Hi!
No, sorry for being unprecise. I mean the "remember me" functionality when you login to your serendipity backend!
Best rergards,
Garvin
Not able to enter comments
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi!
No, I was just talking of the admin section. Create an entry there wihtout being loigged in with the "remember me" functionality. Completely unrelated to comments - this is just to check how/if your sessions properly work.
Best regards,
Garvin
No, I was just talking of the admin section. Create an entry there wihtout being loigged in with the "remember me" functionality. Completely unrelated to comments - this is just to check how/if your sessions properly work.
Best regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi!
Exactly that I meant. And that it doesn't work proves the fact that your PHP sessions are NOT properly enabled!
Please talk to your provider and ask him to fix PHP cookie-based sessions on your server. They either have a wrong directory set, or a wrong php.ini setting. As you couldn't provide a phpinfo(), it is in their obligation to find out.
PHP sessions are required to make Serendipity properly work, sorry for that.
Best regards,
Garvin
Exactly that I meant. And that it doesn't work proves the fact that your PHP sessions are NOT properly enabled!
Please talk to your provider and ask him to fix PHP cookie-based sessions on your server. They either have a wrong directory set, or a wrong php.ini setting. As you couldn't provide a phpinfo(), it is in their obligation to find out.
PHP sessions are required to make Serendipity properly work, sorry for that.
Best regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Hi,
My provider didn't aswer me yet, but this is what I found on there site:
PHP variables
The register_globals configuration is turned off from version PHP 4.2.0 (older versions this is turned on), this is
because of security considerations.
Therefore, on our servers with PHP >=4.2.0 the register_globals are turned off.
What does register_globals do ?
This makes that all variables that are passed by the php script via GET, POST,
SESSION, COOKIE, SERVER exist directly as viariables.
This means that:
during the order http://www.uwdomein.nl/index.php?foo=bar
in the script the variables
$_GET[foo]
$foo
will be available.
Without register_globals only $_GET[foo] will be available.
In the versions PHP >=4.2.0 the variables will be found in the arrays:
$_GET;
$_POST;
$_SESSION;
$_COOKIE;
$_SERVER;
Work Arounds:
In case you have a script that uses a form with method “POST” and you do not wish to rewrite the entire script to correct the variable names the following script can be used as a workaround:
$gblArray="_POST";
$keys=array_keys($$gblArray);
foreach($keys as $key)
{
$$key=trim(${$gblArray}[$key]);
}
However, it is better to make sure that the global variables cannot be set from user input. This means all variables must be declared separately. For example:
$foo=$_POST[foo];
$bar=$_POST[bar];
$submit=$_POST[submit];
$name=$_POST[name];
Because the scripts cannot be changed, you can use the script mentioned below. If you decide to use this script, it means that all security errors will return.
$ArrayList=array("_GET", "_POST", "_SESSION", "_COOKIE", "_SERVER");
foreach($ArrayList as $gblArray)
{
$keys=array_keys($$gblArray);
foreach($keys as $key)
{
$$key=trim(${$gblArray}[$key]);
}
}
Does this ring you a bell?
Regards,
Bert
My provider didn't aswer me yet, but this is what I found on there site:
PHP variables
The register_globals configuration is turned off from version PHP 4.2.0 (older versions this is turned on), this is
because of security considerations.
Therefore, on our servers with PHP >=4.2.0 the register_globals are turned off.
What does register_globals do ?
This makes that all variables that are passed by the php script via GET, POST,
SESSION, COOKIE, SERVER exist directly as viariables.
This means that:
during the order http://www.uwdomein.nl/index.php?foo=bar
in the script the variables
$_GET[foo]
$foo
will be available.
Without register_globals only $_GET[foo] will be available.
In the versions PHP >=4.2.0 the variables will be found in the arrays:
$_GET;
$_POST;
$_SESSION;
$_COOKIE;
$_SERVER;
Work Arounds:
In case you have a script that uses a form with method “POST” and you do not wish to rewrite the entire script to correct the variable names the following script can be used as a workaround:
$gblArray="_POST";
$keys=array_keys($$gblArray);
foreach($keys as $key)
{
$$key=trim(${$gblArray}[$key]);
}
However, it is better to make sure that the global variables cannot be set from user input. This means all variables must be declared separately. For example:
$foo=$_POST[foo];
$bar=$_POST[bar];
$submit=$_POST[submit];
$name=$_POST[name];
Because the scripts cannot be changed, you can use the script mentioned below. If you decide to use this script, it means that all security errors will return.
$ArrayList=array("_GET", "_POST", "_SESSION", "_COOKIE", "_SERVER");
foreach($ArrayList as $gblArray)
{
$keys=array_keys($$gblArray);
foreach($keys as $key)
{
$$key=trim(${$gblArray}[$key]);
}
}
Does this ring you a bell?
Regards,
Bert
To bee or not to bee, that is the question
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi!
This does ring a bell, but register_globals is not required for serendipity at all; in fact we also discourage its use.
The PHP Session problem is in this case NOT related to it!
Best regards,
Garvin
This does ring a bell, but register_globals is not required for serendipity at all; in fact we also discourage its use.
The PHP Session problem is in this case NOT related to it!
Best regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/