SitePoint Sponsor

User Tag List

Page 2 of 2 FirstFirst 12
Results 26 to 32 of 32
  1. #26
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,931
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by AnthonySterling View Post
    You're digging too deep Debbie and as such, missing out on a few of the simpler things. Let me try and help...
    Wow! That was deep!

    I need to chew on that code for a while...


    Debbie

  2. #27
    SitePoint Member
    Join Date
    Dec 2011
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Viewing Session Data/Cookies

    Hi,

    I have been messing around with php sessions and cookies in order to learn more about securing php applications. I haven't read all of the above thread so sorry if I'm repeating stuff but I thought this might be useful to someone. This is with the default settings for MAMP 2.0.1 and PHP 5.3.6 on a Mac OSX 10.6.8 (Snow Leopard).

    Session data is stored here on MAMP:
    /Applications/MAMP/tmp/php

    You can open this in a text file and read the array quite easily. Or if you're logged in via SSH you could read it with VI editor. The name of the session files I have are:
    sess_*HASHED SESSION ID GOES HERE*

    The session id is then stored in the cookie in a browser dependent location. I have been using chrome and they cookies are stored in SQLite tables here:
    /Users/put_your_username_here/Library/Application Support/Google/Chrome/Default
    You're looking for a file named Cookies

    I downloaded SQLite Database Browser from here: http://sqlitebrowser.sourceforge.net/ to open these files.
    It basically opens the table as a speadsheet and you and view all the cookies there.

    So there you go, that's how you can find your session cookie and its corresponding session data without using php.

  3. #28
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,931
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by rupertrutland View Post
    Hi,

    I have been messing around with php sessions and cookies in order to learn more about securing php applications. I haven't read all of the above thread so sorry if I'm repeating stuff but I thought this might be useful to someone. This is with the default settings for MAMP 2.0.1 and PHP 5.3.6 on a Mac OSX 10.6.8 (Snow Leopard).

    Session data is stored here on MAMP:
    /Applications/MAMP/tmp/php

    You can open this in a text file and read the array quite easily. Or if you're logged in via SSH you could read it with VI editor. The name of the session files I have are:
    sess_*HASHED SESSION ID GOES HERE*

    The session id is then stored in the cookie in a browser dependent location. I have been using chrome and they cookies are stored in SQLite tables here:
    /Users/put_your_username_here/Library/Application Support/Google/Chrome/Default
    You're looking for a file named Cookies

    I downloaded SQLite Database Browser from here: http://sqlitebrowser.sourceforge.net/ to open these files.
    It basically opens the table as a speadsheet and you and view all the cookies there.

    So there you go, that's how you can find your session cookie and its corresponding session data without using php.
    I installed that app and tried opening the cookies.sqlite file but nothing shows up in the app?


    Debbie

  4. #29
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by DoubleDee View Post
    I installed that app and tried opening the cookies.sqlite file but nothing shows up in the app?


    Debbie
    Is this relevant now?
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  5. #30
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,931
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by AnthonySterling View Post
    Is this relevant now?
    Why?

    Did the topic change?!


    Debbie

  6. #31
    rajug.replace('Raju Gautam'); bronze trophy Raju Gautam's Avatar
    Join Date
    Oct 2006
    Location
    Kathmandu, Nepal
    Posts
    4,013
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by DoubleDee View Post
    Why?

    Did the topic change?!


    Debbie
    Not exactly changed but as Anthony already told that you are going more deeper than it is required. The code and three files Anthony provided are more than enough to try session (login, see private page and logout). Put three files in a separate folder and try browsing the site/page. If you run it as localhost (http://localhost/yourfolder/) then here are steps to see the cookie values in Firefox:

    1. Go to Options box Firefox->Options (Latest Firefox has a drop-down arrow at upper left corner).
    2. Click on the Privacy tab.
    3. Click on the link 'Remove individual cookies' link.
    4. Type 'localhost' in Search box.
    5. Now scroll down to see all the cookies stored for the domain 'localhost'.
    6. Click on the CookieName that you want to see the value "content" below the list.

    Hope that helps! Good luck!
    Mistakes are proof that you are trying.....
    ------------------------------------------------------------------------
    PSD to HTML - SlicingArt.com | Personal Blog | ZCE - PHP 5

  7. #32
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by DoubleDee View Post
    Why?

    Did the topic change?!

    Debbie
    I think that's for you to decide Debbie.

    How did you get on with the code I posted? Did you manage to understand what and why it is doing what it does?

    In addition to Raju's excellent reply, you can omit the local hosting as it's still being hosted at the original location mentioned earlier.
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •