Re: [phplib] Session works only one times From: Douglas Forrest (dougforrest <email protected>)
Date: 12/26/00

Set

  var $allowcache = "no";

in Example_Session.

----- Original Message -----
From: A. Grubert <agrubert <email protected>>
To: <phplib <email protected>>
Sent: Tuesday, December 26, 2000 8:47 AM
Subject: [phplib] Session works only one times

>
> Hey folks,
>
> i got a problem with my phplib (7.02b). The phplib-example for testing
> the database works fine. I can see my entries and metadata. Problems
> exists only with the sessions-part.
>
> My local.inc is realy unchanged, it is the original one (see end of this
> email). I only changed the entries to connect to my database at
> Schlund&Partner (mysql).
>
> If I open this simple page, the Browser wish to set a cookie
> Example_Session (I can see it in the database table) and then the page
> with the counter (1) is shown. If I reload the page, the counter is
> incremented to 2 (not always), but if I reload the counter again it
> don't increments.
> I can't fix this problem !!! The problem occured only on my
> Schlund&Partner webspace, on my local system it works fine.
>
> <?php
> include("../gc_db/inc_phplib.php3"); // in this include I
> call prepend.inc
> // usefull to test on local or www-system
> // with different pathes to PHPLib
> page_open(array("sess" => "Example_Session")); // it ask me for
> accepting the cookie
> if (!isset($s)) $s=0;
> $sess->register("s");
> $s++;
> ?>
> <html>
> <head><title>PHP3 test page</title></head>
> <body bgcolor="#ffffff">
> <a href="<?php $sess->purl("test_003.php3")?>">Load</a> this simple
> page again.<br>
> <h1>Per Session Data: </h1>
> <?php print($s); ?>
> </body></html>
> <?php page_close(); ?>
>
> ----- my local.inc ---------
> <?php
> /*
> * Session Management for PHP3
> *
> * Copyright (c) 1998,1999 SH Online Dienst GmbH
> * Boris Erdmann, Kristian Koehntopp
> *
> * $Id: local.inc,v 1.23 1999/08/25 11:40:48 kk Exp $
> *
> */
>
> class DB_Example extends DB_Sql {
> var $Host = "----";
> var $Database = "----";
> var $User = "----";
> var $Password = "----";
> }
>
> class Example_CT_Sql extends CT_Sql {
> var $database_class = "DB_Example"; ## Which database to
> connect...
> var $database_table = "active_sessions"; ## and find our session data
> in this table.
> }
>
> class Example_Session extends Session {
> var $classname = "Example_Session";
>
> var $cookiename = ""; ## defaults to classname
> var $magic = "Hocuspocus"; ## ID seed
> var $mode = "cookie"; ## We propagate session IDs
> with cookies
> var $fallback_mode = "get";
> var $lifetime = 0; ## 0 = do session cookies,
> else minutes
> var $that_class = "Example_CT_Sql"; ## name of data storage
> container
> var $gc_probability = 5;
> }
>
> class Example_User extends User {
> var $classname = "Example_User";
>
> var $magic = "Abracadabra"; ## ID seed
> var $that_class = "Example_CT_Sql"; ## data storage container
> }
>
> class Example_Auth extends Auth {
> var $classname = "Example_Auth";
>
> var $lifetime = 15;
>
> var $database_class = "DB_Example";
> var $database_table = "auth_user";
>
> function auth_loginform() {
> global $sess;
> global $_PHPLIB;
>
> include($_PHPLIB["libdir"] . "loginform.ihtml");
> }
>
> function auth_validatelogin() {
> global $username, $password;
>
> if(isset($username)) {
> $this->auth["uname"]=$username; ## This provides access for
> "loginform.ihtml"
> }
>
>
> $uid = false;
>
> $this->db->query(sprintf("select user_id, perms ".
> " from %s ".
> " where username = '%s' ".
> " and password = '%s'",
> $this->database_table,
> addslashes($username),
> addslashes($password)));
>
> while($this->db->next_record()) {
> $uid = $this->db->f("user_id");
> $this->auth["perm"] = $this->db->f("perms");
> }
> return $uid;
> }
> }
>
> class Example_Default_Auth extends Example_Auth {
> var $classname = "Example_Default_Auth";
>
> var $nobody = true;
> }
>
> class Example_Challenge_Auth extends Auth {
> var $classname = "Example_Challenge_Auth";
>
> var $lifetime = 1;
>
> var $magic = "Simsalabim"; ## Challenge seed
> var $database_class = "DB_Example";
> var $database_table = "auth_user";
>
> function auth_loginform() {
> global $sess;
> global $challenge;
> global $_PHPLIB;
>
> $challenge = md5(uniqid($this->magic));
> $sess->register("challenge");
>
> include($_PHPLIB["libdir"] . "crloginform.ihtml");
> }
>
> function auth_validatelogin() {
> global $username, $password, $challenge, $response;
>
> if(isset($username)) {
> $this->auth["uname"]=$username; ## This provides access for
> "loginform.ihtml"
> }
> $this->db->query(sprintf("select user_id,perms,password ".
> "from %s where username = '%s'",
> $this->database_table,
> addslashes($username)));
>
> while($this->db->next_record()) {
> $uid = $this->db->f("user_id");
> $perm = $this->db->f("perms");
> $pass = $this->db->f("password");
> }
> $exspected_response = md5("$username:$pass:$challenge");
>
> ## True when JS is disabled
> if ($response == "") {
> if ($password != $pass) {
> return false;
> } else {
> $this->auth["perm"] = $perm;
> return $uid;
> }
> }
>
> ## Response is set, JS is enabled
> if ($exspected_response != $response) {
> return false;
> } else {
> $this->auth["perm"] = $perm;
> return $uid;
> }
> }
> }
>
> ##
> ## Example_Challenge_Crypt_Auth: Keep passwords in md5 hashes rather
> ## than cleartext in database
> ## Author: Jim Zajkowski <jim <email protected>>
>
> class Example_Challenge_Crypt_Auth extends Auth {
> var $classname = "Example_Challenge_Crypt_Auth";
>
> var $lifetime = 1;
>
> var $magic = "Frobozzica"; ## Challenge seed
> var $database_class = "DB_Example";
> var $database_table = "auth_user_md5";
>
> function auth_loginform() {
> global $sess;
> global $challenge;
>
> $challenge = md5(uniqid($this->magic));
> $sess->register("challenge");
>
> include("crcloginform.ihtml");
> }
>
> function auth_validatelogin() {
> global $username, $password, $challenge, $response;
>
> $this->auth["uname"]=$username; ## This provides access for
> "loginform.ihtml"
>
> $this->db->query(sprintf("select user_id,perms,password ".
> "from %s where username = '%s'",
> $this->database_table,
> addslashes($username)));
>
> while($this->db->next_record()) {
> $uid = $this->db->f("user_id");
> $perm = $this->db->f("perms");
> $pass = $this->db->f("password"); ## Password is stored as a
> md5 hash
> }
> $exspected_response = md5("$username:$pass:$challenge");
>
> ## True when JS is disabled
> if ($response == "") {
> if (md5($password) != $pass) { ## md5 hash for
> non-JavaScript browsers
> return false;
> } else {
> $this->auth["perm"] = $perm;
> return $uid;
> }
> }
>
> ## Response is set, JS is enabled
> if ($exspected_response != $response) {
> return false;
> } else {
> $this->auth["perm"] = $perm;
> return $uid;
> }
> }
> }
>
> class Example_Perm extends Perm {
> var $classname = "Example_Perm";
>
> var $permissions = array(
> "user" => 1,
> "author" => 2,
> "editor" => 4,
> "supervisor" => 8,
> "admin" => 16
> );
>
> function perm_invalid($does_have, $must_have) {
> global $perm, $auth, $sess;
> global $_PHPLIB;
>
> include($_PHPLIB["libdir"] . "perminvalid.ihtml");
> }
> }
> ?>
>
>
>
>
> Gruß
> Armin
>
> ----- http://www.armin-grubert.vu.de ------
> Dipl.-Geol. A. Grubert Oppenheimer Straße 28
> Tel.: 06737 - 809076 55278 Köngernheim
> --------- agrubert <email protected> --------
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: phplib-unsubscribe <email protected>
> For additional commands, e-mail: phplib-help <email protected>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>