Thread: [Phplib-users] A great improvement
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
phplib-users
|
From: Giancarlo <gia...@na...> - 2002-08-18 23:37:29
|
VV! -------- Original Message -------- Subject: Re: [PHP-DEV] trans-sid warning? Date: Sun, 18 Aug 2002 16:14:32 -0700 (PDT) From: ra...@ph... (Rasmus Lerdorf) To: Giancarlo <gia...@na...> CC: Dan Hardiker <dha...@st...>, <ph...@li...> Newsgroups: php.dev References: <200...@ww...> Ok, then that is a bug that needs to be fixed before 4.3. On Mon, 19 Aug 2002, Giancarlo wrote: > Il 00:13, luned?19 agosto 2002, hai scritto: > > > Il 23:54, domenica 18 agosto 2002, Rasmus Lerdorf ha scritto: > > > > Hrm.. Wait a second though, Giancarlo is saying that if the user > > > > passes in a session id himself and that session does not exist, then > > > > that will be the session id he will be given if a session is created on > > > > that request. Is that correct, Giancarlo? > > > > > > Well, yor browser has to be 'virgin' with regards to that cookie. > > > You musn't have received one already. to be an available victim > > > > Even if you haven't received a cookie already, I don't think you can set > > the session id the way you describe. Can you get PHP to create > > /tmp/sess_123 given my example? > > > > Yes, I do > > [root@pong tmp]# ls -l sess* > -rw------- 1 nobody 4294967295 12 Aug 19 00:31 sess_123 > > it contains: > > a|s:3:"Foo"; > > Giancarlo > > > -- > PHP Development Mailing List <http://www.php.net/> > To unsubscribe, visit: http://www.php.net/unsub.php > |
|
From: Dr T. S. <ta...@sa...> - 2002-08-20 05:08:08
|
On Mon, 19 Aug 2002, Giancarlo wrote: Good work Giancarlo!! Now can someone convince Zeev that it is OK for PHP to do things other than web applications ;-) Tarique > VV! > > -------- Original Message -------- > Subject: Re: [PHP-DEV] trans-sid warning? > Date: Sun, 18 Aug 2002 16:14:32 -0700 (PDT) > From: ra...@ph... (Rasmus Lerdorf) > To: Giancarlo <gia...@na...> > CC: Dan Hardiker <dha...@st...>, <ph...@li...> > Newsgroups: php.dev > References: <200...@ww...> > > Ok, then that is a bug that needs to be fixed before 4.3. > > On Mon, 19 Aug 2002, Giancarlo wrote: > > > Il 00:13, luned?19 agosto 2002, hai scritto: > > > > Il 23:54, domenica 18 agosto 2002, Rasmus Lerdorf ha scritto: > > > > > Hrm.. Wait a second though, Giancarlo is saying that if the user > > > > > passes in a session id himself and that session does not exist, then > > > > > that will be the session id he will be given if a session is created > on > > > > > that request. Is that correct, Giancarlo? > > > > > > > > Well, yor browser has to be 'virgin' with regards to that cookie. > > > > You musn't have received one already. to be an available victim > > > > > > Even if you haven't received a cookie already, I don't think you can set > > > the session id the way you describe. Can you get PHP to create > > > /tmp/sess_123 given my example? > > > > > > > Yes, I do > > > > [root@pong tmp]# ls -l sess* > > -rw------- 1 nobody 4294967295 12 Aug 19 00:31 sess_123 > > > > it contains: > > > > a|s:3:"Foo"; > > > > Giancarlo > > > > > > -- > > PHP Development Mailing List <http://www.php.net/> > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > ------------------------------------------------------- > This sf.net email is sponsored by: OSDN - Tired of that same old > cell phone? Get a new here for FREE! > https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 > _______________________________________________ > Phplib-users mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-users > -- ============================================================= PHP Applications for E-Biz: http://www.sanisoft.com Indian PHP User Group: http://groups.yahoo.com/group/in-phpug ============================================================= |
|
From: Chris J. <ch...@ch...> - 2002-08-21 20:40:55
|
On Tue, Aug 20, 2002 at 10:14:54AM +0530, Dr Tarique Sani wrote:
> On Mon, 19 Aug 2002, Giancarlo wrote:
>
> Good work Giancarlo!!
>
> Now can someone convince Zeev that it is OK for PHP to do things other
> than web applications ;-)
>
> Tarique
> Giancarlo wrote:
> > VV!
> >
> > -------- Original Message --------
> > Subject: Re: [PHP-DEV] trans-sid warning?
> > From: ra...@ph... (Rasmus Lerdorf)
> > To: Giancarlo <gia...@na...>
> > Ok, then that is a bug that needs to be fixed before 4.3.
Yes, thank you, Giancarlo! Nice work.
Tarique, I used PHP for non-web scripts all the time. It's getting better
at doing so in the most recent releases.
What I'd really like to see is a multi-threaded PHP application server, so
that I can write middle-tier business-logic services in PHP. :-)
--
..chris
|
|
From: Giancarlo <gia...@na...> - 2002-08-21 21:51:58
|
Well, I spoke too early.=20 The latest discussions on php-dev resurged that awful arbitrary-id creati= on=20 possibility. I mean, PHP4 sessions without that, plus the use_only_cookie and some de= eper=20 gc possibility (at least at a max depth of 3 to promote per-user save_pat= h in=20 a vhost environment) could nearly equate the functionalities available to= =20 traditional phplib session handling, at least while in a light-security,=20 unathenticated session. Without these changes, I wouldn't feel like suggesting the php4 session=20 stuff., you know that Gian Il 22:40, mercoled=EC 21 agosto 2002, Chris Johnson ha scritto: > On Tue, Aug 20, 2002 at 10:14:54AM +0530, Dr Tarique Sani wrote: > > On Mon, 19 Aug 2002, Giancarlo wrote: > > > > Good work Giancarlo!! > > > > Now can someone convince Zeev that it is OK for PHP to do things othe= r > > than web applications ;-) > > > > Tarique > > > > Giancarlo wrote: > > > VV! > > > > > > -------- Original Message -------- > > > Subject: Re: [PHP-DEV] trans-sid warning? > > > From: ra...@ph... (Rasmus Lerdorf) > > > To: Giancarlo <gia...@na...> > > > > > > Ok, then that is a bug that needs to be fixed before 4.3. > > Yes, thank you, Giancarlo! Nice work. > > Tarique, I used PHP for non-web scripts all the time. It's getting bet= ter > at doing so in the most recent releases. > > What I'd really like to see is a multi-threaded PHP application server,= so > that I can write middle-tier business-logic services in PHP. :-) |
|
From: Dr T. S. <ta...@sa...> - 2002-08-22 06:49:29
|
On Wed, 21 Aug 2002, Chris Johnson wrote: > Tarique, I used PHP for non-web scripts all the time. It's getting better > at doing so in the most recent releases. So do I, so do I BUT from another list I gather that Zeev does not want this to be emphasised at all... > What I'd really like to see is a multi-threaded PHP application server, so > that I can write middle-tier business-logic services in PHP. :-) Yes with multithreading and PHP-GTK you can really make great apps Tarique -- ============================================================= PHP Applications for E-Biz: http://www.sanisoft.com Indian PHP User Group: http://groups.yahoo.com/group/in-phpug ============================================================= |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X