Is connection with session variables secure?

Similar Questions

• Creating a connection with Session variables

  Hey everybody! I've never used session variables so I'm not sure how they work, so I have a simple question for their use with a login form!

  I created a small form of login in the top right of my Web page, and what I want to do is when the user connects, the newspaper in the form of skins and is replaced by 'Welcome (username)' and stays that way while browsing the Web site. I think it's simple to do, ive just never used before

  Here is my login information for the code: (note this div tag is inside a table, do not know if it matters)

  <div id="login">
        <form ACTION="<?php echo $loginFormAction; ?>" id="form1" name="form1" method="POST">
          <label for="U_name"></label>
          Username
          <input name="U_name" type="text" id="U_name"/>
          <label for="U_Pass"></label>
          Password
          <input name="U_Pass" type="password" id="U_Pass"/>
          <input type="submit" name="login" id="login2" value="Login" class="loginb"/>
          <a href="register.php">        Register
          </a>
        </form>
      </div>
  

  Try this-

        if (!isset($_SESSION['MM_Username'])) { ?>

      

  
       

  
         
          Username
         
         
          Password
         
         
                  Register
         
       

  
     
  Welcome

• Level security line with session variables, not recommended?

  Hello

  We are on the point of implement security level line in our project of BI using OBIEE, and the solution that we found more convenient to our requirement was to use session with blocks of initialization variables.

  The problem is that this method is listed as "not recommended" in the Oracle documentation.

  Administration of alternative security options - 11g Release 1 (11.1.1)

  (This appendix describes alternative security administration options included for backward compatibility with improved systems and are not considered a best practice.)

  The Session Variables management

  Session system variables get their values of initialization blocks and are used to authenticate Oracle Business Intelligence users against external sources such as LDAP servers or database tables. Each active session of BI server generates session variables and initializes them. Each instance of session variable can be initialized to a different value. For more information on the use of variables and blocks of Oracle Business Intelligence session initialization, see 'Use of Variables in Oracle's BI repository' in Oracle Fusion Middleware metadata repository Builder of Guide for Oracle Business Intelligence Enterprise Edition.

  How confused... What is the best practice then?

  Thank you for your help.

  Joao Moreira

  authentication / authorizing the part is dealing with weblogic and then initialized the variable USER and you can use it for any initblocks for safety.

  Block of init to authenticate / variable session and authorization are different, I guess that you mix the two.

• PHP Mail with session variables

  Here is the code for an email to collect page, which sends two session variables (email and postal code) to an email_sub.php page (data are inserted in MySQL). After submitting the form, I get the email_sub.php? page where this code works normally

  <? PHP echo $_SESSION ['email'];? >

  <? PHP echo $_SESSION ['postal code'];? >

  However, when the email is sent, the "subject" and the "To" is successfully sent, but not the variables $email and $zipcode.

  From:
  Zip code:

  If I hard code for values of and Zip, they appear in the email. It seems therefore that session variables are not available at the email_sub.php page.

  If anyone can point me in the right direction for a fix, I'd be very happy to suggestions.

  email_collect.php

  <? php require_once('Connections/connMan.php');? >
  <? PHP
  session_start();
  function GetSQLValueString ($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
  {
  $theValue = (! get_magic_quotes_gpc())? addslashes ($TheValue): $theValue;

  Switch ($theType) {}
  case 'text ':
  $theValue = ($theValue! = "")? « " ». $theValue. "" "": "NULL";
  break;
  case "long":
  case "int":
  $theValue = ($theValue! = "")? intval ($TheValue): 'NULL ';
  break;
  case "double":
  $theValue = ($theValue! = "")? « " ». doubleVal ($TheValue). "" "": "NULL";
  break;
  case "date":
  $theValue = ($theValue! = "")? « " ». $theValue. "" "": "NULL";
  break;
  case "set":
  $theValue = ($theValue! = "")? $theDefinedValue: $theNotDefinedValue;
  break;
  }
  Return $theValue;
  }

  $editFormAction = $_SERVER ['PHP_SELF'];
  If (isset {}
  $editFormAction. = « ? ». htmlentities($_SERVER['QUERY_STRING']);
  }

  If ((isset($_POST["MM_insert"])) & & ($_POST ["MM_insert"] == "form1")) {}
  $email = $HTTP_POST_VARS ['email'];
  session_register ("email");
  $zipcode = $HTTP_POST_VARS ["zipcode"];
  session_register ("zipcode");
  $insertSQL = sprintf ("INSERT INTO email_list (e-mail, postal code) VALUES (%s, %s)," ")
  GetSQLValueString ($_POST ['email'], "text").
  GetSQLValueString ($_POST ['PostalCode'], "int"));

  @mysql_select_db ($database_connMan, $connMan);
  $Result1 = mysql_query ($insertSQL, $connMan) or die (mysql_error ());

  $insertGoTo = "email_sub.php";
  If (isset {}
  $insertGoTo. = (strpos ($insertGoTo, '?'))? « & » : « ? » ;
  $insertGoTo. = $_SERVER ['QUERY_STRING'];
  }
  header (sprintf ("location: %s", $insertGoTo));
  }

  @mysql_select_db ($database_connMan, $connMan);
  $query_rsEmailer = "SELECT * from email_list";
  $rsEmailer = mysql_query ($query_rsEmailer, $connMan) or die (mysql_error ());
  $row_rsEmailer = mysql_fetch_assoc ($rsEmailer);
  $totalRows_rsEmailer = mysql_num_rows ($rsEmailer);
  ? >
  < ! DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional / / IN" "http://www.w3.org/TR/html4/loose.dtd" > ""
  < html >
  < head >
  < title > em touch all the Camps of Baseball < /title >
  < meta http-equiv = "Content-Type" content = text/html"; charset = iso-8859-1 ">"
  < link href = "assets/taylor.css" rel = "stylesheet" type = "text/css" > "
  < script type = "text/JavaScript" >
  <!--
  function MM_findObj (n, d) {//v4.01
  var p, i, x;  if(!d) d = document; If ((p = n.IndexOf ("?")) > 0 & & parent.frames.length) {}
  d = parent.frames [n.Substring(p+1)] .document; n = n.Substring (0, p) ;}
  If (!) () x = d [n]) & & copyrights) x = d.all [n]; for (i = 0;! x & & i < d.forms.length; i ++) x = d.forms [i] [n];
  for (i = 0;! x & & d.layers & & I < d.layers.length; i ++) x = MM_findObj (n, d.layers [i] .document);
  If (! x & & d.getElementById) x = d.getElementById (n); Return x;
  }

  function MM_validateForm() {//v4.0
  var i, p, q, n, test, num, min, max, errors = ", args = MM_validateForm.arguments;
  for (i = 0; I <(args.length-2); I += 3) {test = args [i + 2]; val = MM_findObj(args[i]);
  If (val) {n = val.name; if ((val=val.value)! = "") {}}
  If (test.indexOf ('isEmail')! =-1) {p = val.indexOf (' @');}
  If (p < 1 | p ==(val.length-1)) errors +='-' + nm + "must contain an e-mail address. \n » ;
  } Else if (test! = 'R') {num = parseFloat (val);
  If (isNaN (val)) errors +='-' + nm + 'must contain a number. \n » ;
  If (test.indexOf ('inRange')! = - 1) {p = test.indexOf (': ');}
  min = test. Substring(8,p); Max = test. Substring (p + 1);
  If (num < min | max < num) errors +='-' + nm + must contain a number between "+ min +" and "+ max +".. " \n " ;
  }} ElseIf (test.charAt (0) == 'R') errors += '-' + nm + ' is required. \n " ; }
  } If (errors) alert ("the following error occurred: \n'+errors");
  document. MM_returnValue = (error == ");
  }
  ->
  < /script >
  < / head >

  < body >
  < are method = "post" name = "form1" action = "<?" PHP echo $editFormAction;? > ">"
  < table width = "325" align = "center" >
  < tr valign = 'of basic">
  < td colspan = "2" align = "left" >
  < h1 class = "subtitle" > join our Email list < / h1 >
  < p > please fill in boxes and click on & quot; Send. & quot; This information is kept secret and is intended for the exclusive touch of < strong > Hank Manning em all Camps of Baseball < facilities > in order to send you the latest happenings on our calendar.
  < /p >
  
  < p > < / p >
  < table >
  < /tr >
  < tr valign = 'of basic">
  < td align = "right" valign = "middle" nowrap > < p > E-mail: < /p > < table >
  < td align = "left" valign = "middle" > < input name = "email" type = "text" onBlur = "MM_validateForm ('email',", 'RisEmail'); " return document. MM_returnValue"size ="32"value ="Email address"> < table >
  < /tr >
  < tr valign = 'of basic">
  < td align = "right" valign = "middle" nowrap > < p > code postal: < /p > < table >
  < td align = "left" valign = "middle" > < input name = "PostalCode" type = "text" onBlur = "MM_validateForm ('postcode',", 'RisNum'); " return document. MM_returnValue' size = '32' value = 'postal Code' > < table >
  < /tr >
  < tr valign = 'of basic">
  < td align = "right" > < input type = "reset" name = "Reset2" value = "Reset" > < br >
  < input type = "submit" value = "send" > < table > ' "
  < td > < table >
  < /tr >
  < /table >
  < input type = "hidden" name = "MM_insert" value = "form1" >
  < / make >
  < p > < / p >
  < / body >
  < / html >
  <? PHP
  mysql_free_result() will free all memory associated with the result identifier result.

  mysql_free_result() only needs to be called if you are concerned about how much memory is used for queries that return large result sets. All associated result memory is automatically freed when the script is completed.
  mysql_free_result ($rsEmailer);
  ? >

  email_sub.php

  <? PHP session_start(); It connects to the existing session

  email sent

  / / [email protected] , [email protected]
  mail (' [email protected], [email protected]', "Join Email List", "from: $email\r\n Zip: $zipcode");
  ? >
  < ! DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional / / IN" "http://www.w3.org/TR/html4/loose.dtd" > ""
  < html >
  < head >
  < title > em touch all the Camps of Baseball < /title >
  < meta http-equiv = "Content-Type" content = text/html"; charset = iso-8859-1 ">"
  < link href = "assets/taylor.css" rel = "stylesheet" type = "text/css" > "
  < / head >

  < body >

  
  < table width = "280" border = "0" cellspacing = "0" cellpadding = "0" >
  < b >
  < td colspan = "2" > < img src = "images/manning_logo.jpg" width = "426" height = "64" > < table > "
  < /tr >
  < tr valign = "top" >
  < td colspan = "2" > < p > < / p >
  < p align = "left" > thank you very much for sending your email and zip code. < /p >
  < table width = "350" border = "0" cellspacing = "0" cellpadding = "0" >
  < b >
  < td width = "69" > < p align = "right" > email: < /p > < table >
  < td width = "281" > < p align = "left" > <? PHP echo $_SESSION ['email'];? > < / p > < table >
  < /tr >
  < b >
  < td > < p align = 'right' > postal code: < /p > < table >
  < td > < p align = "left" > <? PHP echo $_SESSION ['postal code'];? > < / p > < table >
  < /tr >
  < / table > < p align = "left" > This information will be stored in our database exclusive use < facilities > < strong > Hank Manning em all the Baseball Camps Touch, which respects and protects your privacy. < /p >
  < table >
  < /tr >
  < b >
  < td width = "407" align = "left" > < a href = "javascript:window.close();" "> close this window < /a > < table >
  < td width = "19" > < p > < / p > < table >
  < /tr >
  < /table >
  < p > < / p >
  < p > < / p >
  <? PHP
  end the session so that I could see new variables because they are passed in the development
  session_destroy();? >
  < / body >
  < / html >

  sbudlong wrote:

  I made the change you suggested but the showsFrom:Zip still E-mail: without values for the variables. Is there a problem with the session?

  It seems that you do not use session variables when you send the mail:

  mail('[email protected], [email protected]',
  'Join Email List',
  "From: $email\r\n Zip: $zipcode");
  

  Change to this:

  mail('[email protected], [email protected]',
  'Join Email List',
  'From: ' . $_SESSION['email'] . "\r\n Zip: " .
  $_SESSION['zipcode']);
  

• Problem with Session variables

  On page 1, I'll put a session based on a user variable to connect:
  
  < cfif NOT IsDefined "(SESSION. EmpNo") >
  < cfset SESSION. EmpNo = #Form.HREmpNo # >
  < / cfif >
  
  On page 2, I call the session variable in a query to a form in advance, it works fine:
  
  < cfquery name = "qEmpInfo" datasource = "SelfNom" >
  SELECT *.
  OF tblEmployeeList
  WHERE EmployeeNo = #session. EmpNo #.
  < / cfquery >
  
  On the same page, I give the pre-populated information hidden tags, so I can enter information in a table on the next page. qEmpInfo is the request that I'm hitting successfully with my session variable. Here are my tags:
  
  #qEmpInfo.EmployeeNo # < cfoutput > < / cfoutput >
  < input type = "hidden" name = "EmployeeNo" value = "" #qEmpInfo.EmployeeNo # "/ >"
  
  On the 3rd page, where I'm trying to insert information in another table, I am getting an error. Itacts as my session variable is over.
  
  Error:
  Syntax error in date in a query expression ' #qEmpInfo.EmployeeNo # '.
  
  I entered this code in page 3 to check and she in the past that I guess because it does not find the session variable:
  
  < cfif NOT IsDefined "(SESSION. EmpNo") >
  < cfoutput > #session. EmployeeNo # < / cfoutput >
  < / cfif >
  
  I put my session expires in the admin for 24 hours, so it's not the question. And I turned on the session variables in the Application.cfm:
  
  < name cfapplication = "SelfNom".
  sessionmanagement = "Yes" >
  
  
  
  Someone sees something I am doing wrong?
  

  Jatrix wrote:
  > Does someone sees something I am doing wrong?

  Well, the first thing I noticed is this:
  
  #session. EmployeeNo #.
  

  'session.empNo' AND ' session. EmployeeNo' are not the same variable. You
  Verify the existence for the first and then try to get out of the second.
  You create a variable named "employeeNo" in your form. It is that the
  the one you want to use here? "form.employeeNo" not "session.employeeNo".

• Scripts of connection and SESSION variable.

  For decades, I've used the line "if/i ' % NomSession: ~ 0, 8% '==' ICA - tcp #" OUTPUT "to prevent login scripts running on Citrix servers. I also used other variants of "if/i ' % NomSession: ~ 0, 8%"=="RDP - tcp # ' and if/i"% sessionname "is" console"in scripts." Recently, these scripts began to behave badly and I discovered that the SESSION variable is no longer available when running it of login scripts. The SESSION variable does not get set until later. Once my desktop, I can open a DOS command prompt and see the SESSION variable. I suspect a fix released last month, 6/2016 led to this change in behavior. BTW, Windows XP systems do not have this problem

  I already get a work around for this, but I'm curious if anyone else has seen this and they know patch that caused it.

  FOR INFO. The solution is to add this stuffed animal at the beginning of my scripts. "

  If 'NOMSESSION % '==' ' for /F "tokens = 2" % in ("user request ^ |") "." trouver/i "% username %" ') set NOMSESSION = % f

  "

  This issue is beyond the scope of this site (for consumers) and to be sure, you get the best (and fastest) reply, we have to ask either on Technet (for IT Pro) or MSDN (for developers)
  http://social.technet.Microsoft.com/forums/en-us/home s/fr-U.S./Accueil
  http://social.msdn.Microsoft.com/Forum
  
  
  If you give us a link to the new thread we can point to some resources it

• Problem with session variable purging

  Hello
  

  I've set up in my solution OBIEE RLS filters, in accordance with article http://www.rittmanmead.com/2012/03/OBIEE-11g-security-week-row-level-security/
  All that " works very well, but I have a " "" small "problem (explained in short 'story'):
  

  ' 1. Suppose that user Walter White has affected Reg1 and Reg2 in " ""STAFF_REGIONS" table.

  2 after scoring in the responses the variable "NQ_SESSION." "REGION" is initialized with the values " ""Reg1 & Reg2"

  3 now I am adding Reg3 to the table ""STAFF_REGIONS " of Walter White."

  4 Walter White is logging in the responses and retains data only from Reg1 and Reg2 - why? Because variable NQ_SESSION. REGION still has the old values.
  

  So, here is my question: How can I reset it variable? Reconnection to the answers doesn't help. The only solution I know not is to restart CoreApplication, but this is not an acceptable solution.

  Uncheck the box for hidden in InitBlock variable

  If brand aid

  ~ http://cool-bi.com

• return Recordset from several tables with session variables

  First of all, let me start by appolgizing for the rawness of this question, but I'm really stuck...  I have two tables in a database, a table name, username, password and company (user logs on to a secure site using the UN and PW creating a session MM_username variable).  There are several users from different companies (IE 6 users of XYZ Corp., 20 ABC... etc.).  The second table has data that is specific to each company.  How to display the data in the second table so that it is specific to the user (ie: Robert of XYZ Corp. sees only specific data of XYZ Corp.)?

  Thank you very much

  What you would do, is to join the tables on the company name field in a query:

  SELECT * FROM tbl_name LEFT JOIN tbl1.company_name ON tbl2.company_name WHERE username = MM_username;

  If you need a more details or help database tables themselves you'll need post a few details anymore, but that's the gist of it.

  And just to add, is that if you try to add in the session.  Otherwise take your session for the company_name variable in table 1 and use it in a select query based on your session pages.

• Internet connection with Windows XP, SP3 and Airport Extreme - the status is always "absorbing network address.

  My Airport Extreme connected my IMac immediately, but I am not able to connect on the side PC. Airport utility does not 'no matter what Airport wireless devices". When you check the status of the internet connection with PC tools, the correct network is indicated and shows an excellent signal strength. The status is: "absorbing the network address. However, nothing happens.

  Under 'Repair the wireless network connection', it shows, "Windows is taking the following steps: your IP address renewal" even once, nothing happens.

  Under hardware I show Atheros Wireless Network Adapter and the mention: "this device works correctly.

  Yet, no network connection. Any help will be greatly appreciated.

  Hello

  Keep the changes and open the wireless. For example, to disable security in the router (turn on when to managed to connect).

  You can also try the wireless in a friends house, or an Internet café to get a frame of reference for this behavior elsewhere.

  -------------------

  Wi - Fi in general.

  These steps and tell us where is the breaking point.

  Check the Device Manager for the wireless card valid entry.

  http://www.ezlan.NET/Win7/net_dm.jpg

  If there is no valid entry, remove any entry from fake and re - install the drivers for the wireless card.

  Check network connections to make sure that you have a network icon/entry wireless connection, and that the properties of the icon (right-click on the icon) are correctly configured with the TCP/IPv4 protocol in the properties of network connections.

  http://www.ezlan.NET/Win7/net_connection_tcp.jpg

  ------------------

  The wireless card drivers much also install utility wireless of the seller.

  Make sure that if there are teas from Wireless Utility of seller does not work with the native Windows wireless utility (Service WLAN).

  ----------------

  Make sure you firewall No. preventing / blocks wireless components to join the network.

  Some 3rd party software firewall continue to block the same aspects it traffic Local, they are turned Off (disabled).

  If possible set up the firewall correctly, otherwise totally uninstall and get rid of its remaining processes that permit the own local network traffic flow.

  If the 3rd party software is uninstalled, or disables, make sure Windows native firewall is active .

  party like Hello and NetMagic 3rd network managers can block local traffic too.

  ---------------------------

  Stack TCP/IP work should look like.

  Right-click on the wireless network connection card, select status, details and see if she got an IP address and the rest of the settings.

  http://www.ezlan.NET/Win7/status-NIC.jpg

  Description is the data of the card making.

  The physical address is MAC of the card number.

  The xx must be a number between 0 and 255 (all xx even number).

  YY should be between 0 and 255

  ZZ should be between 0 and 255 (zz all the same number.)

  The date of the lease must be valid at the present time.

  * Note 1. IP that starts with 169.xxx.xxx.xxx isn't valid functional IP.

  * Note 2. There could be an IPv6 entries too. However, they are not functional for Internet or LAN traffic. They are necessary for Win 7 homegroup special configuration.

  ---------------------------------------------------

  A message in the small window that says connected wireless doesn't means that you are really a valid functional connection.

  Above everything is OK, you must be able to connect to the router.

  Connection to the router means that you can enter the IP of the router base in an address bar in one go, being able to connect and configure the router menus see.

  If it doesn't connect to the router, journal newspaper from any computer that can connect to the router wirelessly with a wire, disable wireless security, make sure that the wireless SSID broadcast is enabled and try to connect with no. wireless security.

  Enable security wireless after you eat to make a functional connection.

  Jack - Microsoft MVP, Windows networking. WWW.EZLAN.NET

• Session variables change at each request

  Hello

  We have a problem with session variables (jsessionid), is to change a page to another page, and also when we page.code to referesh worked well on other servers. When we moved to problem of production server came.

  In application.cfc, we used the settings below.

  this.applicationTimeout = CreateTimeSpan (4, 0, 0, 0);

  This.clientmanagement = false;

  This.loginstorage = "session";

  This.sessionmanagement = true;

  This.SessionTimeout = CreateTimeSpan (0, 0, 20, 0);

  this.setClientCookies = true;

  this.setDomainCookies = true;

  this.scriptProtect = 'all ';

  In the coldfusion administrator allowed us to use"J2EE session variables", 'application variables',the session variables.and we also added "

  "Dcoldfusion. sessioncookie. HttpOnly= true "in the Java virtual machine.

  Details of the operating system: windowsserver2008R2

  Coldfusionserver: 9.0.1,274733

  Is it related to sessionfixation question? All other things we need to verify or add? Please let me know.

  Thank you

  We have solved the problem, in the jrun.xml configuration file there is the "cookie-config" section that we have removed:

  
  true
  true
  

• being lost ColdFusion session variables

  Okay, so when my users login I create session variables. one of them is the employee id. in my Application.cfc I have this at the top:

  < cfscript >
  myIdName = "My App";
  This.SessionTimeout = CreateTimeSpan ("0", "0", "45", "0");
  This. SESSIONMANAGEMENT = "YES";
  This. SetClientCookies = "true";
  this.setDomainCookies = "true";
  < / cfscript >

  I also put the timeout for sessions at 45 in the CFadmin too.

  After a successful login, I capture their session.employeenumber by is authenticating through our enterprise LDAP. no problem. Note: this app has run smoothly for 6 years now but recently something has gone wrong.

  on every page I reference a file in my application directory called "check_session.cfm" like this:

  "< cfmodule template="/myApp/Tags/check_session.cfm ">

  In this file, I have the code that verifies the existence of the session.employee_number. If there is no they expired or book marked a page in the application in which they need to be logged in to view:

  < cflock timeout = "30" throwontimeout = "Yes" type is 'READONLY' scope is "SESSION" >
  <! - checks to ensure that the user has a session - >
  < CFIF NOT IsDefined ("Session.employee_number") >
  "< CFLOCATION URL ="http://#cgi.HTTP_HOST#/myApp/LoginAgain.cfm">."
  < / CFIF >
  < / cflock >

  time to time (I would say on average 5 times a week) I get a message to a user error (I redirect errors to my email with information on the diagnosis). the error reads "EMPLOYEE_NUMBER element is not defined in the SESSION". when I look at the page the error came I see my call to the file check_session.cfm about 50 lines above where this error occurred when I tried to reference session.employee_number. Why wouldn't he not find it and redirect the user to the page timeout? I can't reproduce this error on my machine... I always get the good result without the error message. It's a random, sporadic, intermittent error.

  A long time ago (but in this Galaxy) we found isDefined() can give false positives with session variables, exactly the way you describe.  Or indeed something as simple as this could mistake with "session.foo does not exist" on line 2 (ie: the line inside the if() function.)

  If (isDefined ("session.foo")) {}

  something = session.foo.

  }

  And the session variable absolutely did NOT exist (or a similar variable was in none of the controls isDefined() extended, for example: variables.session.foo).  If the error was right... but the isDefined() call did not work.

  The problem was occasional, so hard to follow.

  We changed the calls to structKeyExists() and the problem disappeared.

  It was in CFMX7 well, and we had not never really much time investigating her in addition, after that we have treated the symptom.  However, I have been conscious of others with similar experiences.

  However we have stopped using isDefined() right there (for all) and has never ever had similar problems.

  Maybe try it.

  --

  Adam

• How to add an extra session variable to authenticate the connection

  Hello

  IM totally new to php and dreamweaver develop a web application that uses the user name and password to authenticate the connection, and works very well. My question is, how do I add an extra session variable to capture another field in the users table for example type to redirect some pages based on the value of the type?

