PHP Classes

no cookies

Recommend this page to a friend!

      Access user Class  >  All threads  >  no cookies  >  (Un) Subscribe thread alerts  
Subject:no cookies
Summary:no session-cookies
Messages:6
Author:martin dürauer
Date:2006-03-01 13:36:10
Update:2006-03-21 10:02:40
 

  1. no cookies   Reply   Report abuse  
Picture of martin dürauer martin dürauer - 2006-03-01 13:36:10
hi, is there a way to use your class without cookie-support, which is the default-setting in win-xp/os-X?
thx
martin

  2. Re: no cookies   Reply   Report abuse  
Picture of Olaf Lederer Olaf Lederer - 2006-03-01 20:42:11 - In reply to message 1 from martin dürauer
Hello,

the class is completly session based, there is only one cookie to remember the login.

Do you tested the class? (it's written and tested on a windows notebook)

regards Olaf

  3. Re: no cookies   Reply   Report abuse  
Picture of martin dürauer martin dürauer - 2006-03-03 09:05:28 - In reply to message 2 from Olaf Lederer
hello olaf,

thanks for your prompt reply. first of all my big regards for your work, it`s very near on the daily requirements and easy to understand.
yes, i tested it, and also used in several projects, also by extending the queries for additional fields in user_table.
in the actual case, we use it to realise a registration that aims not really at security than to give the user the impression that he`s accessing something special. everyone can register with auto-access.
since xp-sp2 and its glorious default-settings, the session-cookie could be a problem for some users(maybe 20% of ours).
The code of your class is clear, so I will try to implement a fallout-routine for that cases and send the sid with the url.
have you thought about such a thing?

best greets to the netherlands!
martin


  4. Re: no cookies   Reply   Report abuse  
Picture of martin dürauer martin dürauer - 2006-03-03 09:07:46 - In reply to message 2 from Olaf Lederer
..oh, I forgot: tested the class on openBSD and suse-linux. there was never a system-specific problem, I think ..

  5. Re: no cookies   Reply   Report abuse  
Picture of Olaf Lederer Olaf Lederer - 2006-03-03 10:03:41 - In reply to message 3 from martin dürauer
I have XP sp2 on my notebook, is your installation with IIS or apache server?

Olaf

PS. to chek this a little bit more it's easier to comunicate by mail (find my address on my personal page or the contact from on my website).

  6. Re: no cookies : solution   Reply   Report abuse  
Picture of martin dürauer martin dürauer - 2006-03-21 10:02:40 - In reply to message 5 from Olaf Lederer
with help and suggestions from olaf, the class works fine without browser-cookie-support.
we had to add the sid to the header-redirects inside the class functions, like this: header("Location: ".$next_page."/?".session_name()."=".session_id());

another requirement is to set the php_flag session.use_trans_sid to 1, which can be done via .htaccess or php.ini.

a .htaccess for demonstration, which is depending on your php.ini settings:

php_flag session.use_cookies 1
php_flag use_only_cookies Off
php_flag session.use_trans_sid On
php_value url_rewriter.tags "a=href,area=href,frame=src,input=src,fieldset=fakeentry"
php_flag register_globals off

hope this helps somone, thanx and regards to olaf.