RES: [PHP-INSTALL] Can't enable use_trans_sid

07/04/2008, 23h04

{sorry for top-posting, but outlook can't do better}

I executed "cat /usr/local/lib/php.ini | grep -i session" and found out that
there was already one entry for that conf option by default, and it was set
to 0.

It fixed it, sorry I was that dumb.

Just saw the source and it is adding the phpsessid hidden input field, now
have to find out why my app does not let me login

Another question:

Is there a way to make php use these fields instead of for
session control? I still want to let enabled for other stuff, but as
it's messing up with multiple sessions because of poor handling.

Thanks!!

-----Mensagem original-----
De: Keith Roberts [mailto:keith@karsites.net]
Enviada em: segunda-feira, 7 de abril de 2008 17:38
Para: php-install@lists.php.net
Assunto: Re: [PHP-INSTALL] Can't enable use_trans_sid

On Mon, 7 Apr 2008, Thiago Pojda wrote:

> To: php-install@lists.php.net
> From: Thiago Pojda <thiago.pojda@softpartech.com.br>
> Subject: [PHP-INSTALL] Can't enable use_trans_sid
>
> Guys,
>
> I can't enable trans_sid, I've tried set these to php.ini :
>
> session.use_trans_sid = On [tried 1 also] url_rewriter.tags =
> "a=href,area=href,frame=src,input=src,form=fakeent ry,fieldset="
>
> Tried recompile it with --enable-trans-sid but still doesn't work. I
> just realized that my phpinfo spits "session.use_trans_sid Off".
>
> Any hints?
>
> -- VERSIONS --
>
> PHP Version 4.4.8
>
>
> System Linux debian 2.6.18-6-486 #1 Sun Feb 10
22:06:33 UTC 2008 i686
> Build Date Apr 7 2008 10:46:06
> Configure Command './configure' '--with-apxs2=/usr/bin/apxs2'
> '--with-oci8-instant-client=/oracle/instantclient/' '--disable-zts'
> Server API Apache 2.0 Handler
> Virtual Directory Support enabled
> Configuration File (php.ini) Path /usr/local/lib/php.ini

Are you sure you are editing the correct php.ini file Thiago?

Can you also post the section from your php.ini that has all
the session.* directives in it?

It maybe that there are other session.* configuration options
that need to be set as well to enable you to use PHP sessions.

Kind Regards,

Keith Roberts

-----------------------------------------------------------------
Websites:
http://www.php-debuggers.net
http://www.karsites.net
http://www.raised-from-the-dead.org.uk

All email addresses are challenge-response protected with TMDA
[http://tmda.net]
-----------------------------------------------------------------

08/04/2008, 15h20

De: Keith Roberts [mailto:keith@karsites.net]

>> Another question:
>>
>> Is there a way to make php use these fields [hidden sessid] instead of
for
>> session control? I still want to let enabled for other stuff,
>> but as it's messing up with multiple sessions because of poor
>> handling.
>>

>As the browser use a different mechanism for storing
>and retrieving independently of PHP, I cannot see how
>browser can be clashing with your PHP session_id .

The problem I run into sometimes is:
A user opens a IE instance and logs in. The same user, on the same PC, opens
a new instance (not from "Open in new window..." but from iexplore.exe) and
logs in again.
Then he has two independent sessions until the data from both sessions get
mixed up, showing data from one session in another. I can't think of any
other problem but erroneous session_ids being sent.

> If you use a pre-built PHP application that also uses PHP
> session_id's, then that can cause a problem with your own
> website if that also wants to use PHP session_id .

This is the only PHP app running, there are two more that sometimes run but
they're JSPs.

>I guess the obvious way would for PHP session_id's to allow
>multiple session_id_name(s), so each PHP application can choose
>it's own session_id to be know by. This would also imply that
>PHP has the capability to pass those multiple session_id's
>between the respective PHP applications that are running side
>by side on the same website. Maybe this is in the pipeline for
>a future release of PHP, or has it already been implemented?

Not sure what you mean, but I already can use two sessions for a while.
Perhaps I'm not getting through the language barrier, but I did not
understand you. :/

Thanks!

08/04/2008, 15h20	#2
Thiago Pojda Messages: n/a Hébergeur:	RES: [PHP-INSTALL] Can't enable use_trans_sid De: Keith Roberts [mailto:keith@karsites.net] >> Another question: >> >> Is there a way to make php use these fields [hidden sessid] instead of for >> session control? I still want to let enabled for other stuff, >> but as it's messing up with multiple sessions because of poor >> handling. >> >As the browser use a different mechanism for storing >and retrieving independently of PHP, I cannot see how >browser can be clashing with your PHP session_id . The problem I run into sometimes is: A user opens a IE instance and logs in. The same user, on the same PC, opens a new instance (not from "Open in new window..." but from iexplore.exe) and logs in again. Then he has two independent sessions until the data from both sessions get mixed up, showing data from one session in another. I can't think of any other problem but erroneous session_ids being sent. > If you use a pre-built PHP application that also uses PHP > session_id's, then that can cause a problem with your own > website if that also wants to use PHP session_id . This is the only PHP app running, there are two more that sometimes run but they're JSPs. >I guess the obvious way would for PHP session_id's to allow >multiple session_id_name(s), so each PHP application can choose >it's own session_id to be know by. This would also imply that >PHP has the capability to pass those multiple session_id's >between the respective PHP applications that are running side >by side on the same website. Maybe this is in the pipeline for >a future release of PHP, or has it already been implemented? Not sure what you mean, but I already can use two sessions for a while. Perhaps I'm not getting through the language barrier, but I did not understand you. :/ Thanks!

07/04/2008, 23h04	#1
Thiago Pojda Messages: n/a Hébergeur:	RES: [PHP-INSTALL] Can't enable use_trans_sid {sorry for top-posting, but outlook can't do better} I executed "cat /usr/local/lib/php.ini \| grep -i session" and found out that there was already one entry for that conf option by default, and it was set to 0. It fixed it, sorry I was that dumb. Just saw the source and it is adding the phpsessid hidden input field, now have to find out why my app does not let me login Another question: Is there a way to make php use these fields instead of for session control? I still want to let enabled for other stuff, but as it's messing up with multiple sessions because of poor handling. Thanks!! -----Mensagem original----- De: Keith Roberts [mailto:keith@karsites.net] Enviada em: segunda-feira, 7 de abril de 2008 17:38 Para: php-install@lists.php.net Assunto: Re: [PHP-INSTALL] Can't enable use_trans_sid On Mon, 7 Apr 2008, Thiago Pojda wrote: > To: php-install@lists.php.net > From: Thiago Pojda <thiago.pojda@softpartech.com.br> > Subject: [PHP-INSTALL] Can't enable use_trans_sid > > Guys, > > I can't enable trans_sid, I've tried set these to php.ini : > > session.use_trans_sid = On [tried 1 also] url_rewriter.tags = > "a=href,area=href,frame=src,input=src,form=fakeent ry,fieldset=" > > Tried recompile it with --enable-trans-sid but still doesn't work. I > just realized that my phpinfo spits "session.use_trans_sid Off". > > Any hints? > > -- VERSIONS -- > > PHP Version 4.4.8 > > > System Linux debian 2.6.18-6-486 #1 Sun Feb 10 22:06:33 UTC 2008 i686 > Build Date Apr 7 2008 10:46:06 > Configure Command './configure' '--with-apxs2=/usr/bin/apxs2' > '--with-oci8-instant-client=/oracle/instantclient/' '--disable-zts' > Server API Apache 2.0 Handler > Virtual Directory Support enabled > Configuration File (php.ini) Path /usr/local/lib/php.ini Are you sure you are editing the correct php.ini file Thiago? Can you also post the section from your php.ini that has all the session.* directives in it? It maybe that there are other session.* configuration options that need to be set as well to enable you to use PHP sessions. Kind Regards, Keith Roberts ----------------------------------------------------------------- Websites: http://www.php-debuggers.net http://www.karsites.net http://www.raised-from-the-dead.org.uk All email addresses are challenge-response protected with TMDA [http://tmda.net] -----------------------------------------------------------------

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email