  If you're completely new to Dreamweaver and PHP, it sounds as if you're using Dreamweaver server behaviors. Take a friendly piece of advice and stop using the server now behaviors. They have been removed from Dreamweaver CC a couple of years because they use functions that had to be stripped on the next version of PHP. This version (PHP 7) was released in November. If you rely on Dreamweaver server behaviors, you are living on borrowed time. For a person to debut, it makes no sense to learn how to use a dead technology. The server behaviors work only in PHP 5. As soon as your server is upgraded to 7 PHP, you will have to start all over again. To understand the problem, see the following page in the PHP online documentation: PHP: Introduction - manual.

  If you want Dreamweaver to generate the code for you, you will need to use (paid-for) third-party extensions, such as those created by DMXZone or WebAssist. You can also learn how to write PHP code yourself. It is not as difficult as it sounds.

  To create a variable session, just to assign a value to an element in the superglobal array $_SESSION:

  $_SESSION ["$myvariable"] = "value";

  Session variables are available only on the pages that begin with session_start().

• Question connection with Blast after upgrade to view 6.1.1 ("your office may have a security certificate not approved")

  Hello guys,.

  We are facing a very strange problem with Blast after the upgrade to view 6.1.1. Let me show you the scenario:

  We have two security servers (paired with two servers connection).

  On both servers security (and on the servers of connection), the default self-signed certificate is used.

  Secure Tunnel, PCoIP Secure Gateway and Secure Gateway Blast are activated.

  Users access it from internet via Netscaler which balance the traffic load and present a trusted signed certificate.

  For now I won't go in deeper into the Netscaler configuration, as it was working fine.

  We were on view Horizon 5.2 and everything worked fine! ...

  After the upgrade to view 6.1.1 we are unable to connect using the web browser! We can open a session and select the desktop, but as soon as the connection to the desktop is launched, we receive the following error message:

  "Your Office has been disconnected.

  Try to reconnect to the office...

  Your office can have an untrusted security certificate. Click here to accept the security certificate, then try to connect to your desktop again. »

  

  If we click on the link, we are redirected to something like https://Blast_External_URL:8443/r/F386565D-D068-4AC1-BFD3-3A903CBEB235/certAccept.html , receiving a blank page with the following text:

  "Could not resolve the route of proxy for the request.

  Just before the upgrade, we have been able to use the HTML Protocol! We have does no change at all, so I really think it's related to some changes introduced by the new version of Horizon view, but may not know what is causing the problem.

  No problem connecting with the customer to view Horizon (PCoIP and RDP).

  If in the external URL Blast Secure Gateway, we insert the hostname of the server security instead of the external URL (Netscaler), we are able to connect but of course only from our local network.

  Someone at - it ideas?

  Thank you.

  Hi Calyps0Craig,

  Yes, I found a solution for this. In our case the issue was resolved by changing the configuration of Netscaler.

  In the past, we use SSL offloading and worked all protocols. It seems that with the new version of view SSL offloading does more work.

  Change the Service and virtual server on ports 443 and 8443 for SSL to SSL_BRIDGE solved our problem.

  Hope this will help you.

  Best regards

  Claudio

• Help with the session variable PHP CS5.5 - Please

  Hi all

  I am needing a little help with the help of a session variable, and I hope someone can point me in the right direction.

  I created a PHP page that uses the Dreamweaver 'User authentication' feature and the basics of this works very well, to direct a user to the correct page depending on whether they are or are not a valid user. I want to customize the page 'user valid' with people, user name entered in the authentication of the user table... a seemingly simple task using a session variable, but I just seem not to be able to make it work!

  The generated code for the AU on page 1 is the following:

  <? PHP

  Validate request to connect to this site.

  If (! isset {})

  session_start();

  }

  $loginFormAction = $_SERVER ['PHP_SELF'];

  If (isset($_GET['accesscheck'])) {}

  $_SESSION ['PrevUrl'] = $_GET ['accesscheck"];

  }

  If (isset($_POST['txtfirst_name'])) {}

  $loginUsername = $_POST ['txtfirst_name'];

  $password = $_POST ['txtsurname'];

  $MM_fldUserAuthorization = "";

  $MM_redirectLoginSuccess = "member_update.php";

  $MM_redirectLoginFailed = 'login.php ';

  $MM_redirecttoReferrer = false;

  @mysql_select_db ($database_panto, $panto);

  $LoginRS__query = sprintf ("SELECT firstname, name OF web_access WHERE firstname = %s AND family name = %s",

  GetSQLValueString ($loginUsername, "text"), GetSQLValueString ($password, "text"));

  $LoginRS = mysql_query ($LoginRS__query, $panto) or die (mysql_error ());

  $loginFoundUser = mysql_num_rows ($LoginRS);

  If {($loginFoundUser)

  $loginStrGroup = "";

  If (via PHP_VERSION > = 5.1) {session_regenerate_id (true) ;} else {session_regenerate_id() ;}

  Declare two session variables and assign them

  $_SESSION ['MM_Username'] = $loginUsername;

  $_SESSION ["MM_UserGroup"] = $loginStrGroup;

  If (isset($_SESSION['PrevUrl']) & & false) {}

  $MM_redirectLoginSuccess = $_SESSION ["PrevUrl"];

  }

  Header ("Location:".) $MM_redirectLoginSuccess);

  }

  else {}

  Header ("Location:".) $MM_redirectLoginFailed);

  }

  }

  ? >

  First of all, the text highlighted in red above seems to be setting the session variable that I need. Is this correct?

  If so, what is the code that I need to put on page 2 to use this session variable? or

  I have to do something else on the page 1 to correctly assign the session variable?

  Would be very grateful for your expertise

  Mark

  It seems that you put the columns incorrectly in the user authentication server behavior. This is the SQL query that checks the credentials of the user:

  $LoginRS__query = sprintf ("SELECT firstname, name OF web_access WHERE firstname = %s AND family name = %s",

  GetSQLValueString ($loginUsername, "text"), GetSQLValueString ($password, "text"));

  You are looking for first name and last name, while you should look for the user name and password of the user.

  $_SESSION ['MM_Username"] is a session variable that stores the login name of the user. To use it in a page, all that is needed is the page start with session_start(). You can then echo the value to display.

  If you want to display the person's true name, you must create a recordset in the second page, use of $_SESSION ['MM_Username'] to search for the first name and the patronymic. Alternatively, you can change the code like this (I copied only part of it):

  $LoginRS__query = sprintf ("SELECT firstname, surname OF web_access WHERE firstname = %s AND password is %s",

  GetSQLValueString ($loginUsername, "text"), GetSQLValueString ($password, "text"));

  $LoginRS = mysql_query ($LoginRS__query, $panto) or die (mysql_error ());

  $loginFoundUser = mysql_num_rows ($LoginRS);

  If {($loginFoundUser)

  $loginStrGroup = "";

  $row = mysql_fetch_assoc ($LoginRS);

  $_SESSION ['full_name'] = $row ["FirstName"]. ' ' . $row ['name'];

  If (via PHP_VERSION > = 5.1) {session_regenerate_id (true) ;} else {session_regenerate_id() ;}

  Declare two session variables and assign them

  $_SESSION ['MM_Username"] = $loginUsername;

  $_SESSION ["MM_UserGroup"] = $loginStrGroup;

  You can then use $_SESSION ['full_name'] in a page which begins with session_start().

• is there a work around for the connection with https. the ssl/tls security patch prevents us to connect to a known trusted site

  I made the mistake of updating to Firefox yesterday and with the ssl security fix find I can most connect to a web site in a data center which is protected by a fortigate appliance.

  I know the correct answer is to get the updated device updated or replaced, but in the meantime, I'm desperately need a workaround solution. It would be nice if there was an archive of old versions of Firefox.

  I changed the configuration settings to allow the renegotiation, but I think that the problem is more fundamental than that it does not appear that older versions of ssl are more provided.

  The error message "the connection was reset" can be caused by a bug for the attack of the BEAST fix (browser exploit against SSL/TLS) that the server does not support.

  • [918127/questions/918127]
  • [918028/questions/918028]

  See comment 60 in this bug report for workaround, but be aware that this makes you vulnerable to the attack of the BEAST.

  • bug 702111 - intolerant servers to record split of 1: n-1. "The connection was reset".