Reply to Re: [PHP] Cookies. — PHP — IT news, forums, messages

Posted by "Nancy Ferracutti Kincaide" on 09/28/30 11:25

Dear Jasper,

I think the session hash function is set to 32, and MD5 is selected, as the
following lines of code show:
----------------------------------------------------------
function Session($sessionName="SESSID") {
$this->sendNoCacheHeader();

// Session-Namen setzen, Session initialisieren
session_name(isset($sessionName)
? $sessionName
: session_name());

@session_start();

// Prüen ob die Session-ID die Standardlänge
// von 32 Zeichen hat,
// ansonsten Session-ID neu setzen
if (strlen(session_id()) != 32)
{
mt_srand ((double)microtime()*1000000);
session_id(md5(uniqid(mt_rand())));
}
----------------------------------------------------------

The sentence die($_COOKIE[session_name()]), when executed, shows this value:
211b78tfl8umggkdh1ak7jrbf3 (a string of 26 characters long).

Thank you very much, again!
Nancy.

----- Original Message -----
From: "Jasper Bryant-Greene" <jasper@bryant-greene.name>
To: "php" <php-general@lists.php.net>
Sent: Tuesday, August 30, 2005 8:48 AM
Subject: Re: [PHP] Cookies.

> Nancy Ferracutti Kincaide wrote:
>> I am trying to install a web application that tests if cookies are
>> enabled the following way:
>>
>> $this->usesCookies =
>> (isset($_COOKIE[session_name()]) &&
>> @strlen($_COOKIE[session_name()])
>> == 32);
>>
>> As it gives as a result, that cookies are NOT ENABLED, I can't go on with
>> the SETUP phase.
>>
>> The responsible of the FALSE result, in the sentence above, is the LENGTH
>> of the string $_COOKIE[session_name()]. Its actual value is 26 instead of
>> 32, as expected. ¿Could anyone tell me if that LENGTH should be 32? ¿Is
>> this value mandatory to admit that cookies are enabled?
>
> That would depend on what the session hash function was set to. Normally
> it should be 32 or 40 depending on whether MD5 or SHA1 was selected.
>
> Just the fact that $_COOKIE[session_name()] is set would indicate that
> cookies are enabled, but the application may be performing some sort of
> sanity check, which is obviously failing...
>
> Put a die($_COOKIE[session_name()]); just before that line, and tell us
> what it shows.
>
> --
> Jasper Bryant-Greene
> Freelance web developer
> http://jasper.bryant-greene.name/
>
> If you find my advice useful, please consider donating to a poor
> student! You can choose whatever amount you think my advice was
> worth to you. http://tinyurl.com/7oa5s
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация