phplib-users — A list for users of phplib to talk / discuss phplib

RE: [Phplib-users] phpLIB 7.4 PRE2 just stopped processing logins

[Peter T. <pte...@te...>]

Did you make any changes to PHP? New version or changes in php.ini??

-Peter

At 22:07 12-01-2004, Corbin B. Siddall wrote:
>Thanks for the response.
>
>1. The $mode is "cookie" and the $fallback_mode is "get" (same as
>another box I have that works)
>
>2. Cookies are enabled for the browsers. (This is happening to all users
>across the whole system)
>
>3. I dropped the active_sessions table and recreated with:
>
>CREATE TABLE `active_sessions` (
>   `sid` varchar(32) NOT NULL default '',
>   `name` varchar(32) NOT NULL default '',
>   `val` text,
>   `changed` varchar(14) NOT NULL default '',
>   PRIMARY KEY  (`name`,`sid`),
>   KEY `changed` (`changed`)
>) TYPE=MyISAM;
>
>and still have the same problem.
>
>4. All pages do indeed have a proper open_page() that references the
>appropriate extended class as well as ending close_page() tags.
>
>This application has been running for almost 11 months now, and this is
>the first time anything like this has happened.  To the best of my
>knowledge nothing has changed.  Restarting the mySQL and Apache services
>did not resolve the issue either.
>
>Could this be an issue with the Apache server itself?
>
>Corbin
>
>-----Original Message-----
>From: Layne Weathers [mailto:la...@dr...]
>Sent: Monday, January 12, 2004 1:54 PM
>To: phplib mailing list
>Cc: Corbin B. Siddall
>Subject: Re: [Phplib-users] phpLIB 7.4 PRE2 just stopped processing
>logins
>
>On Jan 12, 2004, at 1:38 PM, Corbin B. Siddall wrote:
>
> > I have a box running Phplib-7.4 PRE2, that starting this morning will
> > no
> > longer process logins.  The message "Either your username or your
> > password are invalid." is displayed.
> >
> > 1. I verified the mySQL database is functional the auth_user_md5 table
> > is in place and still properly populated.
> > 2. The rest of the database driven site functions normally.
> > 3. I loaded the sample /pages/index.php3 file and I notice the Per
> > Session Data no longer increments when I refresh the browser.
> > 3. I loaded the sample /pages/defauth.php3 file and I notice the
> > session
> > id changes with every refresh of the browser.
> >
> > It seems the fact the session id is changing every time would be the
> > problem.  Since nothing has recently changed, I would appreciate any
> > feedback you may have with regards to tracking down this issue and
> > ultimately restoring the login functionality.
>
>
>I believe that your items #3 - both of them :-) - are hinting as to the
>real problem. The session functionality appears to be broken. The first
>thing I would do is make sure that my browser is accepting cookies from
>the server in question. The most likely problem is that you are not
>accepting cookies anymore. Failing that, check your local.inc file for
>the $mode and $fallback_mode settings in your Session class - make sure
>they have not been changed. You might also check to make sure that your
>active_sessions table has not been corrupted.
>
>Let us know what you find out.
>
>Layne Weathers
>
>
>
>
>
>-------------------------------------------------------
>This SF.net email is sponsored by: Perforce Software.
>Perforce is the Fast Software Configuration Management System offering
>advanced branching capabilities and atomic changes on 50+ platforms.
>Free Eval! http://www.perforce.com/perforce/loadprog.html
>_______________________________________________
>Phplib-users mailing list
>Php...@li...
>https://lists.sourceforge.net/lists/listinfo/phplib-users


----------
TERIS Information Services BV
Peter Termaten             Phone: +31 23 565 2682
Aagje Dekenstraat 43    Fax:     +31 23 565 2676
2135 RJ  Hoofddorp      Mobile: +31 653 65 8686
                           www.teris.nl

----------

RE: [Phplib-users] phpLIB 7.4 PRE2 just stopped processing logins

[Corbin B. S. <csi...@1n...>]

Thanks for the response.

1. The $mode is "cookie" and the $fallback_mode is "get" (same as
another box I have that works)

2. Cookies are enabled for the browsers. (This is happening to all users
across the whole system)

3. I dropped the active_sessions table and recreated with:

CREATE TABLE `active_sessions` (
  `sid` varchar(32) NOT NULL default '',
  `name` varchar(32) NOT NULL default '',
  `val` text,
  `changed` varchar(14) NOT NULL default '',
  PRIMARY KEY  (`name`,`sid`),
  KEY `changed` (`changed`)
) TYPE=3DMyISAM;

and still have the same problem.

4. All pages do indeed have a proper open_page() that references the
appropriate extended class as well as ending close_page() tags.

This application has been running for almost 11 months now, and this is
the first time anything like this has happened.  To the best of my
knowledge nothing has changed.  Restarting the mySQL and Apache services
did not resolve the issue either. =20

Could this be an issue with the Apache server itself?

Corbin

-----Original Message-----
From: Layne Weathers [mailto:la...@dr...]=20
Sent: Monday, January 12, 2004 1:54 PM
To: phplib mailing list
Cc: Corbin B. Siddall
Subject: Re: [Phplib-users] phpLIB 7.4 PRE2 just stopped processing
logins

On Jan 12, 2004, at 1:38 PM, Corbin B. Siddall wrote:

> I have a box running Phplib-7.4 PRE2, that starting this morning will=20
> no
> longer process logins.  The message "Either your username or your
> password are invalid." is displayed.
>
> 1. I verified the mySQL database is functional the auth_user_md5 table
> is in place and still properly populated.
> 2. The rest of the database driven site functions normally.
> 3. I loaded the sample /pages/index.php3 file and I notice the Per
> Session Data no longer increments when I refresh the browser.
> 3. I loaded the sample /pages/defauth.php3 file and I notice the=20
> session
> id changes with every refresh of the browser.
>
> It seems the fact the session id is changing every time would be the
> problem.  Since nothing has recently changed, I would appreciate any
> feedback you may have with regards to tracking down this issue and
> ultimately restoring the login functionality.


I believe that your items #3 - both of them :-) - are hinting as to the=20
real problem. The session functionality appears to be broken. The first=20
thing I would do is make sure that my browser is accepting cookies from=20
the server in question. The most likely problem is that you are not=20
accepting cookies anymore. Failing that, check your local.inc file for=20
the $mode and $fallback_mode settings in your Session class - make sure=20
they have not been changed. You might also check to make sure that your=20
active_sessions table has not been corrupted.

Let us know what you find out.

Layne Weathers

Re: [Phplib-users] phpLIB 7.4 PRE2 just stopped processing logins

[Layne W. <la...@dr...>]

On Jan 12, 2004, at 1:38 PM, Corbin B. Siddall wrote:

> I have a box running Phplib-7.4 PRE2, that starting this morning will 
> no
> longer process logins.  The message "Either your username or your
> password are invalid." is displayed.
>
> 1. I verified the mySQL database is functional the auth_user_md5 table
> is in place and still properly populated.
> 2. The rest of the database driven site functions normally.
> 3. I loaded the sample /pages/index.php3 file and I notice the Per
> Session Data no longer increments when I refresh the browser.
> 3. I loaded the sample /pages/defauth.php3 file and I notice the 
> session
> id changes with every refresh of the browser.
>
> It seems the fact the session id is changing every time would be the
> problem.  Since nothing has recently changed, I would appreciate any
> feedback you may have with regards to tracking down this issue and
> ultimately restoring the login functionality.


I believe that your items #3 - both of them :-) - are hinting as to the 
real problem. The session functionality appears to be broken. The first 
thing I would do is make sure that my browser is accepting cookies from 
the server in question. The most likely problem is that you are not 
accepting cookies anymore. Failing that, check your local.inc file for 
the $mode and $fallback_mode settings in your Session class - make sure 
they have not been changed. You might also check to make sure that your 
active_sessions table has not been corrupted.

Let us know what you find out.

Layne Weathers

[Phplib-users] phpLIB 7.4 PRE2 just stopped processing logins

[Corbin B. S. <csi...@1n...>]

I have a box running Phplib-7.4 PRE2, that starting this morning will no
longer process logins.  The message "Either your username or your
password are invalid." is displayed. =20

1. I verified the mySQL database is functional the auth_user_md5 table
is in place and still properly populated.
2. The rest of the database driven site functions normally.
3. I loaded the sample /pages/index.php3 file and I notice the Per
Session Data no longer increments when I refresh the browser.
3. I loaded the sample /pages/defauth.php3 file and I notice the session
id changes with every refresh of the browser.

It seems the fact the session id is changing every time would be the
problem.  Since nothing has recently changed, I would appreciate any
feedback you may have with regards to tracking down this issue and
ultimately restoring the login functionality.

Thanks.

Corbin

[Phplib-users] Re: [Phpslash-devel] rfe to template.inc

[Mike G. <mi...@op...>]

Hi Matthew,

We ran into that problem with the text templates...  Evan suggested a
regex work around like:
	s/<!-- START .*?\.tpl -->//
	s/<!-- END .*?\.tpl -->//

could be applied to the template..

Having a {START_TEMPLATE}  {END_TEMPLATE} header to stick into the
template files sounds fine..  Just need to find someone to integrate it
and propose a patch..

Mike

On Sat, 2004-01-10 at 02:02, Matthew Leingang wrote:
> Hi guys,
> 
> I hope it's not too late to chime in on this, but it seems like this
> enhancement makes the unnecessary assumption that all templates are
> HTML-like and use <!-- --> for comments.  I have templates that write
> JavaScript and you can imagine other text formats that can be templated.
> 
> Why not have template::parse add some variables by default?  You'd still
> have to put them in the templates, but there'd be a standard way to access a
> template's file name.
> 
> You can extend PHPLIB's template to do what you want as well.
> 
> --Matt
> 
> On 12/30/03 9:49 AM, "Mike Gifford" <mi...@op...> wrote:
> 
> > Hello,
> > 
> > Presently Back-End.org is using template.inc as is and adding in
> > template header/footer comments with each template just as phpSlash and
> > (and most other phplib template driven apps likely do).
> > 
> > In talking to the Back-end.org team though, it seems like the following
> > modification to template.inc would make it easier for us to ensure that
> > the file names are accurate and easily accessible.
> > 
> > 
> > cvs diff phplib/php/template.inc
> > Index: phplib/php/template.inc
> > ===================================================================
> > RCS file:
> > /cvsroot/back-end/back-end0.7.x/class/phplib/php/template.inc,v
> > retrieving revision 1.1.1.1
> > diff -r1.1.1.1 template.inc
> > 909c909,911
> > <
> > ---
> >> 
> >> $str = "<!-- START $filename -->' . $str . '<!-- END  $filename -->';
> >> 
> > 
> > 
> > If we implement this we'll have a lot of header/footer comments to delete and
> > I'd just like to try to keep this in step with phpSlash if we can.
> > 
> > 
> > I'd also like to contribute the following javascript which can just be
> > inserted into a block to easily identify which templates are where.
> > 
> > 
> > <script type="text/javascript">
> > <!--
> > // Code Contributed by Lasse Nielsen - http://www.infimum.dk
> > function convert(node) {
> >  if (!node) {node = document.body;}
> > 
> >  switch (node.nodeType) {
> >    case Node.COMMENT_NODE:
> >      var text = node.nodeValue;
> >      if (text.substr(0,7)==" START ") {
> >        var newNode = createNewNode(text.substr(7));
> >        node.parentNode.replaceChild(newNode,node);
> >      }
> >      break
> >    case Node.ELEMENT_NODE:
> >      for (var i=0;i<node.childNodes.length;i++) {
> >        convert(node.childNodes[i]);
> >      }
> >      break;
> >    default:
> >      break;
> > }
> > }
> > 
> > function createNewNode(text) {
> > var a = document.createElement("a");
> > a.href =
> > "/admin/BE_editTemplateAdmin.php?submit=edit&file="+escape(text);
> > var img = document.createElement("img");
> > img.src = "/images/BE/buttons/spacer.gif";
> > a.appendChild(img);
> > return a;
> > }
> > -->
> > </script>
> > 
> > <input type="button" value="Convert!" onclick="convert()">
> > 
> > 
> > Mike
-- 
Mike Gifford, OpenConcept Consulting
Free Software for Social Change -> http://www.openconcept.ca
Stop Cdn Pension Plan War Investments -> http://coat.openconcept.ca/
Another world is not only possible, she is on her way -Arundhati Roy

Re: [Phplib-users] Showing Who is Logged In

[Andrew C. <ph...@ev...>]

Okay, I guess it was less hassle than I thought.  For the next person who 
stumbles into this, here is the code snippet to extract the uname from the 
session variables.  I am using a custom "view sessions" page that uses 
templates and fits into my system so, there is a bit of abstraction.

---------------------------------------
// Starting from the query to get the active sessions list

$query = sprintf("select * from active_sessions where name = '%s' order by 
name asc, changed desc", $sess->name);
$db->query($query);

while($db->next_record()) {
     // decode the val field and pull out the username
     $decoded_val = base64_decode($db->f("val"));
     preg_match('/auth\[\'uname\'\] = \'(.+?)\'/', $decoded_val, $captured);
     $session_uname = $captured[1];

     // $session_uname should now contain the uname for the session being 
listed

     // the rest of the display stuff goes here
}
---------------------------------------

If anyone has a better way to do this, let me know.

Andrew Crawford
ph...@ev...

At 03:01 PM 1/7/2004 -0700, I wrote:
>Well, after quite a bit of searching, I have been able to determine that 
>this is a frequently-asked question.  I have found several references to 
>looking it up in the archives.  However, I haven't been able to find a 
>straight answer in the archives.  So, here it is:
>
>Is there a way to display a list of who is logged in?  That is, can the 
>entries in the active_sessions table be associated with the related 
>entries in the auth_users (or auth_users_md5) table somehow?
>
>What I want is something like the view_sessions.php3 script in the phplib 
>distro but, that shows what user is associated with each session.  Thus, 
>it should be easier to make a determination about who one is "kicking off" 
>when one manually destroys a session, who is engaged in specific system 
>activities, or who isn't logging out.
>
>I imagine it might be possible to decode the contents of 
>active_sessions.value and extract the necessary information 
>somehow.  However, if someone already knows how this works and can explain 
>it (or even has working code to do it,) it would be a lot less hassle than 
>trying to reverse-engineer.
>
>Andrew Crawford
>ph...@ev...

[Phplib-users] Showing Who is Logged In

[Andrew C. <ph...@ev...>]

Well, after quite a bit of searching, I have been able to determine that 
this is a frequently-asked question.  I have found several references to 
looking it up in the archives.  However, I haven't been able to find a 
straight answer in the archives.  So, here it is:

Is there a way to display a list of who is logged in?  That is, can the 
entries in the active_sessions table be associated with the related entries 
in the auth_users (or auth_users_md5) table somehow?

What I want is something like the view_sessions.php3 script in the phplib 
distro but, that shows what user is associated with each session.  Thus, it 
should be easier to make a determination about who one is "kicking off" 
when one manually destroys a session, who is engaged in specific system 
activities, or who isn't logging out.

I imagine it might be possible to decode the contents of 
active_sessions.value and extract the necessary information 
somehow.  However, if someone already knows how this works and can explain 
it (or even has working code to do it,) it would be a lot less hassle than 
trying to reverse-engineer.

Andrew Crawford
ph...@ev...

[Phplib-users] rfe to template.inc

[Mike G. <mi...@op...>]

Hello Layne,

On Wed, 31 Dec 2003, Layne wrote:
> On Dec 31, 2003, at 10:25 AM, Mike Gifford wrote:
> > On Tue, 2003-12-30 at 12:16, Joe Stewart wrote:
> >> On Tue, Dec 30, 2003 at 09:49:43AM -0500, Mike Gifford wrote:
> >>> In talking to the Back-end.org team though, it seems like the 
> >>> following
> >>> modification to template.inc would make it easier for us to ensure
> >>> that
> >>> the file names are accurate and easily accessible.
> >> I like it if optional or debug type setting.  Or if your template 
> >> editor
> >> module can turn display on.  I don't like the comments on all 
> >> production sites.
> I've committed this option into the php-lib-stable tree.

Thanks!  I've pulled that into the CVS for Back-End so that it is in the
next release.  Now I just need to go through and get rid of all of the
comments that have been added to the templates manually.

> > Glad to know that there is general agreement on:
> > $str = "<!-- START $filename -->' . $str . '<!-- END  $filename
> -->';
> I changed "START" and "END" to "START FILE" and "END FILE" so that the
> end comment would be easily distinguishable from any undeclared block 
> comments.

Fine with me.

> > I also think that turning the comments on/off would be very useful. 
> I
> > guess it's a matter of being something that is configured within
> > template.inc or passed to template.inc from slashTemplate.class (and
> > probably set in the config.ini.php file)..
> The functionality is controlled via a class variable - 
> $filename_comments. This defaults to false to preserve consistent 
> functionality with previous versions as well as to provide minimal 
> configuration for production sites.

Yup.  Makes sense.  Thanks for including this so quickly...

Mike
-- 
Mike Gifford, OpenConcept Consulting
Free Software for Social Change -> http://www.openconcept.ca
Stop Cdn Pension Plan War Investments -> http://coat.openconcept.ca/
Another world is not only possible, she is on her way -Arundhati Roy

Re: [Phplib-users] Re: [Phpslash-devel] rfe to template.inc

[Layne W. <la...@dr...>]

On Dec 31, 2003, at 10:25 AM, Mike Gifford wrote:

> On Tue, 2003-12-30 at 12:16, Joe Stewart wrote:
>> On Tue, Dec 30, 2003 at 09:49:43AM -0500, Mike Gifford wrote:
>>> In talking to the Back-end.org team though, it seems like the 
>>> following
>>> modification to template.inc would make it easier for us to ensure 
>>> that
>>> the file names are accurate and easily accessible.
>> I like it if optional or debug type setting.  Or if your template 
>> editor
>> module can turn display on.  I don't like the comments on all 
>> production sites.

I've committed this option into the php-lib-stable tree.

> Glad to know that there is general agreement on:
> $str = "<!-- START $filename -->' . $str . '<!-- END  $filename -->';

I changed "START" and "END" to "START FILE" and "END FILE" so that the 
end comment would be easily distinguishable from any undeclared block 
comments.

> I also think that turning the comments on/off would be very useful.  I
> guess it's a matter of being something that is configured within
> template.inc or passed to template.inc from slashTemplate.class (and
> probably set in the config.ini.php file)..

The functionality is controlled via a class variable - 
$filename_comments. This defaults to false to preserve consistent 
functionality with previous versions as well as to provide minimal 
configuration for production sites.

> I'm not sure how you'd make it configurable without something like:
> 	function loadfile($varname, $showComments=true) {
>
> or perhaps another global variable.
>
> I do think the comments should be there by default, but would be 
> awfully
> nice if they could be turned off in a live site.


Layne Weathers

[Phplib-users] Re: [Phpslash-devel] rfe to template.inc

[Mike G. <mi...@op...>]

Howdy Joe,

On Tue, 2003-12-30 at 12:16, Joe Stewart wrote:
> On Tue, Dec 30, 2003 at 09:49:43AM -0500, Mike Gifford wrote:
> > In talking to the Back-end.org team though, it seems like the following
> > modification to template.inc would make it easier for us to ensure that
> > the file names are accurate and easily accessible.
> I like it if optional or debug type setting.  Or if your template editor
> module can turn display on.  I don't like the comments on all production sites.

Glad to know that there is general agreement on:
$str = "<!-- START $filename -->' . $str . '<!-- END  $filename -->';

I also think that turning the comments on/off would be very useful.  I
guess it's a matter of being something that is configured within
template.inc or passed to template.inc from slashTemplate.class (and
probably set in the config.ini.php file)..

I'm not sure how you'd make it configurable without something like:
	function loadfile($varname, $showComments=true) {

or perhaps another global variable.

I do think the comments should be there by default, but would be awfully
nice if they could be turned off in a live site.

Mike
-- 
Mike Gifford, OpenConcept Consulting
Free Software for Social Change -> http://www.openconcept.ca
Stop Cdn Pension Plan War Investments -> http://coat.openconcept.ca/
Another world is not only possible, she is on her way -Arundhati Roy

[Phplib-users] rfe to template.inc

[Mike G. <mi...@op...>]

Hello,

Presently Back-End.org is using template.inc as is and adding in
template header/footer comments with each template just as phpSlash and
(and most other phplib template driven apps likely do).  

In talking to the Back-end.org team though, it seems like the following
modification to template.inc would make it easier for us to ensure that
the file names are accurate and easily accessible.


cvs diff phplib/php/template.inc
Index: phplib/php/template.inc
===================================================================
RCS file:
/cvsroot/back-end/back-end0.7.x/class/phplib/php/template.inc,v
retrieving revision 1.1.1.1
diff -r1.1.1.1 template.inc
909c909,911
<
---
>
> $str = "<!-- START $filename -->' . $str . '<!-- END  $filename -->';
>


If we implement this we'll have a lot of header/footer comments to delete and I'd just like to try to keep this in step with phpSlash if we can.


I'd also like to contribute the following javascript which can just be inserted into a block to easily identify which templates are where.


<script type="text/javascript">
<!--
 // Code Contributed by Lasse Nielsen - http://www.infimum.dk
 function convert(node) {
   if (!node) {node = document.body;}

   switch (node.nodeType) {
     case Node.COMMENT_NODE:
       var text = node.nodeValue;
       if (text.substr(0,7)==" START ") {
         var newNode = createNewNode(text.substr(7));
         node.parentNode.replaceChild(newNode,node);
       }
       break
     case Node.ELEMENT_NODE: 
       for (var i=0;i<node.childNodes.length;i++) {
         convert(node.childNodes[i]);
       }
       break;
     default:
       break;
  }
}

function createNewNode(text) {
  var a = document.createElement("a");
  a.href =
"/admin/BE_editTemplateAdmin.php?submit=edit&file="+escape(text);
  var img = document.createElement("img");
  img.src = "/images/BE/buttons/spacer.gif";
  a.appendChild(img);
  return a;
}
-->
</script>

<input type="button" value="Convert!" onclick="convert()">


Mike
-- 
Mike Gifford, OpenConcept Consulting
Free Software for Social Change -> http://www.openconcept.ca
Stop Cdn Pension Plan War Investments -> http://coat.openconcept.ca/
Another world is not only possible, she is on her way -Arundhati Roy

Re: [Phplib-users] 7.4 session data

[Nathaniel P. <np...@te...>]

On 12/13/2003 2:36 PM, Frank Bax wrote :

> I'm finally getting around to looking at 7.4 on a server that is still 
> running 7.2d.  All seems to be going well, except that session files 
> are created in /tmp instead of using database.  I traced this to 
> local4.inc - when I changed "session4.inc" to "session.inc", my 
> session data went back to my database.  Can PHP4 native sessions 
> (which session4 is, I think) not use database tables?  Do I care?  
> Should I use prepend.php3 instead, even though the server is running 
> PHP4?  Can I mix and match session, user, auth, page files - or must 
> they all be from same set?
>
Okay, here's what happened. PHPlib 7.4 was extended to be able to use 
PHP4 sessions natively, which means that PHPlib running in that "mode" 
will just create a PHPLib API that interfaces with PHP4's sessions and 
PHP4 will handle all of the nitty-gritty session stuff itself.

If you want the session data to be stored in the database you can do one 
of two things:

1) Use the session.inc, local.inc, and prepend.php3 scripts to do your 
session handling, in which case, PHPLib will handle all of the session 
stuff by itself, as before.

2) Use session4-custom.inc to define a custom PHP4 session storage 
container using your database. See these pages for more info:
http://www.sanisoft.com/phplib/manual/php4_sessions.php
http://www.sanisoft.com/phplib/manual/php4_cust_sessions.php
http://www.php.net/manual/en/function.session-set-save-handler.php

DO NOT mix and match the two sets of files. Unexpected results may and 
probably will occur. All of the *4.inc files expect PHPlib to use PHP's 
native session handling and adjust for that, the others assume that 
PHPlib handles all of the session stuff. That is the only real 
difference between the two. Things will work just fine with whichever 
set of files you choose to use, even if you're using PHPlib's 
PHP3-compatible sessions on PHP4.

-- 
___________________________
Nathaniel Price
http://www.tesserportal.net
Webmaster

Re: [Phplib-users] Mi auth class expires quickly

[Virilo T. <vi...@su...>]

Ive found the answer: it was due to im using two different auth classes =
with the same session class.
I havent readed the sources this time, but each time that i use the =
customer site, i have to re-login the admin site.

I didnt know this fact because i was using Opera for admin...=20



----- Original Message -----=20
  From: Virilo Tejedor=20
  To: php...@li...=20
  Sent: Sunday, December 14, 2003 9:35 PM
  Subject: [Phplib-users] Mi auth class expires quickly


  Hello.

      Im using session4 with auth4. Both clases has lifetime=3D0, but mi =
auth expires quickly (two minutes or less).
  Why?

  Thanks in advance.

      Virilo Tejedor.  Email: vi...@su...

[Phplib-users] Mi auth class expires quickly

[Virilo T. <vi...@su...>]

Hello.

    Im using session4 with auth4. Both clases has lifetime=3D0, but mi =
auth expires quickly (two minutes or less).
Why?

Thanks in advance.

    Virilo Tejedor.  Email: vi...@su...

[Phplib-users] 7.4 session data

[Frank B. <fb...@sy...>]

I'm finally getting around to looking at 7.4 on a server that is still 
running 7.2d.  All seems to be going well, except that session files are 
created in /tmp instead of using database.  I traced this to local4.inc - 
when I changed "session4.inc" to "session.inc", my session data went back 
to my database.  Can PHP4 native sessions (which session4 is, I think) not 
use database tables?  Do I care?  Should I use prepend.php3 instead, even 
though the server is running PHP4?  Can I mix and match session, user, 
auth, page files - or must they all be from same set?

Frank

[Phplib-users] Need a bit of help making a user system

[<dar...@ro...>]

Hey,

    I've got a user system in place that uses PHPLIB but there is an 
issue that I would like to get rid of.

    When you click the link to login you're taken to the login screen 
but if you don't want to log in a just go back to the main page it will 
keep displaying the login page even if your back on the main page. The 
only way to get back to the main page is by clicking a link that says 
"Cancel Login". Is there a way that I can remove this so that it will 
only display the login page when you actually request it without having 
to click on the cancel login button?

Thanks.
Chris

Re: FW: [Phplib-users] phplib 7.4 and register globals

[Nathaniel P. <np...@te...>]

Sorry for not getting back to you sooner, I left work before your email 
came in and haven't come back 'til today.

PHP was changed somewhere around 4.2.3 to not allow global variables to 
be registered directly with the function session_register() (which is 
used in PHPLib) when the register_globals setting was set to off, in 
keeping with the mantra that data from outside of PHP should be isolated 
from the global variable space when register_globals is off.

You can, however, re-enable this "bug" and suppress the warning by 
setting the following flags in php.ini:
session.bug_compat_42 on
session.bug_compat_warn off

Or alternately, you can set it in an apache directive in your httpd.conf 
or an .htaccess file:
php_flag session.bug_compat_42 1
php_flag session.bug_compat_warn 0

This should solve the problem. Or you can bypass PHP4 sessions 
altogether and use PHPlib's internal session handling code, which will 
also keep the bug from appearing, but that would seem redundant. The 
only reason I do it is because I've got an app with a good portion of 
legacy code, and I haven't bothered to switch over to the PHP4 sessions 
since we upgraded the server from PHP3. It's something I keep hoping to 
do, but other things get in the way, and since it works, there's no 
great impetus to fix it.

Incedentally, if you're wondering why PHPLib sessions rely on this bug, 
it is because of legacy support -- PHPLib's sessions have historically 
used the global variable space to store session variables. I imagine 
that the code could be reworked by altering the code in session4.inc to 
put all PHPlib-registered session vars into the $_SESSION[] variable, 
then extracting it back out into the global variable space. This would 
avoid the reliance on the bug. It might even be a good idea to have a 
setting that allows PHPlib sessions to work without using the global 
variable space, perhaps by using the $sess object to access the values 
directly.

Are there any PHPlib developers that would like to comment on this?


On 11/17/2003 12:56 PM, Arleen Sáles wrote :

>Also, with register_globals set to off, I'll get this on index.php3:
>
>Reload this page to see the counters increment.
>Load a more complex example (login as kris, password test).
>Load the default auth example.
>Show your phpinfo() page.
>Logout and delete your authentication information.
>
>Per Session Data: 1
>Per Session Data is referenced by session id. The session id is propagated
>using either a cookie stored in the users browser or as a GET style
>parameter appended to the current URL. 
>
>Per Session Data is available only on pages using the feature "sess" in
>their page_open() call. 
>
>Warning: Unknown(): Your script possibly relies on a session side-effect
>which existed until PHP 4.2.3. Please be advised that the session extension
>does not consider global variables as a source of data, unless
>register_globals is enabled. You can disable this functionality and this
>warning by setting session.bug_compat_42 or session.bug_compat_warn to off,
>respectively. In Unknown on line 0
>
>-----Original Message-----
>From: Arleen Sáles [mailto:ar...@w3...] 
>Sent: Monday, November 17, 2003 12:51 PM
>To: 'Nathaniel Price'
>Subject: RE: [Phplib-users] phplib 7.4 and register globals
>
>
>Sorry to be so general, Nathaniel. I've used phplib for other projects but
>have been out of programming for over 1/2 year so I'm having to refresh the
>memory...
>
>Yes, I followed the installation instructions and everything appears to work
>correctly. However, when I set register_globals to "off," the counter does
>not increment. I just want to make sure everything is working correctly
>prior to developing a site.
>
>Arleen.
>
>[snipped old replies]
>


-- 
___________________________
Nathaniel Price
http://www.tesserportal.net
Webmaster

[Phplib-users] PHP5

[Daniel B. <bo...@io...>]

has anyone tried phplib in PHP5.

at first glance it looks like everything is working except template. 
Template does not seem to return any errors/warnings - it just doesn't
work.

Re: [Phplib-users] phplib 7.4 and register globals

[Nathaniel P. <np...@te...>]

The question is a bit general... can you be a bit more specific in what 
exactly was done? Did you follow all of the installation instructions 
(PHPlib requires a small amount of customization/configuration before it 
can be used with the examples)? What kind of error message (if any) are 
you getting? What specifically doesn't work? Does the page display, but 
the session variable doesn't increment?

On 11/17/2003 8:12 AM, Arleen Sáles wrote :

>Perhaps I missed something but after installing 7.4 and setting
>register_globals to off, I am not able to get showoff.php3 to work
>correctly.
>
>I apologize in advance if this question is redundant... But, if someone
>could please be so kind to direct me to an answer or previous post
>addressing this issue I'd appreciate it. Thank you.
>
>Arleen.
>
>  
>


-- 
___________________________
Nathaniel Price
http://www.tesserportal.net
Webmaster

Re: [Phplib-users] Blank pages

[<php...@Ea...>]

Ah! Thanks! That helps! That'll at least send me in the right direction.

----- Original Message ----- 
From: "patrick" <pm...@sa...>
To: <php...@Ea...>
Sent: Friday, November 14, 2003 7:56 PM
Subject: Re: [Phplib-users] Blank pages


> You have a php syntax error. Try setting the error_reporting value to
> 2047 in an .htaccess file or in your php.ini config
> 
> php...@Ea... wrote:
> > I installed PHPLib 7.4 on my Windows 2003 Server Web Edition last week. When I run the
samples, I
> > get nothing but blank pages returned with the following HTML source:
> > 
> > 
> > 
> > 
> > 
> > 
> > The samples I'm running are in the \pages folder. index.php3 and showoff.php3
> > 
> > You can see the results from here:
> > www.michaelquinn.net/phplib/index.php3
> > www.michaelquinn.net/phplib/showoff.php3
> > 
> > Also,
> > www.michaelquinn.net/phplib/test.php3
> > which calls 
> > ">Load the simple page again.

> > ">Load the complex example again (login as
kris,
> > password test).

> > ">Load the default auth example.

> > ">Logout and delete your authentication
> > information.

> > 
> > and produces the following output:
> > 
> > No input file specified.
> > 
> > I've also got the latest MySQL installed. I'm at the end of my knowledge here. I'm basically
just
> > trying to get the sourceforge project "mynewsgroups" working, which relies on PHPLib. I have
> > little to no experience in PHP and zero in PHPLib, but I do have decades of experience in other
> > languages, so I'm not totally out of my realm here.
> > 
> > Any help or pointers in the right direction would be greatly appreciated!
> > 
> > Thanks!
> > 
> 
> 
> 




 

[Phplib-users] Blank pages

[<php...@Ea...>]

I installed PHPLib 7.4 on my Windows 2003 Server Web Edition last week.  When I run the samples, I
get nothing but blank pages returned with the following HTML source:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=windows-1252"></HEAD>
<BODY></BODY></HTML>

The samples I'm running are in the <phplib>\pages folder.  index.php3 and showoff.php3

You can see the results from here:
www.michaelquinn.net/phplib/index.php3
www.michaelquinn.net/phplib/showoff.php3

Also,
www.michaelquinn.net/phplib/test.php3
which calls 
  <a href="<?php $sess->purl("index.php3")?>">Load</a> the simple page again.<br>
  <a href="<?php $sess->purl("showoff.php3")?>">Load</a> the complex example again (login as kris,
password test).<br>
  <a href="<?php $sess->purl("defauth.php3")?>">Load</a> the default auth example.<br>
  <a href="<?php $sess->purl("logout.php3") ?>">Logout</a> and delete your authentication
information.<br>

and produces the following output:

No input file specified.

I've also got the latest MySQL installed.  I'm at the end of my knowledge here.  I'm basically just
trying to get the sourceforge project "mynewsgroups" working, which relies on PHPLib.  I have
little to no experience in PHP and zero in PHPLib, but I do have decades of experience in other
languages, so I'm not totally out of my realm here.

Any help or pointers in the right direction would be greatly appreciated!

Thanks!

Re: [Phplib-users] phplib 7.4 and register globals

[Nathaniel P. <np...@te...>]

On 11/13/2003 5:12 AM, pau...@mo... wrote :

>Dear All
>
>Can you tell me if phplib-7.4 allows register-globals to be set to off?
>  
>
As of version 7.4, PHPlib can handle register-globals being set to off, 
since it now uses the $HTTP_*_VARS arrays.

>Can you also tell me if it uses php native sessions \"out of the box\"?
>  
>
There is support for native sessions built into PHPlib--you'll want to 
check the section on PHP4 Sessions in the documentation on how to set it 
up. Please note that some of the documentation is out of date; 
specifically PHPLib native session support is included within the base 
library package and is no longer a seperate download. AFAIK, the rest of 
it is still mostly relevant. I have not personally tried using PHPlib 
with native sessions (yet-- haven't had the time to set it up since we 
upgraded our webserver to PHP 4), so I can't give any specific details 
on how it works.

-- 
___________________________
Nathaniel Price
http://www.tesserportal.net
Webmaster

[Phplib-users] phplib 7.4 and register globals

[<pau...@mo...>]

Dear All

Can you tell me if phplib-7.4 allows register-globals to be set to off?

Can you also tell me if it uses php native sessions \"out of the box\"?

Many thanks

Paul


*****************************************************************************
This email and any attachments transmitted with it are confidential
and intended solely for the use of the individual or entity to whom
they are addressed. If you have received this email in error please
notify the sender and do not store, copy or disclose the content
to any other person.

It is the responsibility of the recipient to ensure that opening this
message and/or any of its attachments will not adversely affect
its systems. No responsibility is accepted by the Company.
*****************************************************************************

Re: [Phplib-users] postgresql authentication fail

[Nathaniel P. <np...@te...>]

On 11/9/2003 8:11 AM, GSO wrote :

>
> Hi,
>
> Have been trying to get past the following error for a few days now:
>
> Warning: Unable to connect to PostgresSQL server: FATAL 1: IDENT 
> authentication failed for user "www-data" in
> /usr/lib/phplib/db_pgsql.inc on line 48
> Database error: Link-ID == false, connect failed
> Session halted.
>
> PHP 3.0.18, PHPlib 7.2, psotgresql 7.2.1, apache 1.3.26.  CGI scripts 
> run fine (accept from home directories where the default 
> Debian/Adamantix Apache configuration limits user directories to read 
> only).  phpinfo() reports the postgresql interface fine.  I am someone 
> who is more at home typing SQL in so would appreciate any help at all 
> on this one.

Sounds like a database configuration problem to me. Make sure that there 
is a database user named www-data configured under PostgreSQL, and that 
you GRANT www-data permissions to the tables you want to access. Or you 
can supply a different username and password to connect to the database 
with in your local.inc file, however, be aware that this can cause 
security problems if you connect with the same user that created the 
database and/or tables or with the postgres superuser.

If this isn't your problem, make sure that PostgreSQL is configured 
correctly to allow you to connect to the database in your pg_hba.conf file.

If you are trying to connect to a remote database (it doesn't sound like 
you are, but...) you'll need to make sure that the PostgreSQL server of 
the remote machine is configured to allow you to authenticate remotely.

Relavent documentation for PostgreSQL:
http://www.postgresql.org/docs/view.php?version=7.2&idoc=1&file=user-manag.html
http://www.postgresql.org/docs/view.php?version=7.2&idoc=1&file=client-authentication.html
http://www.postgresql.org/docs/view.php?version=7.2&idoc=1&file=sql-grant.html

-- 
___________________________
Nathaniel Price
http://www.tesserportal.net
Webmaster

[Phplib-users] postgresql authentication fail

[GSO <gs...@em...>]

Hi,

Have been trying to get past the following error for a few days now:

Warning: Unable to connect to PostgresSQL server: FATAL 1: IDENT 
authentication failed for user "www-data" in
/usr/lib/phplib/db_pgsql.inc on line 48
Database error: Link-ID == false, connect failed
Session halted.

PHP 3.0.18, PHPlib 7.2, psotgresql 7.2.1, apache 1.3.26.  CGI scripts 
run fine (accept from home directories where the default 
Debian/Adamantix Apache configuration limits user directories to read 
only).  phpinfo() reports the postgresql interface fine.  I am someone 
who is more at home typing SQL in so would appreciate any help at all 
on this one.

Thanks in advance,

GSO