SitePoint Sponsor

User Tag List

Results 1 to 14 of 14

Hybrid View

  1. #1
    SitePoint Member
    Join Date
    Nov 2000
    Location
    Grosse Ile, MI
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    session titorial by Kevin

    I just followed thru Kevin Yang's "Managing Users with PHP Sessions and MySQL" trying to implement session(with web page on intranet at my work)....
    I get this message...login.php is accesscontrol.php in his article that handles login and session
    ----------------------------------
    Warning: open(/tmp\sess_bdb9c3afb46e7fc535813fd171299667, O_RDWR) failed: m (2) in ../../phpinclude/login.php on line 5
    -----------------------------------


    in php.ini file(yes, they are installed on NT), following is changed as seen from default setting(as suggested in the article)
    ======================
    session.save_path = D:\sessions
    ======================

    can anyone help this newbie?


    Last edited by baekcho; Jun 25, 2001 at 13:35.

  2. #2
    You talkin to me? Anarchos's Avatar
    Join Date
    Oct 2000
    Location
    Austin, TX
    Posts
    1,438
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Do you have a d drive?

  3. #3
    SitePoint Member
    Join Date
    Nov 2000
    Location
    Grosse Ile, MI
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yes, that's where I installed php, aparche, and mysql

  4. #4
    SitePoint Enthusiast tehtarik's Avatar
    Join Date
    Jun 2001
    Location
    Malaysia
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    "Kevin's Tutorials" is everywhere.
    Can anyone guide me there?
    (I need the URL)


    thanks

  5. #5
    SitePoint Zealot micmar's Avatar
    Join Date
    Apr 2001
    Location
    Melbourne, Australia
    Posts
    188
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally posted by tehtarik
    "Kevin's Tutorials" is everywhere.
    Can anyone guide me there?
    (I need the URL)
    Managing Users with PHP Sessions and MySQL - By Kevin Yank
    http://www.webmasterbase.com/article.php/319

    http://www.avgallery.com.au/ - Your ticket to high-end audio!

  6. #6
    SitePoint Enthusiast tehtarik's Avatar
    Join Date
    Jun 2001
    Location
    Malaysia
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks man,

    I really love PHP, yeehaa

  7. #7
    Node mutilating coot timnz's Avatar
    Join Date
    Feb 2001
    Location
    New Zealand
    Posts
    516
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Is PHP running in CGI or not, because if it is, it will read the php.ini out of the directory where it is installed I think, whereas if it isn't, then it reads it out of, for example: C:\WINNT\ or where ever you have all your .ini's stored.

    From the error message it spat out, it shows that it is still thinking that the temporary directory is /tmp one.

    So I think it is reading a diffferent php.ini from the one you modified.

  8. #8
    SitePoint Member
    Join Date
    Nov 2000
    Location
    Grosse Ile, MI
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    great!...I found one php.ini(perhaps from previous php installation) in "/winnt" folder and changed save_path...it worked.

    I don't know how to tell system to use D:/php/php.ini which i wanted to use, so i decided to use the one that works, C:/winnt/php.ini.
    ---this solved some other problems I was experiencing too.

    thanks,

  9. #9
    We like music. weirdbeardmt's Avatar
    Join Date
    May 2001
    Location
    Channel Islands Girth: Footlong
    Posts
    5,882
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thats great - I had the same problem (but fixed it!).

    But new problem. I have followed his script down to a 'T' but now it has been uploaded it is refusing to acknowledge users.

    Example..

    I create a new user using signup. I know it has been entered cos phpmyadmin says so.

    So then I use the login page to try and access it - it brings up the login prompt, I enter the details but then I get the Access Denied - no user found message, when I know the user exists!

    I am getting no MySQL or PHP errors, just the default, no user message.

    Any ideas? Or anyone else had this problem? Is it a mistake in Kevin's tutorial (never!?) or do i need to modify something?

    Thanks
    I swear to drunk I'm not God.
    Matt's debating is not a crime
    Hint: Don't buy a stupid dwarf Clicky

  10. #10
    SitePoint Member
    Join Date
    Nov 2000
    Location
    Grosse Ile, MI
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So then I use the login page to try and access it - it brings up the login prompt, I enter the details but then I get the Access Denied - no user found message, when I know the user exists!

    I had a similar problem and it was, in my case, from inconsistency in variable names...I tracked down some variable and fixed the problem

  11. #11
    SitePoint Member
    Join Date
    Nov 2000
    Location
    Grosse Ile, MI
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    how do i disable 'backing to secure pages'

    session is great....
    But How Do I Keep Someone from Backing to Secure Page?

    for example, when i 'BACK' after sing-off, my browser(ie5) is telling me the page is expired...but if i 'REFRESH' it brings back to the secure page that i loged-off from...

    anyone?

  12. #12
    We like music. weirdbeardmt's Avatar
    Join Date
    May 2001
    Location
    Channel Islands Girth: Footlong
    Posts
    5,882
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    A good question.. anyone (Kevin?). The only thing I can imagine is that by backing up it isn't actually killing the session - there is still technically a session running - there is a cookie there - so you are still logged in.

    Just so you know I fixed my problem - I was being exceptionally thick in forgetting that I was using the PASSWORD command which encrypts the randomly generated password - and was using the password in the database not the one that had been emailed to me. Oops.
    I swear to drunk I'm not God.
    Matt's debating is not a crime
    Hint: Don't buy a stupid dwarf Clicky

  13. #13
    ********* Callithumpian silver trophy freakysid's Avatar
    Join Date
    Jun 2000
    Location
    Sydney, Australia
    Posts
    3,798
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I don't know if this is the best solution but what you can do is use a database table as well.

    1) User logs in.
    -> start a session.
    -> insert a record into the database table with the session ID and the time it will timeout.
    -> Also, every time a new user logs in and you run an sql query to garbage collect (delete) expired sessions from the database.

    2) Each time a user calls a php page, start the session then query the database to see whether a matching session is current in the database. If not the user is not logged in.

    3) The user logs out.
    -> delete the user's session from the database.

    I'm sure there are better solutions. I would be curious to know, as I basically coded something along the lines of the above recently and would be glad to know of a better solution. My understanding also is that even with seting no-cache meta tags etc, etc, these will have no effect in NS 4.7
    Last edited by freakysid; Jun 26, 2001 at 16:13.

  14. #14
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes, as freakysid stated I usually store my session data in a databse instead of files, for faster manipulation of session data. With that I wrote my own session handling functions, that basically tell PHP how to handle sessions natively.

    When a user logs out I delete the record from the database. So if they use the back button it doesn't matter since I check for a session variable, if its not present I simply send them to the login screen. Here is the session handling functions. They require PHPLIB's mysql class.

    PHP Code:
    ########################## session handling crap ###############################
    $sess_lifetime get_cfg_var("session.gc_maxlifetime");

    function 
    sess_open() {
        global 
    $db;
        return 
    $db;
        }

    function 
    sess_close() {
        return 
    true;
        }

    function 
    sess_read($key) {
        global 
    $db;
        
    $db->query(sprintf("SELECT value FROM sess WHERE sesskey = '%s' AND expire > %s"$keytime()));
        if (
    $db->num_rows() > 0) {
            
    $db->next_record();
            return 
    $db->f(value);
            }
        else {
            return 
    false;
            }
        }

    function 
    sess_write($key,$val) {
        global 
    $db$sess_lifetime;
        
    $expire time() + $sess_lifetime;
        
    $value addslashes($val);
        
    $db->query(sprintf("UPDATE sess SET expire = %s, value = '%s' WHERE sesskey = '%s' AND expire > %s"$expire$value$keytime()));
        if (
    $db->affected_rows() < 1) {
            
    $db->query(sprintf("INSERT into sess SET sesskey = '%s', expire = %s, value = '%s'"$key$expire$value));
            }
        return 
    $db->affected_rows();
        }

    function 
    sess_destroy($key) {
        global 
    $db;
        
    $db->query(sprintf("DELETE from sess WHERE sesskey = '%s'"$key));
        return 
    $db->affected_rows();
        }

    function 
    sess_gc() {
        global 
    $db$sess;
        
    session_unset();
        
    $db->query(sprintf("DELETE from sess WHERE sesskey = '%s'"$sess));
        return 
    $db->affected_rows();
        }



    session_set_save_handler(
        
    "sess_open",
        
    "sess_close",
        
    "sess_read",
        
    "sess_write",
        
    "sess_destroy",
        
    "sess_gc"); 
    Here is the db schema

    +---------+------------------+------+-----+---------+-------+
    | Field | Type | Null | Key | Default | Extra |
    +---------+------------------+------+-----+---------+-------+
    | sesskey | varchar(32) | | PRI | | |
    | expire | int(11) unsigned | | | 0 | |
    | value | text | | | | |
    +---------+------------------+------+-----+---------+-------+
    Please don't PM me with questions.
    Use the forums, that is what they are here for.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •