HTH,
Paul
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
Scott
> Henderson
> Sent: Monday, July 14, 2003 9:53 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: [SM-USERS] How to improve security for SM
I put in the code you wrote, and it works great. Thanks so much! It's
always awesome to have someone just write the code you need, and voila' -
now I have the functionality my company requires! This is another example
of why Open Source software is so great. Its the people - you can't beat
tha
One more code change I've just found if you are using the notify plugin.
Change line 11 in focus.php from
$smpage = str_replace('plugins/notify/focus.php', 'src/webmail.php',
$_SERVER['REQUEST_URI']);
to
$smpage = str_replace('plugins/notify/focus.php', 'src/refresh.php',
$_SERVER['REQUEST_URI']
I have just refined the code I previously posted to disable the browser
backspace key:
1. Add the following code to webmail.php just after the session_start() -
session_start();
/* added by gcn 12/07/2003 */
if(sqsession_is_registered("visited")){
exit;
}
sqsession_register("yes", "visited"
Forget the nocache option, just add the indicated lines to webmail.php
just after the session_start();
===
session_start();
/* added by gcn 12/-7/2003 */
if(session_is_registered("visited")){
exit;
}
$visited ="yes";
session_register("visited");
/* end of ad
> Nicholas Mistry>
The statement:
session_cache_limiter('nocache');
would need to come before any calls to session_start(). So not
necessarily every PHP file but every PHP file that made a call
to session_start() instead.
Although, I have no clue how se
>> Marc Groot Koerkamp>
>> Andre Nicholson said:
>>> The statement:
>>>
>>> session_cache_limiter('nocache');
>>>
>>> would need to come before any calls to session_start(). So not
>>> necessarily
>>> every PHP
>>> file but every PHP file that made a call to session_start() instead.
>>>
>>> Althoug
> Marc Groot Koerkamp>
> Andre Nicholson said:
>> The statement:
>>
>> session_cache_limiter('nocache');
>>
>> would need to come before any calls to session_start(). So not
>> necessarily
>> every PHP
>> file but every PHP file that made a call to session_start() instead.
>>
>> Although, I have n
> would need to come before any calls to session_start(). So not necessarily
> every PHP
> file but every PHP file that made a call to session_start() instead.
IIRC, we have a function to start the session, so it'd be a matter of
editing one file in one spot. As to how useful this directive would
Andre Nicholson said:
> The statement:
>
> session_cache_limiter('nocache');
>
> would need to come before any calls to session_start(). So not necessarily
> every PHP
> file but every PHP file that made a call to session_start() instead.
>
> Although, I have no clue how sessions are maintained in
The statement:
session_cache_limiter('nocache');
would need to come before any calls to session_start(). So not necessarily every PHP
file but every PHP file that made a call to session_start() instead.
Although, I have no clue how sessions are maintained in SM PHP wise so a word from one
of the
If my understanding is correct you will need to put the code at the top of
each .php file. Can any php experts on the list confirm this or
otherwise?
> I don't code, but I'm willing to try this. What file would I put this
> into-
> login.php? src/webmail.php?
>
>>From: [EMAIL PROTECTED] [mailto
I don't code, but I'm willing to try this. What file would I put this into-
login.php? src/webmail.php?
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> I'm not a php expert but isn't there a
> session_cache_limiter();
> function that can be used to stop the browser caching?
>
> i.e.
>
> /
To: [EMAIL PROTECTED]
SHBP> Subject: [SM-USERS] How to improve security for SM users
SHBP>
SHBP> I have just set up our SM server and my boss tried it and he points out if
SHBP> someone were using SM at a public terminal, and they didn't log out, but
SHBP> just headed to anothe
Sorry, code fragment should've read
> I have just set up our SM server and my boss tried it and he points out if
> someone were using SM at a public terminal, and they didn't log out, but
> just headed to another web site, then the next person in line could
> backpage
> right into their account.
15 matches
Mail list logo
