Web Design Forums

gray · 12-08-2004, 12:08

anyone had any experience with getting a site which uses php sessions to validate? mine keeps failing whenever the session is called on a link etc

oli · 12-08-2004, 12:12

Had this exact problem today, not found a solution yet - will keep you posted.

gray · 12-08-2004, 12:19

cheers man, i'll keep looking

Stickman · 12-08-2004, 12:39

What happens if you try to force the block element in after opening the form?

Something like:

PHP Code:


		
			
echo "<form><fieldset>";

Where would the input with the session id be?

smallbeer · 12-08-2004, 16:02

Oli I thought the stick had sorted this in the other thread?

I realised that all the times it's happened to me is when I've been too lazy to style a fieldset and have just used another block level element instead.

wrapping everything in a fieldset (as you should) solves it, or seems to.

oli · 12-08-2004, 16:06

No, Ive stuck the fieldsets in but the php is putting the input - hidden - session id bit in before the fieldset tag and I cant find where in the script its coming from.

smallbeer · 12-08-2004, 16:13

just checked properly and yeah, still fucked. stick and mik aren't that geat then

did you write that?

smallbeer · 12-08-2004, 17:17

right, been speaking to a man who can and he said do this

Choose your poison:

Code:

 php.ini:
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

url_rewriter.tags = "a=href,area=href,frame=src,input=src,fieldset=fakeentry"

Or in a .htaccess
php_value url_rewriter_tags "a=href,area=href,frame=src,input=src,fieldset=fakeentry"

there shouldn't be spaces between fake and entry - no matter what I do the forum puts them there.

but (and he hasn't got back to me yet) that didn't seem to work for me.

Goggled, and found this that did though.

in a .htaccess

Code:

<IfModule mod_php4.c>

php_flag session.use_trans_sid off

</IfModule>

smallbeer · 12-08-2004, 18:54

Quote:

Originally Posted by the man who can

It'll work if you use url_rewriter.tags instead of url_rewriter_tags

Turning off trans_sid will work too, but then you don't have the SID fallback for cookieless browsers (although I've never liked putting the SID in the urls in terms of security or neatness).

so basically the first .htaccess example will work minus the typing error.

the rest could be swahili for all I understood.

oli · 13-08-2004, 04:56

not a monkeys Im afraid, gonna find it if it kills me.

oli · 13-08-2004, 05:13

Well what do you know,

Code:

<IfModule mod_php4.c>

php_flag session.use_trans_sid off

</IfModule>

Stuck that in and its all good, cheers beers

12-08-2004, 12:08	#1 (permalink)
gray i still want paying Join Date: Oct 2003 Location: newcastle, uk Posts: 4,728	php session validating anyone had any experience with getting a site which uses php sessions to validate? mine keeps failing whenever the session is called on a link etc

12-08-2004, 12:39	#4 (permalink)
Stickman Dr. Lucien Sanchez Join Date: Mar 2003 Location: UK Posts: 5,625	What happens if you try to force the block element in after opening the form? Something like: PHP Code: `echo "<form><fieldset>";` Where would the input with the session id be?

12-08-2004, 16:02	#5 (permalink)
smallbeer I Ain't Losing Any Sleep™ Join Date: Apr 2003 Posts: 5,236	Oli I thought the stick had sorted this in the other thread? I realised that all the times it's happened to me is when I've been too lazy to style a fieldset and have just used another block level element instead. wrapping everything in a fieldset (as you should) solves it, or seems to. __________________ That's fuckin' ingenious, if I understand it correctly. It's a Swiss fuckin' watch.

12-08-2004, 16:13	#7 (permalink)
smallbeer I Ain't Losing Any Sleep™ Join Date: Apr 2003 Posts: 5,236	just checked properly and yeah, still fucked. stick and mik aren't that geat then did you write that? __________________ That's fuckin' ingenious, if I understand it correctly. It's a Swiss fuckin' watch.

12-08-2004, 17:17	#8 (permalink)
smallbeer I Ain't Losing Any Sleep™ Join Date: Apr 2003 Posts: 5,236	right, been speaking to a man who can and he said do this Choose your poison: Code: php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" url_rewriter.tags = "a=href,area=href,frame=src,input=src,fieldset=fakeentry" Or in a .htaccess php_value url_rewriter_tags "a=href,area=href,frame=src,input=src,fieldset=fakeentry" there shouldn't be spaces between fake and entry - no matter what I do the forum puts them there. but (and he hasn't got back to me yet) that didn't seem to work for me. Goggled, and found this that did though. in a .htaccess Code: <IfModule mod_php4.c> php_flag session.use_trans_sid off </IfModule> __________________ That's fuckin' ingenious, if I understand it correctly. It's a Swiss fuckin' watch. Last edited by smallbeer : 12-08-2004 at 18:52.

12-08-2004, 12:12	#2 (permalink)
oli Free Ring Ding™ Join Date: Feb 2003 Location: Manchester Posts: 9,502	Had this exact problem today, not found a solution yet - will keep you posted.

12-08-2004, 12:19	#3 (permalink)
gray i still want paying Join Date: Oct 2003 Location: newcastle, uk Posts: 4,728	cheers man, i'll keep looking

12-08-2004, 16:06	#6 (permalink)
oli Free Ring Ding™ Join Date: Feb 2003 Location: Manchester Posts: 9,502	No, Ive stuck the fieldsets in but the php is putting the input - hidden - session id bit in before the fieldset tag and I cant find where in the script its coming from.

13-08-2004, 04:56	#10 (permalink)
oli Free Ring Ding™ Join Date: Feb 2003 Location: Manchester Posts: 9,502	not a monkeys Im afraid, gonna find it if it kills me.

13-08-2004, 05:13	#11 (permalink)
oli Free Ring Ding™ Join Date: Feb 2003 Location: Manchester Posts: 9,502	Well what do you know, Code: <IfModule mod_php4.c> php_flag session.use_trans_sid off </IfModule> Stuck that in and its all good, cheers beers

LinkBacks (?) LinkBack to this Thread: http://www.designerstalk.com/forums/web-standards/4840-php-session-validating.html
Posted By	For	Type	Date
New challenges and hurdles, Now Validation for PHP produced page - SitePoint Forums	This thread	Refback	30-04-2007 23:31
New challenges and hurdles, Now Validation for PHP produced page - SitePoint Forums	This thread	Refback	25-04-2007 15:16

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search