info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
A project involing sessions
7 views
Skip to first unread message
The Doctor
Sep 10, 2015, 10:25:05 PM9/10/15
to
For about 6 months this has been stomping me.
Now repeat the assignment from the previous project, only this time, instead of cookies use sessions. Since sessions are being used, it is unnecessary to have the seven day limit from the previous assignment. However users should only be able to download the file once per session.
My index.php is
<?php
#start the session before any output
session_start();
echo "<pre>";
print_r($_SESSION);
echo "</pre>";
require($_SERVER['DOCUMENT_ROOT']."/template_top.inc");
$regex_for_compatible_browser = "^(.*indows.*irefox.*)||(.*ac.*irefox.*)||(.*msie.*indows.*)$";
$ua = $_SERVER['HTTP_USER_AGENT']."<br />";
if (!preg_match("/$regex_for_compatible_browser/i", $ua)){
echo '<a href="http://www.getfirefox.com/">You are on Windows or Mac, but you need Firefox.</a>';
}
$ip = $_SERVER['REMOTE_ADDR'];
$ipCheck = substr($ip,0,3);
if ($ipCheck == "202") {echo "Hacker IP; No access."; exit();}
if ($_SESSION['email']) {
echo $_SESSION['email'];
}
else {
$customer_email = $_SESSION['email'];
if (!($customer_email)) {
$customer_email = $_GET['email'];
}
?>
<form method="post" name="vnosnaForma" action="download.php">
<span id="new1Label">Enter Your e-mail: </span><input type="text"
size="25" name="email" value="<?php echo $_GET['email']; ?>">
<input type="submit" name="button" value="Download now!" />
<input type="hidden" name="check" value="1" />
<input type="text" name="downloaded" value="<?php
if (!($_GET['email'] || $_SESSION['email'])) {
echo "Please include your email address.";
} ?>"/>
</form>
<?php
}
if (!($_GET['email'])) {
$_SESSION['email'] = $customer_email;
}
require($_SERVER['DOCUMENT_ROOT']."/template_bottom.inc");
?>
And the download.php is
<?php
#start the session
session_start();
if
(isset
($_POST['check'])
AND
(isset($_POST['email']))
AND
(empty($_SESSION['email']))
)
{//user clicked form download button
$customer_email = $_SESSION['email'];
if (!($customer_email)) {
$customer_email = $_GET['email'];
//$customer_email = $_SESSION['email'];
}
//setcookie("sevendays", "email", time()+60*60*24*7);
$filepath = $_SERVER['DOCUMENT_ROOT']."/.php_files/acme_brochure.pdf";
if (file_exists($filepath)) {
header("Content-Type: application/force-download");
header("Content-Disposition:filename=\"brochure.pdf\"");
$fd = fopen($filepath,'rb');
fpassthru($fd);
fclose($fd);
if (!($_GET['email'])) {
#the customer wants us to remember him/her for next time
$_SESSION['email'] = $customer_email;
}
}
}//end isset(check)
?>
What is not happening given these 2 files?
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising!
http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism
Time for Stephen to move on on Oct 19 2015!!
Now repeat the assignment from the previous project, only this time, instead of cookies use sessions. Since sessions are being used, it is unnecessary to have the seven day limit from the previous assignment. However users should only be able to download the file once per session.
My index.php is
<?php
#start the session before any output
session_start();
echo "<pre>";
print_r($_SESSION);
echo "</pre>";
require($_SERVER['DOCUMENT_ROOT']."/template_top.inc");
$regex_for_compatible_browser = "^(.*indows.*irefox.*)||(.*ac.*irefox.*)||(.*msie.*indows.*)$";
$ua = $_SERVER['HTTP_USER_AGENT']."<br />";
if (!preg_match("/$regex_for_compatible_browser/i", $ua)){
echo '<a href="http://www.getfirefox.com/">You are on Windows or Mac, but you need Firefox.</a>';
}
$ip = $_SERVER['REMOTE_ADDR'];
$ipCheck = substr($ip,0,3);
if ($ipCheck == "202") {echo "Hacker IP; No access."; exit();}
if ($_SESSION['email']) {
echo $_SESSION['email'];
}
else {
$customer_email = $_SESSION['email'];
if (!($customer_email)) {
$customer_email = $_GET['email'];
}
?>
<form method="post" name="vnosnaForma" action="download.php">
<span id="new1Label">Enter Your e-mail: </span><input type="text"
size="25" name="email" value="<?php echo $_GET['email']; ?>">
<input type="submit" name="button" value="Download now!" />
<input type="hidden" name="check" value="1" />
<input type="text" name="downloaded" value="<?php
if (!($_GET['email'] || $_SESSION['email'])) {
echo "Please include your email address.";
} ?>"/>
</form>
<?php
}
if (!($_GET['email'])) {
$_SESSION['email'] = $customer_email;
}
require($_SERVER['DOCUMENT_ROOT']."/template_bottom.inc");
?>
And the download.php is
<?php
#start the session
session_start();
if
(isset
($_POST['check'])
AND
(isset($_POST['email']))
AND
(empty($_SESSION['email']))
)
{//user clicked form download button
$customer_email = $_SESSION['email'];
if (!($customer_email)) {
$customer_email = $_GET['email'];
//$customer_email = $_SESSION['email'];
}
//setcookie("sevendays", "email", time()+60*60*24*7);
$filepath = $_SERVER['DOCUMENT_ROOT']."/.php_files/acme_brochure.pdf";
if (file_exists($filepath)) {
header("Content-Type: application/force-download");
header("Content-Disposition:filename=\"brochure.pdf\"");
$fd = fopen($filepath,'rb');
fpassthru($fd);
fclose($fd);
if (!($_GET['email'])) {
#the customer wants us to remember him/her for next time
$_SESSION['email'] = $customer_email;
}
}
}//end isset(check)
?>
What is not happening given these 2 files?
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising!
http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism
Time for Stephen to move on on Oct 19 2015!!
Richard Damon
Sep 11, 2015, 8:31:10 AM9/11/15
to
On 9/10/15 10:24 PM, The Doctor wrote:
> For about 6 months this has been stomping me.
>
> Now repeat the assignment from the previous project, only this time,
> instead of cookies use sessions. Since sessions are being used, it is
> unnecessary to have the seven day limit from the previous assignment.
> However users should only be able to download the file once per session.
>
>
First question, What doesn't work? Just saying "this has been stomping
> For about 6 months this has been stomping me.
>
> Now repeat the assignment from the previous project, only this time,
> instead of cookies use sessions. Since sessions are being used, it is
> unnecessary to have the seven day limit from the previous assignment.
> However users should only be able to download the file once per session.
>
>
me" doesn't help us.
Second, you do know that sessions tend to use a cookie anyway to keep
track of the session (the difference is that with sessions, the cookie
just stores a session ID, and the rest of the data is stored on the
server, with some automatic expiry procedure).
> And the download.php is
>
>
> <?php
>
> #start the session
> session_start();
>
> if
> (isset
> ($_POST['check'])
> AND
> (isset($_POST['email']))
> AND
> (empty($_SESSION['email']))
> )
> {//user clicked form download button
> $customer_email = $_SESSION['email'];
trying to use it?
> if (!($customer_email)) {
> $customer_email = $_GET['email'];
> //$customer_email = $_SESSION['email'];
> }
> //setcookie("sevendays", "email", time()+60*60*24*7);
> $filepath = $_SERVER['DOCUMENT_ROOT']."/.php_files/acme_brochure.pdf";
> if (file_exists($filepath)) {
> header("Content-Type: application/force-download");
> header("Content-Disposition:filename=\"brochure.pdf\"");
> $fd = fopen($filepath,'rb');
> fpassthru($fd);
> fclose($fd);
> if (!($_GET['email'])) {
> #the customer wants us to remember him/her for next time
>
> $_SESSION['email'] = $customer_email;
>
> }
> }
>
> }//end isset(check)
>
>
>
> ?>
>
>
>
>
> What is not happening given these 2 files?
>
If download.php isn't doing what you want, perhaps having it display a
> $customer_email = $_GET['email'];
> //$customer_email = $_SESSION['email'];
> }
> //setcookie("sevendays", "email", time()+60*60*24*7);
> $filepath = $_SERVER['DOCUMENT_ROOT']."/.php_files/acme_brochure.pdf";
> if (file_exists($filepath)) {
> header("Content-Type: application/force-download");
> header("Content-Disposition:filename=\"brochure.pdf\"");
> $fd = fopen($filepath,'rb');
> fpassthru($fd);
> fclose($fd);
> if (!($_GET['email'])) {
> #the customer wants us to remember him/her for next time
>
> $_SESSION['email'] = $customer_email;
>
> }
> }
>
> }//end isset(check)
>
>
>
> ?>
>
>
>
>
> What is not happening given these 2 files?
>
page with what it sees would be helpful to debug.
When you are detecting the right conditions, then you can change the
page to do the download, but still could show what the conditions were
if you detect you shouldn't download. To go to 'production' you would
then remove the debug output and display a nice error message on failure
(right now you just give the user a white screen if they try a second
download).
The Doctor
Sep 11, 2015, 11:22:30 AM9/11/15
to
In article <5QzIx.30597$Jh2....@fx31.iad>,
All right. On my test, I just simply do not see the session ID.
Richard Damon <Ric...@Damon-Family.org> wrote:
>On 9/10/15 10:24 PM, The Doctor wrote:
>> For about 6 months this has been stomping me.
>>
>> Now repeat the assignment from the previous project, only this time,
>> instead of cookies use sessions. Since sessions are being used, it is
>> unnecessary to have the seven day limit from the previous assignment.
>> However users should only be able to download the file once per session.
>>
>>
>
>First question, What doesn't work? Just saying "this has been stomping
>me" doesn't help us.
>
>Second, you do know that sessions tend to use a cookie anyway to keep
>track of the session (the difference is that with sessions, the cookie
>just stores a session ID, and the rest of the data is stored on the
>server, with some automatic expiry procedure).
So I have been reading.
>On 9/10/15 10:24 PM, The Doctor wrote:
>> For about 6 months this has been stomping me.
>>
>> Now repeat the assignment from the previous project, only this time,
>> instead of cookies use sessions. Since sessions are being used, it is
>> unnecessary to have the seven day limit from the previous assignment.
>> However users should only be able to download the file once per session.
>>
>>
>
>First question, What doesn't work? Just saying "this has been stomping
>me" doesn't help us.
>
>Second, you do know that sessions tend to use a cookie anyway to keep
>track of the session (the difference is that with sessions, the cookie
>just stores a session ID, and the rest of the data is stored on the
>server, with some automatic expiry procedure).
Jerry Stuckle
Sep 11, 2015, 11:47:06 AM9/11/15
to
On 9/11/2015 8:30 AM, Richard Damon wrote:
> On 9/10/15 10:24 PM, The Doctor wrote:
>> For about 6 months this has been stomping me.
>>
>> Now repeat the assignment from the previous project, only this time,
>> instead of cookies use sessions. Since sessions are being used, it is
>> unnecessary to have the seven day limit from the previous assignment.
>> However users should only be able to download the file once per session.
>>
>>
>
> First question, What doesn't work? Just saying "this has been stomping
> me" doesn't help us.
>
> Second, you do know that sessions tend to use a cookie anyway to keep
> track of the session (the difference is that with sessions, the cookie
> just stores a session ID, and the rest of the data is stored on the
> server, with some automatic expiry procedure).
>
Usually, yes. However, the session id can all be passed as a parameter
> On 9/10/15 10:24 PM, The Doctor wrote:
>> For about 6 months this has been stomping me.
>>
>> Now repeat the assignment from the previous project, only this time,
>> instead of cookies use sessions. Since sessions are being used, it is
>> unnecessary to have the seven day limit from the previous assignment.
>> However users should only be able to download the file once per session.
>>
>>
>
> First question, What doesn't work? Just saying "this has been stomping
> me" doesn't help us.
>
> Second, you do know that sessions tend to use a cookie anyway to keep
> track of the session (the difference is that with sessions, the cookie
> just stores a session ID, and the rest of the data is stored on the
> server, with some automatic expiry procedure).
>
in the URI.
<snip>
--
==================
Remove the "x" from my email address
Jerry Stuckle
jstu...@attglobal.net
==================
Jerry Stuckle
Sep 11, 2015, 11:49:16 AM9/11/15
to
messages? Are you displaying error messages?
On your development machine your php.ini file should have:
error_reporting = E_ALL
display_errors = on
The Doctor
Sep 11, 2015, 4:44:21 PM9/11/15
to
In article <msustv$211$1...@dont-email.me>,
><snip>
>
>--
>==================
>Remove the "x" from my email address
>Jerry Stuckle
>jstu...@attglobal.net
>==================
Jerry Stuckle <jstu...@attglobal.net> wrote:
>On 9/11/2015 8:30 AM, Richard Damon wrote:
>> On 9/10/15 10:24 PM, The Doctor wrote:
>>> For about 6 months this has been stomping me.
>>>
>>> Now repeat the assignment from the previous project, only this time,
>>> instead of cookies use sessions. Since sessions are being used, it is
>>> unnecessary to have the seven day limit from the previous assignment.
>>> However users should only be able to download the file once per session.
>>>
>>>
>>
>> First question, What doesn't work? Just saying "this has been stomping
>> me" doesn't help us.
>>
>> Second, you do know that sessions tend to use a cookie anyway to keep
>> track of the session (the difference is that with sessions, the cookie
>> just stores a session ID, and the rest of the data is stored on the
>> server, with some automatic expiry procedure).
>>
>
>Usually, yes. However, the session id can all be passed as a parameter
>in the URI.
>
How can that happen given the snipped code that was posted.
>On 9/11/2015 8:30 AM, Richard Damon wrote:
>> On 9/10/15 10:24 PM, The Doctor wrote:
>>> For about 6 months this has been stomping me.
>>>
>>> Now repeat the assignment from the previous project, only this time,
>>> instead of cookies use sessions. Since sessions are being used, it is
>>> unnecessary to have the seven day limit from the previous assignment.
>>> However users should only be able to download the file once per session.
>>>
>>>
>>
>> First question, What doesn't work? Just saying "this has been stomping
>> me" doesn't help us.
>>
>> Second, you do know that sessions tend to use a cookie anyway to keep
>> track of the session (the difference is that with sessions, the cookie
>> just stores a session ID, and the rest of the data is stored on the
>> server, with some automatic expiry procedure).
>>
>
>Usually, yes. However, the session id can all be passed as a parameter
>in the URI.
>
><snip>
>
>--
>==================
>Remove the "x" from my email address
>Jerry Stuckle
>jstu...@attglobal.net
>==================
The Doctor
Sep 11, 2015, 4:44:54 PM9/11/15
to
In article <msut27$211$2...@dont-email.me>,
I will ask the instructor.
>--
>==================
>Remove the "x" from my email address
>Jerry Stuckle
>jstu...@attglobal.net
>==================
>--
>==================
>Remove the "x" from my email address
>Jerry Stuckle
>jstu...@attglobal.net
>==================
Jerry Stuckle
Sep 11, 2015, 4:52:57 PM9/11/15
to
On 9/11/2015 4:44 PM, The Doctor wrote:
> In article <msustv$211$1...@dont-email.me>,
> Jerry Stuckle <jstu...@attglobal.net> wrote:
>> On 9/11/2015 8:30 AM, Richard Damon wrote:
>>> On 9/10/15 10:24 PM, The Doctor wrote:
>>>> For about 6 months this has been stomping me.
>>>>
>>>> Now repeat the assignment from the previous project, only this time,
>>>> instead of cookies use sessions. Since sessions are being used, it is
>>>> unnecessary to have the seven day limit from the previous assignment.
>>>> However users should only be able to download the file once per session.
>>>>
>>>>
>>>
>>> First question, What doesn't work? Just saying "this has been stomping
>>> me" doesn't help us.
>>>
>>> Second, you do know that sessions tend to use a cookie anyway to keep
>>> track of the session (the difference is that with sessions, the cookie
>>> just stores a session ID, and the rest of the data is stored on the
>>> server, with some automatic expiry procedure).
>>>
>>
>> Usually, yes. However, the session id can all be passed as a parameter
>> in the URI.
>>
>
> How can that happen given the snipped code that was posted.
>
>> <snip>
>>
It all depends on the settings in the php.ini file and the user's
> In article <msustv$211$1...@dont-email.me>,
> Jerry Stuckle <jstu...@attglobal.net> wrote:
>> On 9/11/2015 8:30 AM, Richard Damon wrote:
>>> On 9/10/15 10:24 PM, The Doctor wrote:
>>>> For about 6 months this has been stomping me.
>>>>
>>>> Now repeat the assignment from the previous project, only this time,
>>>> instead of cookies use sessions. Since sessions are being used, it is
>>>> unnecessary to have the seven day limit from the previous assignment.
>>>> However users should only be able to download the file once per session.
>>>>
>>>>
>>>
>>> First question, What doesn't work? Just saying "this has been stomping
>>> me" doesn't help us.
>>>
>>> Second, you do know that sessions tend to use a cookie anyway to keep
>>> track of the session (the difference is that with sessions, the cookie
>>> just stores a session ID, and the rest of the data is stored on the
>>> server, with some automatic expiry procedure).
>>>
>>
>> Usually, yes. However, the session id can all be passed as a parameter
>> in the URI.
>>
>
> How can that happen given the snipped code that was posted.
>
>> <snip>
>>
browser settings. It has nothing to do with the code.
Jerry Stuckle
Sep 11, 2015, 4:53:56 PM9/11/15
to
developer needs. Even if you don't need it in class, you will need it
when you start using PHP.
The Doctor
Sep 11, 2015, 6:18:49 PM9/11/15
to
In article <msvetf$a05$2...@dont-email.me>,
On my proper server this is turned on.
This is a classroom instructor in this case.
>--
>==================
>Remove the "x" from my email address
>Jerry Stuckle
>jstu...@attglobal.net
>==================
This is a classroom instructor in this case.
>--
>==================
>Remove the "x" from my email address
>Jerry Stuckle
>jstu...@attglobal.net
>==================
Jerry Stuckle
Sep 11, 2015, 7:42:18 PM9/11/15
to
homework, you should have your own server. If you're doing the work in
class, you should be asking your instructor.
0 new messages