got my login process going the way I wanted it. I
appreciate your help, as I['m new to php. The first of many questions I
suppose :)
Cheers Joe
"Christopher William Wesley" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> On Mon, 12 Nov
On Mon, 12 Nov 2001, Joe Van Meer wrote:
> Thx Christopher for replying. Ok, let me see if I understand you
> correctly...
>
> The user enters username and password on index.php, this is posted to
> login.php. On login.php after I verify the user is who he/she says they are
> I set a cookie calle
header(); function is fine. Another option is javascript which is
dependent on the client software.
But you get the picture about the login process. I just have to agree with
Chris, something name 'is_logged' is better than 'accessedbefore'.
--
Julio Nobrega
A hora está chegando:
http://to
Thx Christopher for replying. Ok, let me see if I understand you
correctly...
The user enters username and password on index.php, this is posted to
login.php. On login.php after I verify the user is who he/she says they are
I set a cookie called "accessedbefore" to "yes" and redirect them to the
Just do your authentication before you send any HTML (including any
whitespace). I actually recommend not sending ANY HTML from your
authentication script. Authenticate them, set your cookie, and redirect
the visitor to an appropriate next page, based on whether or not they've
successfully authe
44 matches
Mail list logo
