SitePoint Sponsor

User Tag List

Page 1 of 2 12 LastLast
Results 1 to 25 of 32
  1. #1
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,934
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)

    Viewing Session Variables

    Is there a way to see what is stored in the variables in my SESSION?

    I have Firebug, but can't find a way to view the Session data?!

    I also tried looking in FireFox's Web Developer Toolbar, but no luck?!

    Thanks,


    Debbie

  2. #2
    SitePoint Enthusiast
    Join Date
    Dec 2011
    Posts
    27
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sessions are stored server side. So you would have to make a script that outputs them to the browser to see them.
    Typically print_r the $_SESSION i guess?

  3. #3
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,934
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Frenz48 View Post
    Sessions are stored server side. So you would have to make a script that outputs them to the browser to see them.
    Typically print_r the $_SESSION i guess?
    This seems to work...
    Code:
    	session_start();
    	echo '<p>' . print_r($_SESSION) . '</p>';
    ...although it would be nicer if I could use a tool like FireBug.

    Thanks,


    Debbie

  4. #4
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    http://firephp.org/

    SHOULD NOT BE USED ON A LIVE SITE.
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  5. #5
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,934
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by logic_earth View Post
    http://firephp.org/

    SHOULD NOT BE USED ON A LIVE SITE.
    Can you help me figure out what is wrong with my Log-Out script?

    Here it is...
    Code:
    <?php //Build Date: 2011-12-25
    
    	// Initialize a session.
    	session_start();
    
    	// Access Constants
    	require_once('../config/config.inc.php');
    
    	// Log Out User.
    	$_SESSION['loggedIn'] = FALSE;
    
    	// Redirect User.
    	if (isset($_SESSION['returnToPage'])){
    		header("Location: " . BASE_URL . $_SESSION['returnToPage']);
    	}else{
    		// Take user to Home Page.
    		header("Location: " . BASE_URL . "index.php");
    	}
    
    	session_unset();
    	session_destroy();
    	$_SESSION = array();
    
    	// Erase Session Cookie Contents.
    //	setcookie(session_id(), "", time() - 3600);
    	setcookie("PHPSESSID", "", time() - 3600);
    
    	// End script.
    	exit();
    ?>

    When I log in I see something like this...
    Code:
        print_r(\$_SESSION) =
    
        Array
        (
            [returnToPage] => //index.php
            [memberID] => 24
            [memberFirstName] => Debbie
            [loggedIn] => 1
        )
    
        print_r(\$_COOKIE) =
    
        Array
        (
            [PHPSESSID] => 4bf54ca2d5b134ea841bab146ba22965
        )

    And after I log out, I still see this...
    Code:
    print_r(\$_SESSION) =
    
    Array
    (
        [returnToPage] => //pages/interview_index.php
    )
    
    print_r(\$_COOKIE) =
    
    Array
    (
        [PHPSESSID] => 4bf54ca2d5b134ea841bab146ba22965
    )

    And even if I close the browser window and then go back in, I still see this...
    Code:
    print_r(\$_SESSION) =
    
    Array
    (
        [returnToPage] => //pages/interview_index.php
    )
    
    print_r(\$_COOKIE) =
    
    Array
    (
        [PHPSESSID] => 4bf54ca2d5b134ea841bab146ba22965
    )

    The logging in/logging out *seems* to be working (e.g. "Welcome, Debbie!!" appears at the correct times), but this whole Session/Cookie thing is driving me crazy?!


    Debbie

  6. #6
    SitePoint Enthusiast
    Join Date
    Dec 2011
    Posts
    27
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You unset the session, then destroy it,finally access it and set it to an empty array, after destroying it?
    Try putting destroy last?

    For deleting the cookie, try an if statement to see if it returns false?

  7. #7
    Non-Member
    Join Date
    Nov 2010
    Posts
    21
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ideal user can not saw the session’s value on their browser sine, Sessions are stored server side.

    However, you would have to make a script as mentioned below and upload the same file on the server to outputs them to the browser to see them.

    <?php session_start();

    echo ‘<pre>’;

    print_r($_SESSION);

    echo ‘</pre>’;?>

  8. #8
    SitePoint Enthusiast
    Join Date
    Dec 2011
    Posts
    44
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It's because you redirecting user to a new location before unsetting the session.

    Also session_unset() is unnecessary in your case since you calling session_destroy()
    And lastly, you absolutely do not see to manually send out session cookie,
    so remove this line
    setcookie("PHPSESSID", "", time() - 3600);
    it's not really a source of problem but it's totally unnecessary and actually could be a problem in some cases.

  9. #9
    SitePoint Enthusiast
    Join Date
    Dec 2011
    Posts
    44
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Looks like I was wrong about sending out cookie. Documentation on php.net has an example of how to logout a user and they do manually send a cookie.
    Example is here http://us3.php.net/session_destroy

    I personally don't manually send out the session cookie because what's the harm of user still having a cookie is there is nothing in the $_SESSION for their session id.

  10. #10
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by ultra1 View Post
    It's because you redirecting user to a new location before unsetting the session.
    Ultra1 likely nails your problem.

    In future write and explicit exit() after doing a header redirect, it is best practice in any case, plus it is absolutely obvious to anyone reading the script (including you ) what is going on.

    PHP Code:
    $loc "index.php";  // seems to be the default destiny, so set it here

    if (isset($_SESSION['returnToPage'])){
                
    $loc $_SESSION['returnToPage'];
    }

    header("Location: " BASE_URL $loc);
    exit(); 
    Maybe that simplifies the if/else code for you, its up to you, just an alternative view.

    Just to say, many will bother to log out in any case.

  11. #11
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,934
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Cups and Ultra1,

    Nothing personal, but there was a breakdown in English there!!

    Is this what you guys wanted me to do...
    PHP Code:
    <?php //Build Date: 2011-12-29

        // Initialize a session.
        
    session_start();

        
    // Access Constants
        
    require_once('../config/config.inc.php');

        
    // Log Out User.
        
    $_SESSION['loggedIn'] = FALSE;

        
    // Redirect User.
        
    if (isset($_SESSION['returnToPage'])){
            
    $returnToPage $_SESSION['returnToPage'];
        }else{
            
    $returnToPage "index.php";
        }

        
    session_unset();
        
    session_destroy();
        
    $_SESSION = array();

        
    // Erase Session Cookie Contents.
        
    setcookie("PHPSESSID"""time() - 3600);

        
    header("Location: " BASE_URL $returnToPage);

        
    // End script.
        
    exit();
    ?>

    Debbie

  12. #12
    SitePoint Enthusiast
    Join Date
    Dec 2011
    Posts
    44
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Looks good now. Have you tried it? Have it solved your issue? Again, I think calling session_unset() before session_destroy() is unnecessary, just an extra function call, so commenting it out and see if your code works the same, if it does then remove unnecessary function.

    Also it's better not to hard code the cookie name "PHPSESSID", instead replace it with session_name()

    This is how they recommend doing it on official php documentation:
    if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
    $params["path"], $params["domain"],
    $params["secure"], $params["httponly"]
    );
    }

  13. #13
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,934
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ultra1 View Post
    Looks good now. Have you tried it? Have it solved your issue?
    }
    Logging out works as far as my site is concerned, however the problem of a Session Cookie (with a Session ID) remaining after "Log Out" still exists?!


    Debbie

  14. #14
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Does your landing page (the one you redirect to after logging out) reinitialise a PHP session? If so, that's where the new session cookie is coming from.
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  15. #15
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,934
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by AnthonySterling View Post
    Does your landing page (the one you redirect to after logging out) reinitialise a PHP session? If so, that's where the new session cookie is coming from.
    Before I answer that...

    I am on a MacBook running MAMP.

    Anyway to find out where my Session Cookies are being stored so I can physically see if they are there and if so what is inside of each?


    Debbie

  16. #16
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Look in your php.ini file, that should tell you where they go, if not they may default to some temp folder on macs, not sure.

    Start a new session, go to the folder, select last updated file and click to edit it in your fave text editor.

    On opening you'll see a text file which is a human-readable serialized array of values.

  17. #17
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,934
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Cups View Post
    Look in your php.ini file, that should tell you where they go, if not they may default to some temp folder on macs, not sure.

    Start a new session, go to the folder, select last updated file and click to edit it in your fave text editor.

    On opening you'll see a text file which is a human-readable serialized array of values.
    In Applications/MAMP/tmp/php I see Session files, but I don't believe those are Session Cookies...

    This whole "Where is the Session Cookie" and "Is the Session Cookie being cleaned out and/or erased" is driving me nuts?!

    I hate to say it, but back in the old days it was so much easier to find Cookies on my Windows pc and use them to figure out what was going on with my code.


    Debbie

  18. #18
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    The location of your cookies is determined by your browser, it generates/persists them.
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  19. #19
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,934
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by AnthonySterling View Post
    The location of your cookies is determined by your browser, it generates/persists them.
    I looked in Library/Firefox/Profiles/xxxxx.default/

    And I see...
    Code:
    cookies.sqlite
    cookies.sqlite-shm
    cookies.sqlite-wal
    I tried opening the first one up in TextWrangler but the file contents are pretty nonsensical.

    I also tried searching for "PHPSESSID", but couldn't find any such named files...


    Debbie

  20. #20
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    SORRY, you are looking for cookies not the session files. I misread your post.

    Mostly I install a browser-specific cookie reader which lives on my browsers status bar.

  21. #21
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    The Mozilla docs provide some instructions on how to find your profile folder, where it states Firefox stores its cookies.
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  22. #22
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,934
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by AnthonySterling View Post
    The Mozilla docs provide some instructions on how to find your profile folder, where it states Firefox stores its cookies.
    As I said before, it looks like it is here...
    I looked in Library/Firefox/Profiles/xxxxx.default/

    And I see...
    Code:

    cookies.sqlite
    cookies.sqlite-shm
    cookies.sqlite-wal
    But also as I said...
    I tried opening the first one up in TextWrangler but the file contents are pretty nonsensical.
    So that leads me back to my original question of why is my Session Cookie apparently persisting after it should be cleaned out? (Since I can't easily read the entries in the cookies.sqlite file, I am at a loss...)


    Debbie

  23. #23
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Which takes me back to my question which you wouldn't answer...

    You have Firebug, and it will show you the raw HTTP request/response your browser sends and receives. You can inspect the headers listed in there for the cookie information sent between your browser and the server.
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  24. #24
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,934
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by AnthonySterling View Post
    Which takes me back to my question which you wouldn't answer...

    You have Firebug, and it will show you the raw HTTP request/response your browser sends and receives. You can inspect the headers listed in there for the cookie information sent between your browser and the server.
    Where is that in FireBug??


    And to answer your original question...
    Quote Originally Posted by AnthonySterling View Post
    Does your landing page (the one you redirect to after logging out) reinitialise a PHP session? If so, that's where the new session cookie is coming from.
    Yes, the returnToPages do have their own...
    Code:
    session_start();
    But I commented out the line in my "log_out.php" file that does the redirect, and in FireFox I can still see...
    Code:
    Site: local.debbie
    Cookie Name: PHPSESSID
    Contents: 4d50decfdfca1f3b7f3eb4f826d6a1c3
    1.) When I am Logged In
    2.) When I am Logged Out
    3.) After I quit FireFox, come back in, and look for the Cookie Value?!

    So what is up with that?!

    It is like the Session Cookie will never disappear or its contents are never erased - which I *thought* my code did?!

    And I went to...
    Code:
    Library/Firefox/Profiles/xxxxx.default/
    And opened up...
    Code:
    cookies.sqlite
    ...in TextWrangler, but the file is jibberish, and there is no easy way for me to see if the PHPSESSID is being erased or not. (Although according to FireFox in Preferences, FireFox is persisting the Session Cookie AND the Session ID inside the Session Cookie...)

    Hope you follow me?

    And I hope I answered your question now!

    Thanks,


    Debbie

  25. #25
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    You're digging too deep Debbie and as such, missing out on a few of the simpler things. Let me try and help...

    Here's three files; index.php, login.php and logout.php.

    index.php
    Code PHP:
    <?php
    /* Additional logic is needed here for non-cookie sessions, hence the abstraction */
    function should_start_session(){
            return isset($_COOKIE[ ini_get('session.name') ]);
    }
    if(should_start_session()){
            session_start();
    }
    ?>
    <html>
            <head>
                    <title>Sitepoint.com Demo</title>
            </head>
            <body>
                    <h1>Sitepoint.com Demo</h1>
                    <?php if(isset($_SESSION['admin'])): ?>
                            Welcome back, you can log out <a href="logout.php">here</a>
                    <?php else: ?>
                            Ooops you're not logged in, you can log in <a href="login.php">here</a> though.
                    <?php endif; ?>
                    <h4>Debug::Cookies</h4>
                    <pre><?php print_r($_COOKIE); ?></pre>
                    <h4>Debug::Session</h4>
                    <pre><?php print_r($_SESSION); ?></pre>
            </body>
    </html>

    login.php
    Code PHP:
    <?php
    session_start();
    $_SESSION['admin'] = 1;
    header('Location: [url]http://is.gd/hgnnuo');[/url]
    exit;

    logout.php
    Code PHP:
    <?php
    session_start();
    session_destroy();
    if(ini_get('session.use_cookies')){
        $params = session_get_cookie_params();
        setcookie(
            session_name(),
            '',
            time() - 1,
            $params['path'],
            $params['domain'],
            $params['secure'],
            $params['httponly']
        );
    }
    header('Location: [url]http://is.gd/hgnnuo');[/url]
    exit;
    I've also popped up a demo of these three files in action here, sometimes "seeing" can make things a little clearer.

    Come back with specific questions and I'll answer them for you.

    Anthony.
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •