I recently changed the signup page for a site. It's working for some, but for others it's failing.
For whatever reason, the server is sometimes getting confused and running the old query.
Hosting support stated they don't have any serverside PHP cacheing. OSCommerce cache is turned off. phpBB is the forum software, but only the forum database is involved here. What else to check?
ANSWER:
Check whether or not there's a second sign-up form hidden elsewhere on the site.
Nothing to see here! Move along!
Try making it reload with something like a header()
session_register("mysess");
$mysess++;
if ( $mysess < 2 ) { header("Location: mypage.php"); }
Thats un-tested but mite give you somewhere to start.
Related
Apologies if this question duplicates some other question, but I can't find one exactly like it in S.O.
I am writing a remotely hosted app, the kind that runs when you put a javascript on your own website page, where the src="some remote javascript.js". so, the script operates by calling every operation as a jsonp ajax. A lot of jsonp housekeeping, but otherwise works surprisingly well.
In the main remote js script, I set a user cookie when the user logs in. It works fine, the cookie is set for a year, and when you return to the page it continues recognizes you.
However, when I try to output the cookie (even after it has been set) using php, my php code does not see it for some reason.
If I alert(document.cookie); the cookie is displayed.
If I do a var_dump($_COOKIE); php returns array(0) { }.
This isn't a "you have to reload the page after setting the cookie with javascript" problem.
As far as I know, when I use the Firefox Web Developer extension to View Cookie Information, it is all happening on the same domain.
Looking over many other examples, it is clear that PHP should be able to read a cookie, even if set by javascript.
Even as I write this, I think a glimmer of what the problem is is starting to form in my head, that (possibly) a JSONP'd php script isn't going to see the cookie set by javascript.
Well I m having strange problem here. I have a codeigniter 2 web application which requires user login.
My session works perfectly when I jump from one page to another. But when I turn on Firebug and try to jump to another page, i m kicked back to login page.
This happens always everytime I turn firebug on, but works okay if its not turned on. I have no clue whats going around.
Why Codeigniter session is not working when Firebug is turned on?
Any help will be highly appreciated.
Edit:
I have two separate applications made with Codeigniter. Both have same issue.
P.S. I am facing this problem in my local machine, haven't checked in remote server.
Thanks,
Sabin
if you have the session filtering by user agent that's the problem. firebug adds additional stuff which can cause CI to think your session has been hijacked.
if you have firebug on globally, you may notice some sites tell you to disable the plugin for their site(for example gmail) for that very reason.
Also, if the sessions are not setting try a couple different values in cookie_domain. Setting it to empty did the trick to me. It appears that codeigniter tries to fill in the value for you ($config['cookie_domain'] = "";)
All right so I've been looking all over the net and I can't seem to find any solution for my problem. My apologies if this has been asked in the past.
I'm sure there's a very simple answer for this: A while back I built a website for a client. This website has an administration system in which some pages are locked using a $_SESSION variable called 'level', which basically checks whether the user is an administrator or not. Furthermore, some pages are locked with the usual log in session variables, to ensure that only logged in people can access these pages.
Now the problem is that on two of my pages, the php scripts seems to run completely by themselves. The first page is just a page that resends all of the activation emails to every user in the DB. This page can only be accessed by being logged in, and being an administrator. The second page can only be accessed by going through PayPal. The PayPal script has fallback support which checks whether there are PayPal post variables.
Anyone know why these scripts are running by themselves? It gets bothersome when random emails are continually sent to customers or administrators. I probably did something wrong somewhere. I thought it might just be the Google crawler activating the scripts, but wouldn't the crawler have to be logged in to access the scripts?
It could be a number of things.
One approach could be that search engines are executing your scripts.
A couple of years ago I was hired to look into what could be causing the deletion of all pages made with their homemade CMS.
Looking through their access logs revealed that two search engines was trying to index the content in the administration frontend. Including all the Delete page links.
The reason why this could occur was a combination of two things.
The first was the administrators browser plugins from the two search engines. Documentation proved that pages a client visited was sent to the search engines from their plugin.
Secondly, when the search engine attempted to index a session protected page, the original developer of their CMS forgot to put an exit; after the header('Location: ...');part which meant that the rest of the code on the page still got executed.
The solution
I fixed the problem by adding exit; to the code:
If( ! isset($_SESSION['level']) )
{
header('Location: login.php');
exit; // stops further execution of code
}
I hope this can help.
Check the access logs of your server and see when and what is calling those pages (if they are being called).
If something is accessing those pages (spider, person, etc) that shouldn't be, you have a security issue.
I highly doubt the scripts are 'calling themselves'
To find why they are being called, after you check if the session variable is set, and you find it isn't, add
file_put_contents('./log/log.txt', print_r($_SERVER));
Create yourself a directory "log" and a writabel file "log.txt" and the source should appear in there.
