sylvest

Whatr I'm trying is: in the login page http://www.****/login.php. Do session_start(). Write some values into $_SESSION. add to the login form a hidden control with name='sessionid' and value='<?=session(id)?> In the form handler (https://hostname.tch...ame/do_login.php) Do session_start(). Read the value of session_id(), which is 4579fnvb049q7u5h8dmveqdm92 Check the value of $_SESSION which is an empty array. Check the value of $_POST['sessionid'] which is thp24j106dp9ffdif406l37vg3 Now do: // This should restore the old session. $fname = session_save_path() . "/sess_" . $_POST['sessionid']; session_decode(file_get_contents($fname))) // This should set some new session variables $_SESSION['uehdj'] = 'iwenfio'; $_SESSION['oqyhekj'] = 'owhusnxdi'; Check the value of $_SESSION, which is $_SESSION = Array ( [uehdj] => iwenfio [oqyhekj] => owhusnxdi ) I.e. the old session variables have not been recovered. 6. Now do: // Ths is supposed to write the session data back to the old session file. $session_string = session_encode(); $bytes = file_put_contents($session_string); // This is supposed to return to a http://www.****/ page header('Location: http://www.nydomain,.com/welcome.php'); exit(); 7. Use $_SESSION, which is supposed to contain any values that it had at the beginning of this who process, plus the two I added in do_login.php My main question is: Why are there no sess_ files in the directory /home/myaccount/tmp that match either 4579fnvb049q7u5h8dmveqdm92 or thp24j106dp9ffdif406l37vg3. The only file there is sess_ea6d51dbplto9ukucbk9fvkep86kt5f7 which doesn't mathch any session I know about. I hope someone understands how all this stuff works and can explain to me how to get it working. Thanks - Rowan

Does anyone know how to access the session variables of a different session, in PHP?. The reason I need to do this is that I am accessing most pages on my website via a domain name, such as http://www.****/login.php. However, the form on the login.php page where the username and password are entered uses https://hostname.tchmachines.com/~username/do_loginphp as its Action page because I must use SSL for this to ensure that my usernames and passwords are not sent over the net in open text. This means that do_login.php is running in a different session from login.php, so I can't use the $_SESSION array to pass values from one to the other. If I pass the PHPSESSIONID of the original unencrypted session to the do_login.php page via a GET or POST variable, what I am trying to find out is, how would I then read and write values from/to the original $SESSION array? Thank you - Rowan

Dick, Thanks for your reply. I think I have spotted the problem now. As Bruce suggested, I think the function that opens files was trying to call itself (indirectly) open a log file when it detected an error, resulting in an infinite recursive loop with no end condition. I am trying to come up with a design that doesn't suffer from this problem now. Thanks again. As before, I have found TCH support excellent - second to none, in my opinion. Thanks - Rowan

In my PHP script I'm tgrying to open a log file. I am getting the error "too many open file handles". I need to know which files are open to detect why I am getting too many. I guess that files are not being closed properly or I'm stuck in a loop. I tried to use $output = shell_exec('lsof 2>&1'); echo "<pre>$output</pre>"; and I'm now getting a very large number of "sh: lsof: command not found" messages. Does the command lsof exist on TCH hosts? Is this the right way to call it? What is the best way to find out what files are being opened, to debug this type of error? Thanks - Rowan

I'm getting an error where my web page fails to do an fopen() function with the error message "too many open files". I suspect that the problem is that I am not closing some files that I should be, or that my program is getting stuck in a loop, opening files ad infinitum. But to debug this I would like to see a list of all the open files, so I can work out where they are being opened and where they ought to be closed. I understand that the shell command lsof is supposed to do this. I'm trying to call lsof, and am getting a "command not found" error. This is the code I'm using to call lsof: $output = shell_exec("lsof 2>&1"); print_r($output); This is giving me the "command not found" error. I have tried using exec too, but couldn't work out how to capture the output. 1. What is the best way of finding out where files are being opened, and where they are not being closed, or getting a list of all the currently open files? 2. Should lsof exist on Total Choice Hosting servers? 3. If so, how do I call it successfully, and capture the output generated? 4. If not, how do I find out what all the open files are? Thanks - Rowan

Thomas - thank you Rowan

Thomas, Thanks for your reply. Yes, that is the dialogue box that I'm getting. But this doesn't explain why if I click Allow, it still doesn't paste anything into the forum message. I don't suppose setting it to default to Allow for trusted sites, and setting forums.totalchoicehosting.com as a trusted site, will make any difference to this behaviour. Rowan

Sorry, that last message was complete garbage. I was not running the PHP file that I thought I was, so no wonder the line numbers didn't work. Rowan

Not for me they don't. If I select some text from the message, press CTRL/C, move the cursor and press CTRL/V, nothing happens. If I select some text from a Notepad document, press CTRL/C, and move to the forum message and press CTRL/V, nothing happens. If I press the Paste button, it asks me " Do you want to allow access to your clipboard?". If I press Allow Access, it does nothing. If I click the Paste button again, this time it does not ask me the above question (I have not discovered what resets it so that it asks this question again). Could this be a browser issue? I'm currently using IE11, but I think the same happens in Firefox and Chrome. Or could it be a firewall issue? Am I the only person having this problem??? Thanks - Rowan

I have a logmsg function in my PHP which is meant to record in a log file any errors that occur, with the time and date, the error's severity, and the line number and file name where they occurred (using __LINE__ and __FILE__). It sometimes works, but not always. Sometimes I get nothing added to the log file. Could this be to do with how PHP terminates? What happens if the logfile is not closed properly (which it won't be if there is a fatal error)? Or does some text get stuck in a buffer somewhere and never get written to the file? What can I do to make sure that any such buffers are flushed? Thanks - Rowan

Hi, I'm having trouble tracking down a bug in my PHP. The first attachment shows the error I'm getting (I would have pasted it in if the paste function worked, but it doesn't). The second attachment shows the code, with line numbers. I again I would have included this in the message, if I could have done without retyping it. My question is, why is it reporting that the error concerning the parameter of mysqli_num_rows() occurs in line 20? Line 20 is a comment. Even if it were not a comment, it does not contain a call to mysqli_num_rows(). I suppose it must be objecting to line 28, since that's where the call to the function is, but why is it not reporting the right line number? This just makes debugging extremely difficult... Thanks - Rowan

Thomas, Thanks for doing this. Ideally I would like to have the preceding two messages included in the forum, because I think to fully understand what I am asking people will need to have read these. That is why I included them in the file. Thanks - Rowan

Copied to Scripting Central -> Scripting Talk. Why does Paste not work in this forum? What is the point of having a Paste button if it doesn't do anything? Rowan

I submitted a ticket, but the help desk said that some of my questions were outside of their scope. The remaining questions are: 1. Can I use a shared secure URL to access a subdomain on my site, i.e. the web pages I'm developing are in swchoir.sylvesterbradley.org, the files that this subdomain refers to are in /home/sylvest/swchoir (i.e. not within public_html). 2. I have a login page on my website called index.php. Presumably I don't need to encrypt this since it contains no confidential information. I need to encrypt the response to this, which is a URL like swchoir.sylvesterbradley.org/do_login.php. Can I get this encrypted by simply setting my form action property to "https://swchoir.sylv.../do_login.php". 3. Do I have to do anything else to enable the encryption, or does the use of the https protocol enable all the necessary encryption on the client and decryption on the server? 4. How do I prevent people from accessing this page by using the URL http://swchoir.sylve...rg/do_login.php? 5. Does it matter whether I use method GET or POST for the login form? Thanks for your help. Rowan Using_Https.rtf

I submitted a ticket, but the help desk said that some of my questions were outside of their scope. The remaining questions are: Can I use a shared secure URL to access a subdomain on my site, i.e. the web pages I'm developing are in swchoir.sylvesterbradley.org, the files that this subdomain refers to are in /home/sylvest/swchoir (i.e. not within public_html). I have a login page on my website called index.php. Presumably I don't need to encrypt this since it contains no confidential information. I need to encrypt the response to this, which is a URL like swchoir.sylvesterbradley.org/do_login.php. Can I get this encrypted by simply setting my form action property to "https://swchoir.sylvesterbradley.org/do_login.php". Do I have to do anything else to enable the encryption, or does the use of the https protocol enable all the necessary encryption on the client and decryption on the server? How do I prevent people from accessing this page by using the URL http://swchoir.sylvesterbradley.org/do_login.php? Does it matter whether I use method GET or POST for the login form? Thanks for your help. Rowan

I'm designing a new section of my web site, which is in a subdomain like sub.maindomain.org (actually the pages are in a suibdirectory like /home/username/sub). I need to force users who access the login page which is /index.php to connect via HTTPS so that the username and password are encrypted, and can't be snooped by a man in the middle. I may find a few more web pages that need to be accessed via HTTPS too. How do I organise this? In doing so, how do I avoid those annoying "your certificate has not been validated" messages? Thanks - Rowan

I run a web site on TCH. It's basically PHP. A section of this web site needs to be secure. Within this secure section I don't want people to be able to directly access any JPG, TXT or other data files just by typing their full URL. It must not be possible for unauthorised users to access any files within the secure section (not JPG files, TXT files or any other sort of data file). I don't want to transmit passwords in clear text. Within the PHP code I need to be able to detect who the logged in user is. I would prefer the authorised users and their usernames and passwords (encrypted) to be stored in my MySQL database. What is the best/easiest way of doing this? Thanks - Rowan

Can someone explain to me what sort of programs (if any) can be installed on TCH servers and called in CRON jobs, or using exec() or passthru() in PHP? I want to be able to use PDFTK, a command line program which will merge an FDF file (form field values) with a PDF file (blank form) and flatten the result (into a new PDF file for a completed form) which I then want to present to the user. Or is there some other way of doing this? Thanks - Rowan

I have exactly the same requirement. Has anyone successfully installed and used PDFTK on TCH to merge PDF and FDF files and to flatten the result? Thanks - Rowan

Thanks for your reply. I'm not 100% sure what you mean by "document root". This seems to be an ambibuous phrase. It would make sense if it meant my home directory, i.e. /home/username/, but in the PHP array element $_SERVER["DOCUMENT_ROOT"] it seems to mean what I call the "web root", i.e. the folder accessed by putting http://myhost.tchmachines.com/~username/ (or my domain name) into a browser. If you mean my home directory, I don't want to edit it. What I actually want is for a PHP script to include (i.e. read, not edit, write or delete) a file in a subdirectory (but not public_html) of my home directory. I'm not quite sure why you have referred to .htaccess or php.ini. What do these have to do with my question? All I need is for my PHP script to be able to find out the absolute path of my home directory in a way that's cross platform and works when I'm using my domain name and when I'm using the server URL to access the site. The best I've come up with so far is: >$abspath = $_SERVER["SCRIPT_FILENAME"]; $requesturi = $_SERVER["SCRIPT_NAME"]; while (basename($abspath) == basename($requesturi)) { $abspath = dirname($abspath); $requesturi = dirname($requesturi); } include $abspath . "/../phpinclude/template3.php"; This seems to work on a normal TCH account accessed via the domain name, on a TCH account accessed via the server URL and tilde username, and on a Windows/IIS server. Can anyone improve on this, or tell me of some situation where it won't work? Thanks - Rowan

Hi, When I want to access a folder outside my web root in a PHP file (e.g. because I want to include a file but I don't want internet users to have access to the raw file) I use something like the following: include $_SERVER["DOCUMENT_ROOT"] . "/../phpinclude/template3.php"; I.e. find the web root, go "up" one directory (on TCH servers this is my account home directory) then select the directory phpinclude (which because it's not under the web root is not accessible to anyone from the web) and include something. This is the most general way I've beed able to find that does this job. I want this to work on other (non-TCH) servers too, including Windows/IIS servers, if at all possible. This normally works fine, but I've just set up a new TCH account and it doesn't work. I think the reason is that when I am accessing my account using http://myhost.tchmachines.com/~username/ instead of ***** (because the account is new and has not yet been fully set up), $_SERVER["DOCUMENT_ROOT"] is equal to /usr/local/apache/htdocs/, not /home/username/public_html/. Is there a better way of finding my home directory's physical path on the server (not my web root, the one above that), which works in this scenario? Thanks - Rowan

How do I get a list of all the Apache modules installed on my server? This has to be done in a web page since I have no command line access. There is supposed to be a PHP function apache_get_modules() but on my host (byss) this fails with an undefined function error. Hope someone can help... Thanks - Rowan

Thanks to all of you for your informative replies. I've now achieved what I was looking for _and_ I've learned something useful. TCH support is superb yet again. Thanks - Rowan

Many thanks - this works. For interest, what exactly does the suPHP_ConfigPath command do? Does this tell suPHP to look for a php.ini file in this directory? If so, does this disable anything you've got in the global php.ini file, or does it just run both files? Thanks - Rowan

I would like to add a directory (e.g. /home/myusername/include) to the PHP include search path. Is there a way to do this globally for the whole of my site? I want to do this in a way that works whichever directory or sub-directory my PHP files are in (i.e. I don't want to have to change my include statement in each web page to give the relative path from where the page is to where my include files are). I would also like to do it in a way that's independent of the account being used or the file structure of the hosting system (i.e. I don't want to have to include an absolute path from / each time because this would have to be changed to work on a different site, or on a different hosting system). I've tried adding a .htaccess file in my public_html directory containing the line php_value include_path ".:/home/myusername/include:/usr/lib/php:/usr/local/lib/php" but this gives a 500 error. Is there a way of making this work? Or can I add a PHP.ini file somewhere? Or is there a way of referring to the location of my home directory (_not_ my web root, since I'd like to keep my include files secure) in a PHP include statement? Thanks - Rowan