I have a session variable that I set like this:
<?php
$token = md5(uniqid(rand(), true));
session_start();
$_SESSION['token'] = $token;
print $_SESSION['token'];
?>
Then on another page I have this:
<?php
session_start();
print $_SESSION['token'];
?>
The problem is that they don't match. I get two completely different strings. register_globals is off. I did notice that when I set md5(....) to a constant string eg: md5('example') that it works as expected and the two strings match. But that shouldn't matter. Any ideas on what's going on here?
EDIT: Apache Acces Log:
127.0.0.1 - - [18/Sep/2010:17:46:09 -0500] "GET /index.php HTTP/1.1" 200 3182 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_4; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.59 Safari/534.3"
127.0.0.1 - - [18/Sep/2010:17:46:09 -0500] "GET /style/style.css HTTP/1.1" 304 - "http://cmb.local:8888/index.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_4; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.59 Safari/534.3"
127.0.0.1 - - [18/Sep/2010:17:46:09 -0500] "GET /js/signup.js HTTP/1.1" 304 - "http://cmb.local:8888/index.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_4; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.59 Safari/534.3"
127.0.0.1 - - [18/Sep/2010:17:46:09 -0500] "GET /index.php HTTP/1.1" 200 3182 "http://cmb.local:8888/index.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_4; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.59 Safari/534.3"
127.0.0.1 - - [18/Sep/2010:17:46:10 -0500] "GET /index.php HTTP/1.1" 200 3182 "http://cmb.local:8888/index.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_4; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.59 Safari/534.3"
I'm not quite sure how to read that but it looks to me that my file (index.php which I assume is the '/') is being called three times. Am I reading that right? What's going on there?
Completely stupid mistake on my part. I had some empty <img> tags in there that were causing the extra requests. facepalm Sorry everyone, problem solved. Thanks for your help!!
The only solution I can think of is that you are making a second request to the first page without knowing it. You should probably check your apache access log for this second access...
Making a simple request counter would be another solution to check this:
$_SESSION['counter'] = isset($_SESSION['counter'])? $_SESSION['counter'] +1 : 0;
You will notice that every time you revisit the first page, your session variable will change. Since it works for a constant string, 'example', I will assume that you revisit page 1 to view what is stored there.
A fix could be checking to ensure that that session variable is not set before you set it again.
i.e.
<?php
session_start();
if(!empty($_SESSION['token'])){
$token = md5(uniqid(rand(), true));
$_SESSION['token'] = $token;
}
print $_SESSION['token'];
?>
This chunk of code should work as expected.
Looks weird. That first chunk of code that resets the token must have been run again somehow.
Related
I am trying to deploy a Laravel app to Heroku with Heroku Postgress. When I deploy however, error debug pages do not seem to load any CSS or JS, making it almost impossible to extract the info I need from the error page effectively. My browser dev tool only shows an error such as
Firefox
Loading failed for the <script> with source “blob:https://...
Chrome
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
The network tool also tells me the only data coming is the HTML from the 500 response in this case.
I have made sure APP_DEBUG is true, APP_ENV is set to development and other essential variables are set. The error page looks fine when running locally and the app works fine when deployed other than the errors I need the debug page for to begin with.
here is the Procfile:
web: vendor/bin/heroku-php-apache2 public/
The console (censored and not including the trace from the error causing the page to be displayed in the first place):
2020-08-12T09:10:18.108148+00:00 app[web.1]: xxx - - [12/Aug/2020:09:10:17 +0000] "GET /xxx/1/xxx/create HTTP/1.1" 500 973197 "https://xxx.herokuapp.com/xxx/1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0
2020-08-12T09:10:18.401914+00:00 app[web.1]: xxx - - [12/Aug/2020:09:10:18 +0000] "GET /favicon.ico HTTP/1.1" 200 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0
You may have misconfigured the Procfile and that is causing 500 error.
Attach the Procfile and the error from the console so that we could understand it more.
I stumbled across an issue while setting up LDAP for Dokuwiki using the authldap plugin. I run dokuwiki with php7.2 on Ubuntu 18.4 and have windows server 2016 as an active directory controller.
I have several services running that sucessfully use LDAP and i can use the tool "ldapsearch" to contact the Active directory host from the command line of the same machine that runs dokuwiki. Thus I assume that at least the connection should be alright.
So far I narrowed it down to the ldap_connect(server,port) method in the file /lib/plugins/authldap/auth.php
$this->con = #ldap_connect($server, $port);
This call returns -1 . An echo of $server and $port show the correct ip address and port.
I've run out of ideas how to debug this issue and would be very thankful for suggestions.
Thanks & greetings
[Update]
Upon suggestion I removed the silence flag. I could not find changes in any log giving further hints.
I have another log I havent properly looked at:
192.168.4.103 - - [06/Jan/2019:15:51:15 +0000] "POST /dokuwiki/doku.php?id=start&do=login§ok= HTTP/1.0" 403 11344 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36"
192.168.4.103 - - [06/Jan/2019:15:51:15 +0000] "GET /dokuwiki/lib/exe/indexer.php?id=start&1546789875 HTTP/1.0" 200 42 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36"
For me this looks like there was a sucessful request (http code 200), followed by a 403, suggesting that this action was forbidden.
I assume this is a default answer due to the failed ldap_connect
i can't open one php script on my virtual ubuntu 12.04 lamp server, i tried at an online host and it works fine but at home didn't work.
what i already did:
i intall php 5.4 like the online host
change permisions on folder
change user folder
install php 7 (but the scripts tell php 5.4-5.5)
and i get this error page when i try to open: The requested URL /loja/login was not found on this server.
and the log apache tell :
[client 192.168.0.10] File does not exist: /var/www/script/login
"GET /loja/ HTTP/1.1" 307 769 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"
192.168.0.10 - - [02/Apr/2017:00:12:23 -0300] "GET /loja/login HTTP/1.1" 404 502 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36""
what is wrong on my lamp server? onlines hosts works very well.
the script: https://mega.nz/#!dpskSCDS!vmlxWXVjByV67wv41DO8MqDMPgfjBpxxj_p7uoxmfjQ
Hi please add your php files on your htdocs folder it's /opt/lampp/htdocs
also do this
This will change the ownership of the /opt/lampp/htdocs/ to you:
sudo chown username:groupname /opt/lampp/htdocs
Example : (My username is test and my group name is also test)
sudo chown test:test /opt/lampp htdocs
This will change the folder's permissions to be read, write and executed by you:
sudo chmod 777 /opt/lampp/htdocs
I have bumped with weird problem and have no clue what happens and what is wrong. Website built in on CI platform. My CI uses table sessions and here is config
$config['sess_cookie_name'] = 'pi_session'.md5(date('mdY'));
$config['sess_expiration'] = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie'] = FALSE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update'] = 7200;
It worked well all the time but recently I suddenly couldn't login into admin area in FF. But all work well on localhost sever in the same browser. In Chrome I can login from both remote and localhost. But other guy told me that he can login in FF but can't in Chrome.
When I load login page on remote server in FF it creates 2 records in the ci_sessions table instead of one, the same action in Chrome creates 1 record only and login option work well.
61a182973989856167cfa945519705ed 12.68.11.93 Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 1489174945
66fc8c300986a83eb58514a6aafef360 12.68.11.93 Mozilla/5.0 (Windows NT 10.0; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0 1489174908
bbc0c642bd0049d3bc4d663ea94273db 12.68.11.93 Mozilla/5.0 (Windows NT 10.0; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0 1489174907
The first record is when I opened page in chrome, 2-3 I opened page in FF. What a?
I am very new to wordpress. I have installed wordpress successfully but when I am trying to do view sites than it is leading me to wordpress directory structure even though I have hello word post.
This click is generating below get request --
127.0.0.1 - - [13/May/2013:17:32:58 +0530] "GET /wordpress/ HTTP/1.1" 200 1272 "http://gpwp/wordpress/wp-admin/edit.php?post_status=publish&post_type=post" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0"
I am not getting any error at apache_error log.My .htaccess file is blank.
Please help me to resolve this.
Thanks