The other useful function is debug_backtrace(). Bit trickier to use this, but:
if ($handle = #fopen('./log/log.txt', 'a')) {
for ($i=1; $i<count($aBack); $i++) {
if (isset($aBack[$i]['file'])) {
fwrite($handle, $aBack[$i]['file'] . '/' . $aBack[$i]['line'] . "\n\r";
} else {
fwrite($handle, 'Anonymous function' . "\n\r";
}
}
fclose($handle);
}
Should give you a log of what oath was used. (Code typed verbatim - sorry for typos, but you should be able to work out from there)
Note that most client information (IP, referer etc) is forgable, but the calling URI isn't. It'll give you lots of info about what's calling them.
I am using
Back
to provide a back to previous page link. It works fine on Windows (IE/Mozilla) but fails in Safari on both Windows/Mac.
Is there a way to make it work on all of the systems/browsers (cross-browser/platform)?
If it's not possible, is there any other way using PHP etc?
it should be history.go(-1); return false;
or
history.go(-1); event.preventDefault();
You should consider doing it like this instead:
Back
Try this instead. It should work across IE, FF, Safari and Chrome.
<a href="#" onclick="if(document.referrer) {window.open(document.referrer,'_self');} else {history.go(-1);} return false;">Cancel<a>
The below code is working.
Back
If anyone is still struggling with this issue try removing the href-attribute from the link you want to use window.history.back() with. I'm not sure if this workaround complies with HTML-standards but it worked out fine for me.
I've faced the same issue recently, and although I'm not exactly sure why, this is the solution that worked for me:
If the user is on iOS:
history.go(-2)
If not:
history.go(-1)
I faced a similar issue on an e-commerce site I have been building for one of my customers. I initially went the route of calling:
window.history.back();
when the button was clicked. I encountered the same problem you are having with cross compatibility issues.
To answer you question about
If it's not possible, is there any other way using PHP etc?
My opinion is you should not invoke a method on the server to do a client operation. This is unnecessary overhead on your app and in my opinion, poor design/implementation.
Now to answer your main question:
Is there a way to make it work on all of the systems/browsers (cross-browser/platform)?
To solve the issue I found a client cookie library produced by Mozilla (https://developer.mozilla.org/en-US/docs/Web/API/Document/cookie) from another StackOverflow post (my apologies to the author - I don't have the link to your post).
Using the library I create a cookie with a key of 'back-url' when the user navigates to the part of my app where I want them to be able to go back:
$('#id-of-button-clicked').click(function() {
docCookies.setItem("back-url", window.location.href, ".myDomain.com", "/");
});
This code sets a cookie with a key-value pair 'back-url', and the current url and makes it accessible from the root directory of myDomain.com.
Next, on the page where I want the user to be able to navigate back to the URL set in the cookie, I call the following code:
$(‘#id-of-back-button’).click(function() {
window.location.href = docCookies.getItem('back-url');
});
This code sets the window location by getting the value of 'back-url'.
Disclaimer: I am no professional js developer - just trying to put in my two cents from some lessons I have learned.
Challenges to this answer:
This answer uses cookies, many people don't like the use of cookies. My customers requirements allow me to use cookies.
I'm not encrypting the cookie - some may consider this bad practice. I am still in the early implementation phase of our development. I am, however, restricting access to the cookie to only within our domain.
I am trying to install ReCaptcha into the user registration of Joomla 1.5. This may just be an issue with Joomla but when i hit register nothing happens. I think it's doing some JavaScript form validation but there is nothing telling the user what went wrong. if, God forbid, they do fill out the form correctly Joomla will redirect the user to the homepage and give no notice of success.
Is this a Joomla issue or is there something wrong with my install? Does anyone know of a plug-in or module for Joomla that would make this easier?
Thanks in advance,
Samuel
UPDATE: Joomla does a lot of "stuff"/"something" to the $_POST and $_GET variables which was causing the reCaptcha to not function. This was for work which is past so I am not spending anymore time on it. Shameless Plug: use wordpress instead.
this can be closed as I don't have time to verify which answer works
Are you sure you tried all reCaptcha plugins for Joomla? There are plenty:
http://extensions.joomla.org/extensions/search/reCaptcha
Make sure your template contains the message tag to display messages to the user regarding successful or unsuccessful registrations (among other things!)
http://docs.joomla.org/Jdoc_statements
Are you sure that no error is displayed ? Iam using it with some php applications, the error is inside the "BOX".
Try the community builder component, module.
If by 'nothing happens' you mean the visitor stays on the registration page and doesn't advance, check the JavaScript error log for your browser and ensure that a fatal error isn't keeping the form from being submitted. If you mean that the page does advance and the result is a completely blank page, there may be a PHP error being encountered, and you have errors not being publicly displayed. Log into the hosting server and look at the PHP log to see if there's any fatal errors showing up.
I strongly recommend using mollom/moovum. It works with registration and the beautiful thing is that you don't have to hack any files while users will only notice your protection if there is doubt or spam.
Joomla does a lot of "stuff"/"something" to the $_POST and $_GET variables which was causing the reCaptcha to not function. This was for work which is past so I am not spending anymore time on it.
using wordpress from now on.