Search Results

Search found 15797 results on 632 pages for 'session variables'.

Page 16/632 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • Proper way to configure ~/.Xsession with a standalone window manager to gracefully end a session

    - by cYrus
    I'm using xdm and my ~/.Xsession looks like this: # <initialization stuff here> exec openbox It works, but I've noticed that when I log out Openbox doesn't gracefully kill all the applications. In particular Google Chrome complains about that. How can I make sure to wait for all processes to exit (just like others configurations: Gnome, KDE, Windows ...)? The only (ugly) solution that I've found involves sleep and kill into ~/.Xsession.

    Read the article

  • Tricking Linux apps about current time with environment variables

    - by geek
    Sometimes it is possible to trick a Linux app by calling it like this: HOME=/tmp/foo myapp This would make myapp think /tmp/foo is the home directory, it won't try to get the user id, find its home directory via getpwent(). This is useful when myapp must be forced to dump some of its config files into a non-standard location different than ~. A similar trick can be done like this: LANG=foo LC_ALL=bar myapp This is useful when myapp needs to be called once with a different locale without having to make the change persistent by using the export bash built-in or even modify stuff in /etc/profile. Is it possible to pull the same trick with time and date? The goal is to make an app use another time than the system ones. The final goal - to make timestamps that appear in logs/commit messages not being tied to the system time.

    Read the article

  • ASP.NET MVC Session Expiration

    - by Andrew Flanagan
    We have an internal ASP.NET MVC application that requires a logon. Log on works great and does what's expected. We have a session expiration of 15 minutes. After sitting on a single page for that period of time, the user has lost the session. If they attempt to refresh the current page or browse to another, they will get a log on page. We keep their request stored so once they've logged in they can continue on to the page that they've requested. This works great. However, my issue is that on some pages there are AJAX calls. For example, they may fill out part of a form, wander off and let their session expire. When they come back, the screen is still displayed. If they simply fill in a box (which will make an AJAX call) the AJAX call will return the Logon page (inside of whatever div the AJAX should have simply returned the actual results). This looks horrible. I think that the solution is to make the page itself expire (so that when a session is terminated, they automatically are returned to the logon screen without any action by them). However, I'm wondering if there are opinions/ideas on how best to implement this specifically in regards to best practices in ASP.NET MVC.

    Read the article

  • Checking if a session is active

    - by Josh
    I am building a captcha class. I need to store the generated code in a PHP session. This is my code so far: <?php class captcha { private $rndStr; private $length; function generateCode($length = 5) { $this->length = $length; $this->rndStr = md5(time() . rand(1, 1000)); $this->rndStr = substr($rndStr, 0, $this->length); return $rndStr; if(session_id() != '') { return "session active"; } else { return "no session active"; } } } ?> And using this code to check: <?php include('captcha.class.php'); session_start(); $obj = new captcha(); echo $obj->generateCode(); ?> But it doesn't output anything to the page, not even a PHP error. Does someone know why this is? And is there a better way I can check if I've started a session using session_start()? Thanks.

    Read the article

  • User roles - why not store in session?

    - by Phil
    I'm porting an ASP.NET application to MVC and need to store two items relating to an authenitcated user: a list of roles and a list of visible item IDs, to determine what the user can or cannot see. We've used WSE with a web service in the past and this made things unbelievably complex and impossible to debug properly. Now we're ditching the web service I was looking foward to drastically simplifying the solution simply to store these things in the session. A colleague suggested using the roles and membership providers but on looking into this I've found a number of problems: a) It suffers from similar but different problems to WSE in that it has to be used in a very constrained way maing it tricky even to write tests; b) The only caching option for the RolesProvider is based on cookies which we've rejected on security grounds; c) It introduces no end of complications and extra unwanted baggage; All we want to do, in a nutshell, is store two string variables in a user's session or something equivalent in a secure way and refer to them when we need to. What seems to be a ten minute job has so far taken several days of investigation and to compound the problem we have now discovered that session IDs can apparently be faked, see http://blogs.sans.org/appsecstreetfighter/2009/06/14/session-attacks-and-aspnet-part-1/ I'm left thinking there is no easy way to do this very simple job, but I find that impossible to believe. Could anyone: a) provide simple information on how to make ASP.NET MVC sessions secure as I always believed they were? b) suggest another simple way to store these two string variables for a logged in user's roles etc. without having to replace one complex nightmare with another as described above? Thank you.

