SitePoint Sponsor

User Tag List

Results 1 to 4 of 4

Thread: Sessions!

Hybrid View

  1. #1
    SitePoint Addict manipura's Avatar
    Join Date
    Apr 2001
    Location
    Calgary,AB
    Posts
    345
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    This can't be right!

    Sessions Problem.

    This can't be right! If you type in the password as numbers it gives you access. It will give you access if you type in the username and password right, but if you enter any username and just type any number for the password, it gives you access!
    Last edited by manipura; May 31, 2001 at 10:34.

  2. #2
    Talk to the /dev/null Theiggsta's Avatar
    Join Date
    Mar 2001
    Location
    Tampa, FL
    Posts
    376
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thats the whole security genius of sessions at work. When you use sessions, it creates a data ID for the user and everytime you move to another page, it will make your browser expire the page, for security reasons. Thats why sessions was invented in the first place.

    I dont know ways around this, but do check out your server's phpinfo() for more detais to see the setup you have.

    I can suggest dropping by phpwizard.net and in thier tutorials section is a VERY detailed tutorial on garbage collection methods and settings you can play with.

  3. #3
    SitePoint Wizard
    Join Date
    Mar 2001
    Posts
    3,537
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    I was working on a script that used sessions to pass the variables from page to page, but because of the same problem you encountered, I decided to rewrite the script and pass the variables in a query string, so that the users could use their back buttons to make changes to their form entries on previous pages. I don't know of any way around that side effect.

  4. #4
    Talk to the /dev/null Theiggsta's Avatar
    Join Date
    Mar 2001
    Location
    Tampa, FL
    Posts
    376
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yeah, but that involves a certain security risk, so just consider the options.
    Aaron "Theiggsta" Kalin
    Pixel Martini
    Ruby and Rails Developer


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •