phpbar.de logo

Mailinglisten-Archive
[php] Session Problem

[php] Session Problem

avicena at rocketmail.com avicena at rocketmail.com
Die Mai 31 10:40:21 CEST 2005 

Ach und hier ein Auszug aus der php.ini


[Session]
; Handler used to store/retrieve data.
session.save_handler = files

; Argument passed to save_handler.  In the case of
files, this is the path
; where data files are stored. Note: Windows users
have to change this
; variable in order to use PHP's session functions.
session.save_path= "/var/tmp"

; Whether to use cookies.
session.use_cookies = 1

; This option enables administrators to make their
users invulnerable to
; attacks which involve passing session ids in URLs;
defaults to 0.
; session.use_only_cookies = 1

; Name of the session (used as cookie name).
session.name = PHPSESSID

; Initialize session on request startup.
session.auto_start =0

; Lifetime in seconds of cookie or, if 0, until
browser is restarted.
session.cookie_lifetime = 0

; The path for which the cookie is valid.
session.cookie_path = "/var/tmp"

; The domain for which the cookie is valid.
session.cookie_domain =

; Handler used to serialize data.  php is the standard
serializer of PHP.
session.serialize_handler = php

; Define the probability that the 'garbage collection'
process is started
; on every session initialization.
; The probability is calculated by using
gc_probability/gc_dividend,
; e.g. 1/100 means 1%.

session.gc_probability = 1
session.gc_dividend    = 1000

; After this number of seconds, stored data will be
seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 1440

; PHP 4.2 and less have an undocumented feature/bug
that allows you to
; to initialize a session variable in the global
scope, albeit register_globals
; is disabled.  PHP 4.3 and later will warn you, if
this feature is used.
; You can disable the feature and the warning
seperately. At this time,
; the warning is only displayed, if bug_compat_42 is
enabled.
session.bug_compat_42 = 0
session.bug_compat_warn = 1

; Check HTTP Referer to invalidate externally stored
URLs containing ids.
; HTTP_REFERER has to contain this substring for the
session to be
; considered as valid.
session.referer_check =

; How many bytes to read from the file.
session.entropy_length = 0

; Specified here to create the session id.
session.entropy_file =

;session.entropy_length = 16

;session.entropy_file = /dev/urandom

; Set to {nocache,private,public,} to determine HTTP
caching aspects.
; or leave this empty to avoid sending anti-caching
headers.
session.cache_limiter = nocache

; Document expires after n minutes.
session.cache_expire = 180

; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
;   to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
;   in publically accessible computer.
; - User may access your site with the same session ID
;   always using URL stored in browser's history or
bookmarks.
session.use_trans_sid =1

; The URL rewriter will look for URLs in a defined set
of HTML tags.
; form/fieldset are special; if you include them here,
the rewriter will
; add a hidden <input> field with the info which is
otherwise appended
; to URLs.  If you want XHTML conformity, remove the
form entry.
; Note that all valid entries require a "=", even if
no value follows.
url_rewriter.tags =
"a=href,area=href,frame=src,input=src,form=fakeentry"

; Select a hash function
; 0: MD5   (128 bits)
; 1: SHA-1 (160 bits)
session.hash_function = 0

; Define how many bits are stored in each character
when converting
; the binary hash data to something readable.
;
; Define how many bits are stored in each character
when converting
; the binary hash data to something readable.
;
; 4 bits: 0-9, a-f
; 5 bits: 0-9, a-v
; 6 bits: 0-9, a-z, A-Z, "-", ","
session.hash_bits_per_character = 4

; The URL rewriter will look for URLs in a defined set
of HTML tags.
; form/fieldset are special; if you include them here,
the rewriter will
; add a hidden <input> field with the info which is
otherwise appended
; to URLs.  If you want XHTML conformity, remove the
form entry.
; Note that all valid entries require a "=", even if
no value follows.
url_rewriter.tags =
"a=href,area=href,frame=src,input=src,form=,fieldset="



--- Lutz Zetzsche <Lutz.Zetzsche at sea-rescue.de> wrote:
> Hi Luis,
> 
> avicena at rocketmail.com schrieb:
> > ich weiss, ich weiss..
> > Sessions !
> >
> > eine never ending Story !
> > Ich habe ganau das Problem vom Amir.
> > Mein Browser akzeptiert cookies.
> > trans_id ist auch an.
> > und trotzdem generiert php mehrere sessionids.
> > ich weiss nicht wie ich ihn davon abhalten kann
> :-((
> >
> > Bitte um Hiiillllllffeeeee !
> > danke vielmals
> 
> ja, ja...
> Kein Codeauszug!
> 
> Eine Never-ending Story!
> 
> ;-)))
> 
> Scherz beiseite. Kannst Du mal bitte den relevanten
> Teil Deines PHP-Codes
> mailen, damit man eventuell sehen kann, woran es
> liegen könnte? Ohne
> irgendetwas in der Hand zu haben, ist es schwierig,
> auf Fehlersuche zu
> gehen. :-) Natürlich gibt es die üblichen
> Verdächtigen, aber ohne Beweis
> können wir sie nicht festnageln. ;-)
> 
> 
> Viele Grüße
> 
> Lutz
> 
> -- 
> ** Allgemeine deutschsprachige PHP-Liste:
> php at phpbar.de **
> Informationen: http://www.phpbar.de
> http://lists.phpbar.de/mailman/listinfo/php
> 


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Small Business - Try our new Resources site
http://smallbusiness.yahoo.com/resources/

php::bar PHP Wiki   -   Listenarchive