    Read the article

  • Rails 2.3 session

    - by Sam Kong
    Hi, I am developing a rails 2.3.2 app. I need to keep session_id for an order record, retrieve it and finally delete the session_id when the order is completed. It worked when I used cookies as session store but it doesn't for active_record store. (I restarted my browser, so no cache issue.) I know rails 2.3 implements lazy session load. I read some info about it but am still confused. Can somebody clarify how I use session_id for such a case? What I am doing is... A user make an order going through several pages. There is no sign-up, neither login. So I keep session_id in the order record so that no other user can access the order. @order = Order.last :conditions = {:id = params[:id], :session_id = session[:session_id] } When the order is finished, I set nil to session_id column. How would you implement such a case in lazy session(and active_record store) environment? Thanks. Sam

    Read the article

  • "Session is Closed!" - NHibernate

    - by Alexis Abril
    This is in a web application environment: An initial request is able to successfully complete, however any additional requests return a "Session is Closed" response from the NHibernate framework. I'm using a HttpModule approach with the following code: public class MyHttpModule : IHttpModule { public void Init(HttpApplication context) { context.EndRequest += ApplicationEndRequest; context.BeginRequest += ApplicationBeginRequest; } public void ApplicationBeginRequest(object sender, EventArgs e) { CurrentSessionContext.Bind(SessionFactory.Instance.OpenSession()); } public void ApplicationEndRequest(object sender, EventArgs e) { ISession currentSession = CurrentSessionContext.Unbind( SessionFactory.Instance); currentSession.Dispose(); } public void Dispose() { } } SessionFactory.Instance is my singleton implementation, using FluentNHibernate to return an ISessionFactory object. In my repository class, I attempt to use the following syntax: public class MyObjectRepository : IMyObjectRepository { public MyObject GetByID(int id) { using (ISession session = SessionFactory.Instance.GetCurrentSession()) return session.Get<MyObject>(id); } } This allows code in the application to be called as such: IMyObjectRepository repo = new MyObjectRepository(); MyObject obj = repo.GetByID(1); I have a suspicion my repository code is to blame, but I'm not 100% sure on the actual implementation I should be using. I found a similar issue on SO here. I too am using WebSessionContext in my implementation, however, no solution was provided other than writing a custom SessionManager. For simple CRUD operations, is a custom session provider required apart from the built in tools(ie WebSessionContext)?

    Read the article

  • PHP does not store all variables in session

    - by Flurin Juvalta
    Dear all I'm assigning session variables by filling the $_SESSION - Array throughout my script. My problem is, that for some reason not all variables are available in the session. here is a shortened version of my code for explaining this issue: session_start(); print_r($_SESSION); $_SESSION['lang'] = 'de'; $_SESSION['location_id'] = 11; $_SESSION['region_id'] = 1; $_SESSION['userid'] = 'eccbc87e4b5ce2fe28308fd9f2a7baf3'; $_SESSION['hash'] = 'dce57f1e3bc6fba32afab93b0c38b662'; print_r($_SESSION); first call prints something like this: Array ( ) Array ( [lang] => de [location_id] => 11 [region_id] => 1 [userid] => eccbc87e4b5ce2fe28308fd9f2a7baf3 [hash] => dce57f1e3bc6fba32afab93b0c38b662 ) the second call prints: Array ( [lang] => de [location_id] => 11 [region_id] => 1 ) Array ( [lang] => de [location_id] => 11 [region_id] => 1 [userid] => eccbc87e4b5ce2fe28308fd9f2a7baf3 [hash] => dce57f1e3bc6fba32afab93b0c38b662 ) As you can see, the important login information is not stored in the session. Does anybody has an idea what could be wrong with my session? Thanks for your answers!

    Read the article

  • ASP.Net Session Storage provider in 3-layer architecture

    - by Tedd Hansen
    I'm implementing a custom session storage provider in ASP.Net. We have a strict 3-layer architecture and therefore the session storage needs to go through the business layer. Presentation-Business-Database. The business layer is accessed through WPF. The database is MSSQL. What I need is (in order of preference): A commercial/free/open source product that solves this. The source code of a SqlSessionStateStore (custom session store) (not the ODBC-sample on MSDN) that I can modify to use a middle layer. I've tried looking at .Net source through Reflector, but the code is not usable. Note: I understand how to do this. I am looking for working samples, preferably that has been proven to work fine under heavy load. The ODBC sample on MSDN doesn't use the (new?) stored procs that the build in SqlSessionStateStore uses - I'd like to use these if possible (decreases traffic). Edit1: To answer Simons question on more info: ASP.Net Session()-object can be stored in either InProc, ASP.Net State Service or SQL-server. In a secure 3-layer model the presentation layer (web server) does not have direct/physical access to the database layer (SQL-server). And even without the physical limitations, from an architectural standpoint you may not want this. InProc and ASP.Net State Service does not support load balancing and doesn't have fault tolerance. Therefore the only option is to access SQL through webservice middle layer (business layer).

