session

问题 Let's assume some validated data gets passed from one PHP page to another using session parameters. How can I be sure on the second php page, this session data is still the data I validated on the first php page? From what I understand the session data is stored in cookies on the users computer. So what stops the users from injecting corrupted data into that sessions cookie? Because in my scenario I need to rely on the fact, that the data passed to the second page is already validated. So the

问题 I am using WSO2 IS 5.10.0 running in the official Docker image and followed the guide here to setup session limiting for users with defined roles. I have attempted to use the main way described in the article (using the active-session-limit-handler), as well as the alternative method described in section 2 (using adaptive authentication Javascript functions). Neither method has worked for me. Through error logs I was able to trace the issue back to the following query: SELECT USER_ID FROM IDN

问题 I have a php application that opens a session and sends the appropriate cookie to the browser like normal. Somewhere in the script I want to close the current session, silently open a new one in the background, get some values from this "background session", close it again and resume the main session (the one the user got cookies for). In Debian Stretch having PHP 7.0 the following minimal example worked like a charm but now in PHP 7.3 (Debian Buster) I get several warnings and the example

问题 I have a php system that works fine stand-alone but not when embedded in an iframe. It's embedded in a page on another domain.. and consists of: main.php graps a parameter off iframe-URL, look up in MySQL, sets a session variable and draws a grid. Then, using ajax, tries to get data to display in the grid. - but the ajax.php doesn't have the same session_id() ?!? AND in subsequent ajax-calls for data (to update the grid) the session_id() keeps changing! To recap: ALL my PHP is inside the SAME

问题 I have session variables stored on the client. (in this example, session var is "username" with value "Foo") I need the server to know that the new connection that just loaded in has the name "Foo." is there any way to have the server know the value of a session variable? 回答1: No, you cannot do that. Sessions are stored in the cookies and Ratchet cannot access them. However, I use this approach when I am working with web-sockets: Create a hash when the user logins into the account and store

问题 Strange behavior occured in an old WebForms app. I can't give you link, or big picture, I can only ask for specific detail, so maybe someone has an idea which way to explore. App on the domain A embeds app on another domain B within iframe. (If it hosts the site on the same domain, then it's fine, the problem doesn't occur.) domainA.com: <iframe src="http://domainB.com/page1.aspx" /> page1.aspx writes a Session variable: http://domainB.com/page1.aspx: HttpContext.Current.Session["UTCOffset"]

问题 i have setup a Laravel project with two guards wach with Hi own users table. Now i want to save the sessions into the database instead in a file. The Problem is that I cant save the session in a single table, because the user ID is not unique. How can I solve this problem? Thanks. 回答1: I tried this. This working, but it exists a default session driver, so a user has a session in the default table and in the admin_sessions table. class AuthServiceProvider extends ServiceProvider { protected

问题 User's in Yii appear to be logged out automatically if they close their browser or are idle for about a day (maybe less, I'm not sure). Is it possible to not log them out ever (or at least for a long time for month or year). Not sure if the Session parameters or Cookie parameters need to change. I've tried changing the parameters. 'components' => [ 'session'=>[ 'class' => 'yii\web\Session', 'cookieParams' => ['httponly' => true, 'lifetime' => 3600 * 4* 365], 'timeout' => 3600*4 *365,

问题 I have tried all the ways to set the session in the Codeigniter (3.0.6) and Tank Auth (a plug in for Login and Registration). Nothing is working for me. Here is my ci_session table data. Below is my Config file info for the session. $config['sess_driver'] = 'database'; $config['sess_cookie_name'] = 'ci_session'; $config['sess_expiration'] = 7200; $config['sess_save_path'] = 'ci_session'; $config['sess_match_ip'] = FALSE; $config['sess_time_to_update'] = 300; $config['sess_regenerate_destroy']

问题 I am trying to close the resource resolver that I opened but I got this error “javax.jcr.RepositoryException: This session has been closed when I close resource resolver. Actually I don’t see any problem if you leave the resource resolver as open but I don’t want to leave the resource resolver open in the code. serviceParam.put(ResourceResolverFactory.SUBSERVICE, "serviceNew"); ResourceResolver resourceResolver = null; try { resourceResolver = resourceResolverFactory