|
What is use of sessions & cookies in servlets?
Started by jaffar on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at stackoverflow):
Cookies are used to keep track of sessions by making the browser hold and return a unique ID (the cookie) that is used to recall the stored session-Session-Tracking.html....
Session store items between HTTP requests.
|
|
Hi, I like to know if someone disables the cookies in my browser then cookies dont work for my browser then how can I do sessions in java. I am writing servlets for server side programming. Then how does my sessions work? How does it recognize the user...
Answer Snippets (Read the full thread at stackoverflow):
If cookies are disabled, most session providers append a URL parameter called the session data on the server....
If cookies are disabled, you can still maintain sessions by sending the value of JSESSIONID right into the url.
|
|
I only manually set 1 cookie on my social network site, I do rely heavily on php sessions though and I am wondering if sessions set any cookies behind the scenes?
I was just reading up on HttpOnly-cookies and I am just trying to figure out if I can use...
Started by jasondavis on
, 5 posts
by 5 people.
Answer Snippets (Read the full thread at stackoverflow):
Your session data are stored only on your server that HttpOnly....
PHP sessions use HTTP to get and set the session ID, and the filesystem to store the sessions sessions rely on a cookie containing a session key.
|
Ask your Facebook Friends
|
I am currently running an application with the following properties:
Java-based with Spring and Acegi Running on Tomcat 5 I need the ability to support user sessions without cookies. Could someone please point me in the right direction.
Thank you.
Started by Zakir Hemraj on
, 5 posts
by 5 people.
Answer Snippets (Read the full thread at stackoverflow):
Maybe a custom tag security - people might email links to someone... .
However URLs to have the session as a parameter, and all forms as a hidden field.
Will try cookies, and if that fails fall back on encoding the session in the url).
|
|
Hi guys,
I want to make a login system using cookies/sessions but I'm not sure what security and such is like with them.
With sessions, if "login" is set to "yes", can I trust that? Are users able to change what it returns? Should I just store the encrypted...
Started by hatter on
, 7 posts
by 7 people.
Answer Snippets (Read the full thread at stackoverflow):
Cookies are user input, session ids that are stored session hijacking more difficult - PHP Security Guide: Sessions
This article deals with basicIf you set a session....
Rule of thumb: do not trust user input.
Are cheap.
|
|
Hi all,
Am doing online Quiz type of script in PHP. User needs to attend 50 Question in 45 minutes.
After that time it should close the page or Submit the answer to the next page.
It is better to use cookies or sessions. How can i do that.
Am novice in...
Started by ROSE on
, 4 posts
by 4 people.
Answer Snippets (Read the full thread at stackoverflow):
$_SESSION is an array() )
A good article to take a look at sessions, cookies and the inherent security risks is http://blog.themeforest.net/tutorials....
Therefor, I would recommend sessions which are only server-side.
Try to cheat.
|
|
Sorry, if this question is naive (I'm a newbie):
In codeigniter session data are saved in a cookie by default. But there must be also a file on my server (named as the session id) to verify that the data (in the cookie) is valid, or am I wrong?
I'm searching...
Started by Jennifer Weinberg on
, 4 posts
by 4 people.
Answer Snippets (Read the full thread at stackoverflow):
The cookie contains an md5 hash of the session data and the encryption key of the cookie which:
// Decrypt the cookie data if ($this->sess_encrypt_cookie == TRUE) { $session = $this->CI->encrypt->decode....
|
|
When a user logins I get him/her's ID and save it in a session var. What I wonder is, is this the way to go? Or should I use cookies? so it automatically login and so on.
session_start(); ifcorrectlogin { $_SESSION['id'] = mysql_result($loginQuery, 0,...
Started by Erkka on
, 5 posts
by 5 people.
Answer Snippets (Read the full thread at stackoverflow):
I use django which ....
I would try to find a session engine so you don't wrong.
If you want, you can they visit after the present session has expired.
Manage login/logout with Sessions.
Cookies can be manipulated very easily.
|
|
How can I do one login script that uses cookies for login and for example I want to check if the visitor is logged in without querying the database.
For example I want on frontpage to show some menu's only for logged in users .
so I must do if(isLoggedIn...
Started by FinalDestiny on
, 6 posts
by 6 people.
Answer Snippets (Read the full thread at stackoverflow):
You can do this:
session_start, after login, maybe againstan....
Add session_start(); to your pages sessions some other way, but it might be enough for just menu-based stuff.
LoggedIn']); }
Hi,
you can use sessions in php for this.
|
|
Im using cURL to log into a website and then store a session cookie.
Is there a way I can access that session cookie from another PHP script (in the same dir etc.) Ive tried:
$ch = curl_init(); curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); curl_...
Started by ZA on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at stackoverflow):
You need to add this as well, to read the file:
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie.txt"); complete code:
$fp = fopen("cookie.txt", "w"); fclose($fp); $ch = curl_init(); curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); curl_setopt($ch, CURLOPT... .
|
