Could anybody help me to understand this issue?The problem is:
I have a two versions of my application that work in parallel. This means that I have sessions already started in one application that I should use in another app.
First version uses PHP sessions ($_SESSION with custom handlers) and second version of application built on Zend Framework and it should use Zend_Session.
So when I try to create new Zend_Session_Namespace("default") instance I get an error that session was already started and it's true.
So the question is — can I initialize Zend_Session object with the data already stored in PHP $_SESSION?
I had similar problem, and figured it out form zend site,
This worked for me:
in .htaccess file do:
php_value session.auto_start 0
For ref check: http://framework.zend.com/manual/en/zend.session.advanced_usage.html
Hope it helps
Ok, I solved this issue, and in case of me the solution is:
In old version I push member's ID into cookie
In new version I fetch that ID and use different sessions system with own handler.
The one thing that may up security and may help avoid collisions it's check member's email using pubcookie.
Hope my solution helps someone.
Related
I have created an identical copy of our production instance to my local environment running XAMPP and I am trying to do the following:
After upgrading Moodle from 3.5.10 to 3.6.8 and restoring all plugins etc. I am unable to login. Before upgrading to 3.6.8, I had already performed the following upgrades,
3.4.1 -> 3.4.9
3.4.9 -> 3.5.10
and everything worked fine during those 2 upgrades. I followed exactly the recommended upgrading method as described in moodle's docs.
After successfully upgrading to 3.6.8, I successfully passed the step about the server requirements for the correct php mysql and db versions, I then successfully passed the next step as well for upgrading the database and made sure that all the plugins are fine and had no errors (just some warnings about a few plugins that can be updated to newer version) and after that step finished too, I then got back to the /admin/index.php screen asking me to login. That seemed weird to me because during the previous updates, it never asked me to login after completing the upgrading, but I said, ok. i'll just login. So after trying to login i am constantly getting the message "Invalid login, please try again"
I have tried almost anything here and by anything I mean the following.
First of all, I checked my hashed password in the local database and it is exactly the same with my hashed password in production database.
I then read an article that from moodle 3.1 the logintoken was introduced and since we use the mb2nl theme, I supposed that I just have to add the new input hidden field for this logintoken to the login form but the field was already there and again that was not the issue.
I am at a point where I cannot think of what else might be wrong and I am stuck.
A few more information about our whole setup, we have a Joomla website and our moodle users are actually coming from Joomla, Therefore we use a plugin named Joomdle which connects these 2 CMSs. Our users register to our Joomla website and the Joomdle plugin sends the credentials to moodle and the user is being created to the moodle CMS as well and an entry is being created in the moodle's "user" table. The difference is that moodle generates a different hashed password from the hashed password that joomla does. Anyway, there were no problems at all with logins or anything else since I tried logging in with multiple user accounts in moodle and all worked fine, before upgrading to version 3.6.8.
This is not a Joomdle issue since I already checked this by completely removing Joomdle and this is not the cause. This is probably coming from moodle core but since moodle has NO error reporting or logging at all, I really cannot understand what this is.
To exclude one more matter linked in this question, I already checked and made sure that moodle's password salt is the same both in production and local environments.
I am not sure what is going on here and this is why I desperately need some help from experts.
Solution:
I was able to solve this problem but forgot to come back here and give the solution.
The problem was that, as I said above, we are using the mb2nl theme and the theme's login form did not include the hidden input field to create the logintoken.
On my question above I write somewhere in the middle "I supposed that I just have to add the new input hidden field for this logintoken to the login form but the field was already there and again that was not the issue". I was looking at the wrong place. The login form that I was looking at, was the Moodle's itself login form and not the theme's login form.
I then found the login form in the theme's files and the logintoken hidden input field was indeed missing from there. I added it and then I was able to login normally.
Happened to me today. Executing the cron.php cli script trigered again the upgrade process and solved my problem.
I am facing a cookies problem in my website , I am using Scala with Play Framework 2.2.0.
If user replaces cookies with another user's cookies it works there i want to stop that please give me any solution.I have changed and modify in application.conf file with all security but i did not get any effect in my application.
If there is any type of trick or logic behind it please tell me.
As shown in the documentation it is just a config change https://www.playframework.com/documentation/2.8.x/SettingsSession.
Note: problems with deserialization might occur.
I have used zend session as bellow..
$test = new Zend_Session_Namespace('test');
$test->test = "test text";
But when i move from one step to another step its working fine and echoes value Not on step3. even i tried using $_SESSION direct (because am desperate this to work ). But i have same problem that session not stored. Site seems almost broken when i use mozilla and IE. Not only in my PC But i have tested in multiple systems.
Tried clearing cookies, used cookie enabled browser only.
SO please suggest me what could be the posible problem in doing above. even i have inserted zend_session::start();
Thanks in advance,
Sanjeevk,
You haven't provided any useful code for what you are trying to accomplish, so I'm going to guess.
I have encountered a problem similar to this as well. My issue was simply trying to persist a page number from the paginator so I could perform an operation on a record and then return to the same page in the previous action.
The problem I was having was that the controller would overwrite the session data every time I called the action (page refresh), so while the page number would persist to other actions as soon as I called the original action the session would be over written and the page would reset to 1.
My solution was to get the page number from the view script and then feed it back to the controller later.
//the view script
<?php $session = new Zend_Session_Namespace('page'); $page = $this->paginator->getCurrentPageNumber(); ?>
so now when call $session->page anywhere in my controller/actions the data is still there and doesn't overwrite until the view is actually rendered, which is exactly what I needed.
You may be encountering something similar. Because of the way PHP and Zend Framework operate you may be inadvertently over writing your session data.
If this doesn't help, please provide more information and maybe an answer can be found.
Hope this provides some help or at least hints.
When I tried this:
while (my $cgi = new CGI::Fast) {
...
my $session = CGI::Session->new(undef, $cgi);
...
}
I discovered that different clients were getting the same session! What would be causing this bizarre session-sharing?
EDIT: I can't reproduce this reliably but in my testing, I have seen cases where I delete the session cookie from the browser, refresh the page, and (using Firebug's Net pane) see that I'm not sending a cookie in the request but get a Set-Cookie in the response with an old session ID! Perhaps something is sticking in memory due to using FastCGI?
(Note: I removed a 2nd piece of code from an earlier version of this question because I'm no longer sure it's relevant)
EDIT: This http://osdir.com/ml/web.fastcgi.devel/2004-02/msg00007.html seems to be describing the behavior I'm seeing
EDIT:
As mentioned in the above osdir.com posting, FCGI.pm contains this code:
for (keys %FCGI::ENV) {
$ENV{$_} = $FCGI::ENV{$_} unless exists $ENV{$_};
}
This seems quite clearly flawed to my eyes. It is copying from a persistent copy of environment variables into the copy of the environment visible to the script whenever the current request does not supply a value for a given variable. So if a request comes in with no cookies, then it won't find HTTP_COOKIE defined so it will give the script the cookies from the last request that sent them, meaning some other session! I don't get how this code could possibly be correct, and this is a very highly used module!
I fixed this bug about seven months ago, you need to upgrade CGI.pm to >= 3.56. CGI::Fast was using an FCGI API that was deprecated and removed from documentation more than ten years ago.
Are you using mod_perl? If so, global variables will persist across requests, and this will be intermittent because it will depend on whether the request is handled by the same apache httpd process or not, which will depend on site load and other variables.
I'm using the FaceBook C# SDK for the first time.
Since I have a simple application I want to create I have picked up the sample Azure MVC application and modified it to point at my facebook application instance and secret as per the configuraiton guidance.
I want to retrieve a months status messages so I need authorisation which has worked thanks to CanvasAuthorize(Perms = "user_about_me") attribute.
However now when I goto the about view I get an error in the controller first:
dynamic result = fbApp.Get("me");
The actual error is listed as:
The remote name could not be resolved: 'graph.facebook.com'
Can anyone help me identify what I am doing wrong?
Many thanks,
_David
That sounds like a temporary connectivity issue. The server (or your computer) is having trouble resolving http://graph.facebook.com. Try to going to http://graph.facebook.com/microsoft in your browser and see what happens.
Make sure that you have the correct fb_key and fb_secret values. In my case I have added them in the web config file but when I read the values I have given a wrong name to retrieve. client_id and client_secret values were not set. As a result this error popped out.