    Read the article

  • Codeigniter Inputting session data from model for a simple authentication system

    - by user1616244
    Trying to put together a simple login authentication. Been at this for quite sometime, and I can't find where I'm going wrong. Pretty new to Codeigniter and OOP PHP. I know there are authentication libraries out there, but I'm not interested in using those. Model: function login($username, $password){ if ($this->db->table_exists($username)){ $this->db->where('username', $username); $this->db->where('password', $password); $query = $this->db->get($username); if($query->num_rows >= 1) { return true; $data = array( 'username' => $this->input->post('username'), 'login' => true ); $this->session->set_userdata($data); } } } Controller function __construct(){ parent::__construct(); $this->logincheck(); } public function logincheck(){ if ($this->session->userdata('login')){ redirect('/members'); } } If I just echo from the controller: $this-session-all_userdata(); I get an empty array. So the problem seems to be that the $data array in the model isn't being stored in the session.

    Read the article

  • CodeIgniter: Passing variables via URL - alternatives to using GET

    - by John Durrant
    I'm new to CodeIgniter and have just discovered the difficulties using the GET method of passing variables via the URL (e.g. domain.com/page.php?var1=1&var2=2). I gather that one approach is to pass the variables in the URI segments but haven't quite figured out how to do that yet as it seems to create the expectation of having a function in the controller named as the specific URI segment???? Anyway Instead of using GET I've decided to use POST by adapting a submit button (disguised as a link) with the variables in hidden input fields. I've created the following solution which seems to work fine, but am wondering whether I'm on the right track here or whether there is an easier way of passing variables via a link within CodeIgniter? I've created the following class in application/libraries/ <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); class C_variables { function variables_via_link($action, $link_text, $style, $link_data) { $attributes = array('style' => 'margin:0; padding:0; display: inline;'); echo form_open($action, $attributes); $attributes = array('class' => $style, 'name' => 'link'); echo form_submit($attributes, $link_text); foreach ($link_data as $key => $value){ echo form_hidden($key, $value); } echo form_close(); } } ?> With the following CSS: /* SUBMIT BUTTON AS LINK adapted from thread: http://forums.digitalpoint.com/showthread.php?t=403667 Cross browser support (apparently). */ .submit_as_link { background: transparent; border-top: 0; border-right: 0; border-bottom: 1px solid #00F; border-left: 0; color: #00F; display: inline; margin: 0; padding: 0; cursor: hand /* Added to show hand when hovering */ } *:first-child+html .submit_as_link { /* hack needed for IE 7 */ border-bottom: 0; text-decoration: underline; } * html .submit_as_link { /* hack needed for IE 5/6 */ border-bottom: 0; text-decoration: underline; } Link then created using the following code in the VIEW: <?php $link = new C_variables; $link_data=array('var1' => 1, 'var2' => 2); $link ->variables_via_link('destination_page', 'here is a link!', 'submit_as_link', $link_data); ?> Thanks for your help...

    Read the article

  • Python - Get Instance Variables

    - by Chris Bunch
    Is there a built-in method in Python to get an array of all a class' instance variables? For example, if I have this code: class hi: def __init__(self): self.ii = "foo" self.kk = "bar" Is there a way for me to do this: >>> mystery_method(hi) ["ii", "kk"] Thanks guys! Edit: I originally had asked for class variables erroneously. Thanks to all who brought this to my attention!

    Read the article

  • Creating AST for shared and local variables

    - by Rizwan Abbasi
    Here is my grammar grammar simulator; options { language = Java; output = AST; ASTLabelType=CommonTree; } //imaginary tokens tokens{ SHARED; LOCALS; BOOL; RANGE; ARRAY; } parse : declaration+ ; declaration :variables ; variables : locals ; locals : (bool | range | array) ; bool :ID 'in' '[' ID ',' ID ']' ('init' ID)? -> ^(BOOL ID ID ID ID?) ; range : ID 'in' '[' INT '..' INT ']' ('init' INT)? -> ^(RANGE ID INT INT INT?) ; array :ID 'in' 'array' 'of' '[' INT '..' INT ']' ('init' INT)? -> ^(ARRAY ID INT INT INT?) ; ID : (('a'..'z' | 'A'..'Z'|'_')('a'..'z' | 'A'..'Z'|'0'..'9'|'_'))* ; INT : ('0'..'9')+ ; WHITESPACE : ('\t' | ' ' | '\r' | '\n' | '\u000C')+ {$channel = HIDDEN;} ; INPUT flag in [down, up] init down pc in [0..7] init 0 CA in array of [0..5] init 0 AST It is having a small problem. Variables (bool, range or array) can be of two abstract types 1. locals (each object will have it's own variable) 2. shared (think of static in java, same for all object) Now the requirements are changed. I want the user to input like this NEW INPUT domains: upDown [up,down] possibleStates [0-7] booleans [true,false] locals: pc in possibleStates init 0 flag in upDown init down flag1 in upDown init down map in array of booleans init false shared: pcs in possibleStates init 0 flag in upDown init down flag1 in upDown init down maps in array of booleans init false Again, all the variables can be of two types (of any domain sepecified) 1. Local 2. Shared In Domains: upDown [up,down] possibleStates [0-7] upDown, up, down and possibleStates are of type ID (ID is defined in my above grammar), 0 and 7 are of type INT Can any body help me how to convert my current grammar to meet new specifications.

    Read the article

  • Pass PHP variables without being seen when working with a database generated list

    - by Wilcoholic
    Looking for any help regarding the problem. Here's the deal: I have a database that has a teams table and it contains team_id. On one of my pages, I generate a list of links that contain the team_id of the creator in their get URL. I need the team_id on the next page but can't figure out how to pass it through any other way. Using a form and POST isn't an option because this method would only pass through the last links data on the list. Storing in a session isn't an option either because there is no way to discretely pass the the variables I need to a function to set the session variables. I have tried and it can pretty easily be viewed from viewing the source code. So here's some sample code to see exactly what I'm dealing with. <? if(mysql_num_rows($result2)>0){ ?> <a class="fltrt btn btn-danger btn-small" onclick="test()" href="acceptmatch-exec.php?match_id=<?php echo $match_id; ?>&team_id=<?php echo $team_id;?>&action=cancel">Cancel Match</a> <?}else{?> <a class="fltrt btn btn-success btn-small" href="acceptmatch-exec.php?match_id=<?php echo $match_id; ?>&team_id=<?php echo $team_id;?>&action=accept">Accept Match</a> <?} ?> The code above is generated multiple times on a page via a while loop that was excluded. I want to pass the match_id and team_id variables without being seen anywhere. If I made this a form, it wouldn't pass the correct variables unless there is only one result at the time (not likely). I'm sure there has to be an easy method that is eluding me, so please share thoughts on how to solve this. I feel as though I am not explaining it well enough, but it's not really easy to explain. I basically want something that works like GET but acts like POST and can be hidden from people viewing source code or link locations. Thanks

    Read the article

  • Session and Pop Up Window

    - by imran_ku07
     Introduction :        Session is the secure state management. It allows the user to store their information in one page and access in another page. Also it is so much powerful that store any type of object. Every user's session is identified by their cookie, which client presents to server. But unfortunately when you open a new pop up window, this cookie is not post to server with request, due to which server is unable to identify the session data for current user.         In this Article i will show you how to handle this situation,  Description :         During working in a application, i was getting an Exception saying that Session is null, when a pop window opens. After seeing the problem more closely i found that ASP.NET_SessionId cookie for parent page is not post in cookie header of child (popup) window.         Therefore for making session present in both parent and child (popup) window, you have to present same cookie. For cookie sharing i passed parent SessionID in query string,   window.open('http://abc.com/s.aspx?SASID=" & Session.SessionID &','V');           and in Application_PostMapRequestHandler application Event, check if the current request has no ASP.NET_SessionId cookie and SASID query string is not null then add this cookie to Request before Session is acquired, so that Session data remain same for both parent and popup window.    Private Sub Application_PostMapRequestHandler(ByVal sender As Object, ByVal e As EventArgs)           If (Request.Cookies("ASP.NET_SessionId") Is Nothing) AndAlso (Request.QueryString("SASID") IsNot Nothing) Then               Request.Cookies.Add(New HttpCookie("ASP.NET_SessionId", Request.QueryString("SASID")))           End If       End Sub           Now access Session in your parent and child window without any problem. How this works :          ASP.NET (both Web Form or MVC) uses a cookie (ASP.NET_SessionId) to identify the user who is requesting. Cookies are may be persistent (saved permanently in user cookies ) or non-persistent (saved temporary in browser memory). ASP.NET_SessionId cookie saved as non-persistent. This means that if the user closes the browser, the cookie is immediately removed. This is a sensible step that ensures security. That's why ASP.NET unable to identify that the request is coming from the same user. Therefore every browser instance get it's own ASP.NET_SessionId. To resolve this you need to present the same parent ASP.NET_SessionId cookie to the server when open a popup window.           You can confirm this situation by using some tools like Firebug, Fiddler,  Summary :          Hopefully you will enjoy after reading this article, by seeing that how to workaround the problem of sharing Session between different browser instances by sharing their Session identifier Cookie.

    Read the article

  • PayPal IPN - having trouble accessing session data?

    - by Martin Bean
    Hello, all. I'm having issues with PayPal IPN integration where it seems I cannot get my solution to read session variables. Basically, in my shop module script, I store the customer's details as provided by PayPal to an orders table. However, I also wish to save products ordered in a transaction to a separate table linked by the order ID. However, it's the second part of the script that's not working, where I loop through the products in the session and then save them to the orders_products table. Is there a reason why the session data not being read? The code within shop.php is as follows: if ($paypal->validate_ipn()) { $name = $paypal->ipn_data['address_name']; $street_1 = $paypal->ipn_data['address_street']; $street_2 = ""; $city = $paypal->ipn_data['address_city']; $state = $paypal->ipn_data['address_state']; $zip = $paypal->ipn_data['address_zip']; $country = $paypal->ipn_data['address_country']; $txn_id = $paypal->ipn_data['txn_id']; $sql = "INSERT INTO orders (name, street_1, street_2, city, state, zip, country, txn_id) VALUES (:name, :street_1, :street_2, :city, :state, :zip, :country, :txn_id)"; $smt = $this->pdo->prepare($sql); $smt->bindParam(':name', $name, PDO::PARAM_STR); $smt->bindParam(':street_1', $street_1, PDO::PARAM_STR); $smt->bindParam(':street_2', $street_2, PDO::PARAM_STR); $smt->bindParam(':city', $city, PDO::PARAM_STR); $smt->bindParam(':state', $state, PDO::PARAM_STR); $smt->bindParam(':zip', $zip, PDO::PARAM_STR); $smt->bindParam(':country', $country, PDO::PARAM_STR); $smt->bindParam(':txn_id', $txn_id, PDO::PARAM_INT); $smt->execute(); // save products to orders relationship $order_id = $this->pdo->lastInsertId(); // $cart = $this->session->get('cart'); $cart = $this->session->get('cart'); foreach ($cart as $product_id => $item) { $quantity = $item['quantity']; $sql = "INSERT INTO orders_products (order_id, product_id, quantity) VALUES ('$order_id', '$product_id', '$quantity')"; $res = $this->pdo->query($sql); } $this->session->del('cart'); mail('[email protected]', 'IPN result', 'IPN was successful on wrestling-wear.com'); } else { mail('[email protected]', 'IPN result', 'IPN failed on wrestling-wear.com'); } And I'm using the PayPal IPN class for PHP as found here: http://www.micahcarrick.com/04-19-2005/php-paypal-ipn-integration-class.html, but the contents of the validate_ipn() method is as follows: public function validate_ipn() { $url_parsed = parse_url($this->paypal_url); $post_string = ''; foreach ($_POST as $field => $value) { $this->ipn_data[$field] = $value; $post_string.= $field.'='.urlencode(stripslashes($value)).'&'; } $post_string.= "cmd=_notify-validate"; // append IPN command // open the connection to PayPal $fp = fsockopen($url_parsed[host], "80", $err_num, $err_str, 30); if (!$fp) { // could not open the connection. If logging is on, the error message will be in the log $this->last_error = "fsockopen error no. $errnum: $errstr"; $this->log_ipn_results(false); return false; } else { // post the data back to PayPal fputs($fp, "POST $url_parsed[path] HTTP/1.1\r\n"); fputs($fp, "Host: $url_parsed[host]\r\n"); fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n"); fputs($fp, "Content-length: ".strlen($post_string)."\r\n"); fputs($fp, "Connection: close\r\n\r\n"); fputs($fp, $post_string . "\r\n\r\n"); // loop through the response from the server and append to variable while (!feof($fp)) { $this->ipn_response.= fgets($fp, 1024); } fclose($fp); // close connection } if (eregi("VERIFIED", $this->ipn_response)) { // valid IPN transaction $this->log_ipn_results(true); return true; } else { // invalid IPN transaction; check the log for details $this->last_error = 'IPN Validation Failed.'; $this->log_ipn_results(false); return false; } }

    Read the article

  • PHP Session when using desktop app

    - by Jonathan
    In this question I asked how to POST to a php file form a vb.net app: http://stackoverflow.com/questions/2615335/post-to-webpage-in-vb-net-win-forms-desktop-not-asp-net So now I've logged in the user user by posting their username and password to the php file, the php file then does security/checks they exist/etc and if both username and password are correct is stores the user ID in a session variable. Now if the vb.net app tries to download data off a page which needs the user to logged in, it checks this by doing: if (!isset($_SESSION['uid'])) { header("Location: index.php"); } However after having logged correctly in the app the session variable is not set. How does session work with a vb.net app like this? When the user logs in successfully should I download the user id and keep it in the vb.net app and then post it to each page that requires authentication?

    Read the article

  • PHP session starter detect for visitor counting

    - by zapping
    Is there a way to find out on session being started. Like for instance the session start event in the global.ascx file of .net. The requirement is to find the no. of visits the user has done on the site. Instead of checking each time during posts or gets to the server. Is there something in php to find out if the session is a new one. Zen framework is also used for the app.

    Read the article

  • Rails session cookie not getting set

    - by bwizzy
    I have a rails app that is a CMS that uses dynamic subdomains for each site. For some reason when I deployed to production the session cookie is not getting set. I'm thinking this is leading to the "Invalid Authenticity Token" errors that are being thrown everywhere. I have my production.rb setup so that I can share sessions across subdomains. What could be going wrong that the cookie isn't being set at all? #production.rb config.action_controller.session[:domain] = '.domain.com' #environment.rb config.action_controller.session = { :session_key => '_app_session', :secret => '.... nums and chars .....' }

    Read the article

  • PHP Session Cookies fail with users changing IP

    - by Columbo
    Hello, I have a login script for a small application that works by storing session cookies and checking them on each page to make sure the user is logged in. One of the two users who uses the system keeps getting logged out randomly. This appears to be down to the session cookie that shows then authenticated no longer being present. After a lot of investigation the only thing I can see that is different about this user is that their IP address is changing (today it was changing every hour (their on Sky)). The only thing is the change of IP address has happened 5 times this morning and only once has the user been logged off. Has anyone had a similar issue? Are session cookies in someway tied to IP addresses? Any help or links much appreciated. Thanks C

    Read the article

  • Maintaining session across relay domain?

    - by Steffen
    I'm building a payment page in asp.net, however the page where you order your items is run in HTTP (non-secure) on my domain. When redirecting the user to the payment site, I have to go through a different domain (my payment provider, from whom I borrow the SSL certificate), so my payment url ends up like https://www.paymentprovider.com/somescript.cgi/www.mydomain.com/mypaymentpage.aspx Now the problem is my session is lost, but I store the order in session, so I desperately needs it. Can I somehow send the SessionID in querystring, and restore the session from it - or do I need to stuff the entire order into querystring ? (Not too certain it'll fit though, it's rather long) Any help will be highly appreciated :-)

    Read the article

  • Securely persist session between https://secure.yourname.com and http://www.yourname.com on rails ap

    - by Matt
    My rails site posts to a secure host (e.g. 'https://secure.yourname.com') when the user logs into the site. Session data is stored in the database, with the cookie containing only the session ID. The problem is that when the user returns to a non-https page, such as the home page (e.g. 'http://www.yourname.com') the user appears to have logged out. I believe the reason for this is that a separate cookie is stored for each host (www vs. secure). Is this correct? What is the best secure way to persist the session between both the http and https sections of the site? Does anyone know of any plugins that address this problem? The site runs on Heroku.

    Read the article

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >