cancel
Showing results for 
Search instead for 
Did you mean: 

Sessions Problem since CGI upgrade

netman
Grafter
Posts: 27
Registered: ‎10-08-2007

Re: Sessions Problem since CGI upgrade

Thanks to Tonyr and Skysurfer for there help in sorting the SESSION path out.
All I need to do now is get the security images working which will not pass the alpha/numeric string over.
Does anyone know as I don't want to remove the security images as the SPAMMERS come through thick and fast with their obscence emails.
My site is www.netman.plus.com
Many thanks in advance
Netman
Gabe
Grafter
Posts: 767
Registered: ‎29-10-2008

Re: Sessions Problem since CGI upgrade

Short note on methods for setting session.save_path
As you'll have gathered, there's a couple of places you can set the session.save_path: in a custom php.ini or at runtime using ini_set().
If you also want/need to set directives that can't be set at runtime (like register_globals), then php.ini is the way to go; otherwise it's either.
To use the runtime method, you need to edit all .php files that use sessions (unless you already include something else at the top of each page). To use the php.ini method, you need to place a custom php.ini file in each folder where you have .php files or <a href="http://community.plus.net/forum/index.php/topic,84267.msg696736.html#msg696736">a symlink to a single custom php.ini</a>, or use <a href="http://community.plus.net/forum/index.php/topic,84267.msg697776.html#msg697776">a wrapper method</a>.
Short recap for historians: On the test version of this platform, the session.save_path was set to the Debian default of /var/lib/php5, but it was not shared and those of us who were testing it failed to notice, partly because there was another sharing snafu which masked it and partly because some of us had already set our own session.save_path. When the platform went live, the problem was soon <a href="http://community.plus.net/forum/index.php/topic,84409.msg696784.html">picked up and as a quick fix Plusnet switched the session.save_path to /tmp</a>, which is shared but problematic. Previously, I'd posted <a href="http://community.plus.net/forum/index.php/topic,83568.msg696223.html#msg696223">a custom php.ini</a> to help with particular problems and it eventually occurred to me that if anyone was using this with sessions but without changing the session.save_path to /tmp or their own folder, it would cause problems. Of course, as soon as I posted that, <a href="http://community.plus.net/forum/index.php/topic,84544.msg698512.html#msg698512">the /tmp became unuseable</a> ::). With any luck this will get fixed soon, but for security the recommendation would be to set your own session.save_path any way.
It might be worth mentioning that with PHP 5, sessions can be stored using SQLite - not everyone's cup of tea, but can be useful.
Gabe
Gabe
Grafter
Posts: 767
Registered: ‎29-10-2008

Re: Sessions Problem since CGI upgrade

Hi Netman,
Glad you were able to fix the sessions problem. Can you give more detail on your security_picture problem? Does your form return what you expect from the code input?
Gabe
barnyandpippa
Rising Star
Posts: 106
Thanks: 6
Fixes: 1
Registered: ‎05-10-2007

Re: Sessions Problem since CGI upgrade

It's a good thing there are some clued up members out there and thanks to those who have donated their time to help fellow paying customers of a commercial company.
The clerks who answer the tickets (can't bring myself to call any of it support) clearly don't know who has been fiddling with what.
Imagine if your electricity supplier halved the voltage and then told you it wasn't their responsibility and that you had to go and ask someone else who'd had the same problem created for them and that the answer was to buy new appliances.
Here's a useful link that anyone at PN might like to have a look at: http://en.wikipedia.org/wiki/Customer. Within the page there's a link to customer service but you need to be a bit more mature before you look at that - you have to be able to walk before you can run.
johntrimming
Newbie
Posts: 7
Registered: ‎14-02-2010

Re: Sessions Problem since CGI upgrade

Thank you SO much for this advice... I have no knowledge about PHP whatsoever (microsoft background... sorry for swearing...) but have managed to get my CMSMS installation back on course again with these tips....