FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » session array not available in popup?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: session array not available in popup? [message #176992 is a reply to message #176989] Mon, 13 February 2012 23:59 Go to previous messageGo to previous message
Michael Fesser is currently offline  Michael Fesser
Messages: 215
Registered: September 2010
Karma:
Senior Member
.oO(cerr)

> I'm currently not using cookies, I'm passing the sessionid as a get
> variable to the script and set it like:

Then most likely the SID gets lost when you open your pop-up. In cases
like this you would have to manually append the predefined constant
'SID' to your URL. See the manual for details. [1]

But the better and recommended way would be to use a session cookie -
that's what cookies are for. SIDs in URLs are a security risk, because
they're stored in logfiles and in HTTP Referrer headers, which exposes
the SID to other people and might allow session hijacking. [2]

So better use a cookie instead, which is safer and should also solve
your problem. Also change these configuration options:

session.use_trans_sid = 0
session.use_only_cookies = 1

to prevent PHP from automatically rewriting URLs.

Micha

[1] http://www.php.net/manual/en/session.idpassing.php
[2] http://www.php.net/manual/en/session.security.php

--
http://mfesser.de/blickwinkel
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Space mistery
Next Topic: PHP 5.3.9 hex bug?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Tue Nov 26 18:24:04 GMT 2024

Total time taken to generate the page: 0.04232 seconds