Jump to content

Search the Community

Showing results for tags 'session'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to ProcessWire
    • News & Announcements
    • Showcase
    • Wishlist & Roadmap
  • Community Support
    • Getting Started
    • Tutorials
    • FAQs
    • General Support
    • API & Templates
    • Modules/Plugins
    • Themes and Profiles
    • Multi-Language Support
    • Security
    • Jobs
  • Off Topic
    • Pub
    • Dev Talk

Product Groups

  • Form Builder
  • ProFields
  • ProCache
  • ProMailer
  • Login Register Pro
  • ProDrafts
  • ListerPro
  • ProDevTools
  • Likes
  • Custom Development

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

  1. Hi all, Currently I am working on a filter for all the products in a category. So I've set up a class and built a (PW) form in it. When the user clicks on continue the form should return a processform function which sets the variable of the form in a session. Later in the file I want to read out that session and use that variable to select which products should show up and which should be hidden. So now with code examples to make it a bit more clear for you: In my file I start with a class: class classname { public function ShowForm() { $form = $this->Form1(); if ($this->input->post->submit) { if ($this->processForm1($form)) $this->session->redirect("./"); } return $form->render(); } Then a form inside the class: protected function Form1() { $form = wire('modules')->get("InputfieldForm"); $form->description = "Fill in the fields to find the mouse which fits your wishes"; $form->label = "Mouse Selector"; $form->action = "./"; $form->method = 'post'; $f = wire('modules')->get("InputfieldRadios"); $f->name = "Hand"; $f->label = "label"; $f->addOption(1, "1"); $f->addOption(2, "2"); $form->add($f); $this->addSubmit($form, 'Continue'); return $form; } This function is called when the user submits: protected function ProcessForm1($form) { $form->processInput($this->input->post); $this->session->hand = (int)$form->get("Hand")->value; } As you see I store the variable of the submitted form in a session. After closing the class I continue with building the page and then I want to read out that variable: $value = $this->session->hand; $content .= "Value of 'Hand': " . $value; But when I execute this on my website I cannot see the value of the form. Have I done something wrong or how can I fix this? Thanks in advance, ~Harmen
  2. Hello, When do you choose to use $input->whitelist($key, $value) rather than $session->myvar (with myvar = 3 for example) ? The documentation uses the example of the MarkupPagerNav module : "An example is the MarkupPagerNav plugin module, which provides an easy way for you to have pagination. Lets say that you used it to paginate search engine results. [...]" (from https://processwire.com/api/variables/input/) But If I don't have pagination, but some variables to store for each member of my website, do I have any interest to store them with whitelist rather than within sessions ? Thanks
  3. Hi guys, I've just created a new user : $u = new User(); $u->name = $nickname; $u->pass = $pwd; $u->addRole("guest"); $u->save(); I've added some new informations on that user, here : $u->points = 3; $u->language = 'fr'; Now I'm doing my session->login stuff, and my session->redirect stuff. On the destination page, I thought I would retrieve the $u->points and $u->language values, but it's not set. I thought I was saving the values in my news user's session area but I'm apparently wrong. I guess I have to use that syntax in the first page : $session->points = 3; $session->language = 'fr'; ... and then it will be still there on the destination page ? Is it the good way to do it ? Do my values will stick with the right user I'm dealing with ? Thanks
  4. Hello, Newbie question here. I'm rebuilding my existing website with PW, it's a game where people can guess the winners of races. I used to have a "players" table. Those are registered players, I used to identify them through their login/password, and when it matches, I give them access to the website. No rocket science. So now with PW, I'm building my sign-up form and I'm trying to create a new session when a new user sign up. I'm retrieving user/pass from the sign-up form which has been posted before but : if($session->login($user, $pass)) { // login successful $session->redirect(elsewhere); } else echo "failed"; ... fails everytime. Do I have to use something like : $u = new User(); $u->name = "bill"; $u->pass = "billpwd"; $u->addRole("guest"); $u->save(); ... before doing a session->login('bill', 'billpwd') ?? (I've just checked, it works, so I guess this is the good way to do it ?) I already have my players table so perhaps I can have the minimum in the PW's table and keep my players info in my historical table ? ... Or I can add all information I need into PW but I'd like to understand where it is stored. Last question, if there is a PW matching between "user" and "session", I need to give to the session->login function the password not hashed. I'm using the password_hash php function, any problem with that ? Thanks
  5. Hi guys, I'm trying to setup my first login form. Once connected the user will able to access the other part of the website. I've read many topics about session from which I've learned a lot but I still can't figure if sessions are files based, database based or cookie based ? I've read somewhere Ryan said he will add a database option, is it live ? Perhaps a cookie is only set if a user is logged in ? In the doc http://processwire.com/blog/posts/multi-instance-pw3/#more-session-control, it says : "Session variables are currently stored with PHP's session functions with files in /site/assets/sessions/." In that same doc, someone asks in the comments section how to get rid of sessions, he don't use them and don't want any cookies (perhaps regarding EU cookie law...). (I've also read many threads where people had too much files in their sessions directories, apparently ubuntu related or Php garbage collector setting). So does PW sessions set a cookie or not ? Does someone here know what's the default lifetime of a PW session ? Thanks !
  6. Hello, I get the following error message when I try to publish my page. "Session: Warning (requiredIf): dependency field 'feature_image' is not present in this form. (ProcessPageEdit)" Any insight? Thanks
  7. I need to write a lazy cron job that goes through a list of files and deletes those that are associated with expired sessions. Our session information is stored in the DB table sessions. Is there a Wire API call that allows me to do one of: 1) fetch all expired sessions? 2) hook the session expiration event? 3) fetch all active sessions? 4) do direct DB access to lookup sessions? (least preferred as I have to directly tie to session implmentation). My logic can either flow: Find active sessions delete files NOT in active sessions Get files if session_id associated with file NOT in sessions (or has expired) delete file.
  8. Hello, I need to restrict the page view of my app to a single guest user. This means if a session for user guest is already open for that page, other guest users are not allowed to view the same page. $session doesn't help much in that case as far as I can see from the docs (or maybe $session->getHistory() can help?). I think I could approach it this way: 1. Set session storage to DB 2. Query session table in DB for open sessions for that page and act accordingly Is there anything built into the API which I have missed that I can utilize to query the session table? Or would I have to use $database and build my own query? Any insight on this or idea how to tackle the problem would be much appreciated.
  9. Is there something wrong with the following redirect syntax ? <?php $session->redirect($page->get(1184)->url); ?> I've used this (below) to successfully redirect to a child URL so thought I was on the right track. <?php $session->redirect($page->child->url); ?>
  10. Hi all, I've just enabled the Session Handler Database module and would like to view the active sessions, however it doesn't display any. Does anyone know why, or what I'm missing?
  11. The $session feature is easy to use and great to store inputs like currency or cart items temporary on server side. Identified by client cookie ID. I thought the session lifetime works persistent. But the wire cookie is only valid until the browser will be closed. Next visit starts always with a fresh session. All vars got lost. Session file is still on server, but access impossible without cookie ID. Is there anyone way to change the client session cookie lifetime from "expired if browser closed" to maybe "current time plus 48h"? I could create a second beside the "wire" cookie to store things at client side. But all data will saved in client browser directly. The concept to identify via cookie but data always on server is better and more secure. And one cookie is better as two. Which alternative way would you prefer to store some vars for "guest" role users more persistent?
  12. I'm doing a custom login/register in the front end, and flash messages are really useful to inform the user about the process of user registration. I was used to using Codeigniter with their flash message system. I've seen very few messages in the forum where $session->message is used but I haven't seen a full implementation. I've tried my own with some degree of success, but the flash messages persist in a different way that I've expected. It's like there is a "delay". Maybe I'm doing something wrong. The header.inc has a standard notices loop: <?php if($notices) :?> <?php foreach($notices as $notice) :?> <?php $class = $notice->className(); ?> <div class="notification <?= $class; ?>"> <p><?= $notice->text ;?></p> </div> <?php endforeach ;?> <?php endif ;?> This is my register.php: When submitting the form with errors, the first time no error message are displayed. The second time I submit it with errors, then the error message appears. This is what I describe as the "delay". <?php include("./helpers/form_helpers.php"); /** * Register template * */ $out = ""; $errors = ""; // create a new form field (also field wrapper) $form = $modules->get("InputfieldForm"); $form->action = "./"; $form->method = "post"; $form->attr("id+name",'register-form'); // Name // $field = $modules->get("InputfieldText"); // $field->label = "Name"; // $field->attr('id+name','name'); // $field->required = 1; // $form->append($field); // append the field to the form // Email $field = $modules->get("InputfieldEmail"); $field->label = "E-Mail"; $field->attr('id+name','email'); $field->required = 1; $form->append($field); // append the field // Password $field = $modules->get("InputfieldPassword"); $field->label = __("Contraseña"); $field->attr("id+name","password"); $field->required = 1; $form->append($field); // Submit $submit = $modules->get("InputfieldSubmit"); $submit->attr("value",__('Crear cuenta')); $submit->attr("id+name","submit"); $submit->attr("class","btn btn--primary"); $form->append($submit); // Form submitted: process form if($input->post->submit) { // user submitted the form, process it and check for errors $form->processInput($input->post); // here is a good point for extra/custom validation and manipulate fields if($sanitizer->email($form->get("email")->value) != '') { // Email should be unique if(!isUniqueUserEmail($form->get("email")->value)){ $form->email->error(__("El e-mail ingresado ya se encuentra registrado")); } } if($form->getErrors()) { // the form is processed and populated but contains errors // Render Form $session->error(__('There are errors in the form')); $out .= $form->render(); } else { // Sanitize inputs //$full_name = $sanitizer->text($input->post->name); $email = $sanitizer->email($input->post->email); $password = $input->post->password; // Generate username from email $username = $sanitizer->email($input->post->email); // Create New User $u = new User(); $u->of(false); $u->name = $username; $u->pass = $password; $u->email = $email; $u->addRole("guest"); $u->addRole("member"); $u->save(); $u->of(true); // Create hash // Email the user with confirmation e-mail // Redirect to login page and display success Message $session->message(__('User registration sucessfull')); $session->redirect('/login'); } } else { // Form not submitted: render out form without processing $out .= $form->render(); } include("./partials/header.inc"); ?> <div class="container container--narrow"> <div class="page"> <h1>Nuevo usuario</h1> <?= $out ;?> </div><!-- .page --> </div><!-- .container --> <?php include("./partials/footer.inc"); ?> On a successful submission, the next page displays the correct message, but also the error message "There are errors in the form". It's like the error message get's carried over. I appreciate any help to sort this out.
  13. Hello all, I am using part of a PW install as a backend for a RESTful API. Everytime a client consumes the API, a session is started. The RESTful approach is sessionless per definition and I would like to avoid sessions, if possible, for performance reasons. When I look at the open sessions while only one client is getting or putting data through my REST API, I can see that there are quite a few (over 50) sessions open from that client. The project is at a testing stage right now and I'm afraid that once 50 or 100 clients are connected, the sessions will put a big load on the server. Is it advisable at all to try and avoid sessions? How would I go about killing sessions or, even better, connect to my API endpoints without starting a session in the first place?
  14. The $config->sessionExpireSeconds in config.php is set to 86400 but still I have to log in as admin after about 10 minutes of inactivity. Any other hidden corners where I should look to set this right? $config->sessionChallenge is set to true. $config->sessionFingerprint is set to false.
  15. Hi folks! In my current project I'm using ProcessWire v2.5 as pure backend service, including it in my frontend application as described here. Now I encountered some problems with the pw session handling interfering with the session handling of my frontend application. In this case the pw installation runs on a subdomain of my frontend application. Duplicate session_start() Each time I include pw's index.php pw tries to start it's own session, resulting in a notice that a session has already been started. To encounter this problem, I changed one row in Session::___init() (/ProcessWire/wire/core/Session.php): protected function ___init() { if (session_status() != PHP_SESSION_ACTIVE) @session_start(); } Session configuration override Additionally pw sets it's own session configuration and therefore overrides the config of my frontend application. To prevent this, I wrapped the session configuration block within the index.php (/ProcessWire/index.php, rows ~176ff) in a condition: if (session_status() != PHP_SESSION_ACTIVE) { session_name($config->sessionName); ini_set('session.use_cookies', true); ini_set('session.use_only_cookies', 1); ini_set('session.cookie_httponly', 1); ini_set('session.gc_maxlifetime', $config->sessionExpireSeconds); if (ini_get('session.save_handler') == 'files') { if (ini_get('session.gc_probability') == 0) { // Some debian distros replace PHP's gc without fully implementing it, // which results in broken garbage collection if the save_path is set. // As a result, we avoid setting the save_path when this is detected. } else { ini_set("session.save_path", rtrim($config->paths->sessions, '/')); } } } This is surely a bad way to fix my problem, because I had to change some code within the pw core. If anybody knows a more elegant solution to prevent pw from starting/configuring a session if used vi include, it would be very welcome. regards, Wumbo
  16. I use the ProcessWire $session API for a new project to store some things there. Cart items, currency and more. It works fine and the limited lifetime of $sessions is OK, I defined just 3 days. There is only an issue with user $session->logout() to logout an user. It removes all items in user $session too. Website users are just "guest" or after login with role "customer". I see two options to solve my issue: I skip $session API and use instead PHP $_SESSION to keep all vars after $session->logout(). This make things more complicated and I would prefer to use PW API only. Anyone way to avoid the $session->logout() command. So that logout means remove the role "customer" temporary from user session, be only guest. Without $session->logout(). Mhhmmmm. Maybe I think wrong, ideas are welcome. BTW, I enjoy it to work with PW.
  17. I'm having problem with setting global session variable in $config->ajax block. To be more clear, here is example: This will not work: if($config->ajax) { $_SESSION["TEST"] = "test" } and then after "normal " page rendering with no ajax I get nothing when trying to get session variable: echo($_SESSION["TEST"]); // produces no output however, if I set variable outside $config->ajax block: if($config->ajax) { // this is left blank to better describe context } else { $_SESSION["TEST"] = "test"; } and then after "normal " page rendering with no ajax - I get what I expect: echo($_SESSION["TEST"]); // produces "test" as output. So, what I want is set some global session variable inside ajax call and then reuse it's value during any page reload. It's late and I probable miss something.
  18. Hi all, I'm developing a responsive Website with the following setup: PW 2.5.3 Debug = true Template caching set to one month, guests only Google Chrome latest release (not the beta channel) With this setup I'm experiencing weird problems when using Chrome dev tools: changes in my templates are not reflected in the frontend until the page is saved (despite caching is set to "guests only") after each page save I'm logged out from the admin and have to log in again I can repeat this problem since days and on Windows as well as on OS X. In contrast, if I switch to Firefox Developer Edition's dev tools everything works as it should - no problems at all. So presumably it's some interference with Chrome's dev tools. Does anybody has experienced the same? Any hints for debugging? Thanks!
  19. Got home to some strange behaviour on one of my development sites - not able to login. I have seen this: processwire.com/talk/topic/4011-cannot-login-to-admin-area/ But nothing there works. If I try changing the password, still can't sign in. Using SessionHandlerDatabase, and have cleared those caches too. Could that module be an issue in 2.5.25? I am running another few local sites on that version, but am not experiencing the same issue. Nothing in any error logs anywhere. Login form doesn't show any errors either. Wondering if the installation in question has gone all bonkers on me... Update: I also have the Forgot Password module enabled. Interestingly, when I click on it, it just shows the normal login form... Isn't it supposed to just show email? The URL does include ?forgot=1...
  20. Hello, part of my new project is providing a RESTful webservice through PW. I am using clsource's REST Helper for ProcessWire which is working great. For the REST service part of the site I would like to suppress the setting of session cookie for $session->login and $session->logout because I don't need sessions and I don't want to have Set-Cookie in my response header. For user authentication in a PUT request I use $session->login() to verify username and password: $uId = $input->urlSegment1; $u = $users->get($uId); if ($session->login($u->name, $params["upass"])) { $session->logout(); //update user data } In the response header for that request I get: Set-Cookie: wire=ha6io723mkfc9v4scdib3oe8g7; path=/; HttpOnly wire=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT wire=1n8faeiva3vg7u13ijsrs24bt1; path=/; HttpOnly wire_challenge=YK0WRw0Wrd2ZAhKEUCLPOHd9iSySEPb91; expires=Tue, 07-Apr-2015 14:11:24 GMT; path=/; httponly wire=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT wire=u9m41s8b87d3ca1jp1jbl0r6k3; path=/; HttpOnly wire=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT wire=oidcbmht561qnvts2fjnq4b7p3; path=/; HttpOnly persist=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ At the moment I get rid of it by doing header_remove("Set-Cookie"); But I would like to avoid setting of that cookie in the first place. I found the relevant methods ___login and ___logout in /wire/core/Session.php But searching Captain Hook for "logout" doesn't bring up those methods. I assume they should be hookable because they start with 3 underscores. Now how would I hook into those methods from my template file (not as an autoload module)? The webservice endpoint url is .../api/users/ and my temlate file for that is users.php What I've tried so far is wire()->addHookBefore('Session::logout', null, 'logoutNoCookie'); function logoutNoCookie($event) { $event->replace = true; $sessionName = session_name(); $_SESSION = array(); // if(isset($_COOKIE[$sessionName])) setcookie($sessionName, '', time()-42000, '/'); // if(isset($_COOKIE[$sessionName . "_challenge"])) setcookie($sessionName . "_challenge", '', time()-42000, '/'); session_destroy(); session_name($sessionName); $this->init(); session_regenerate_id(true); $_SESSION[$this->className()] = array(); $user = $this->wire('user'); $guest = $this->wire('users')->getGuestUser(); $this->wire('users')->setCurrentUser($guest); $this->trackChange('logout', $user, $guest); if($user) $this->logoutSuccess($user); $event->return = $this; } But this gives me an error: Fatal error: Using $this when not in object context because I'm placing my hook function outside the class context. What would be the correct way for calling the hook and placing my hook function?
  21. Hey Guys, I've ran into some really weird behavior with session variables. What I've been trying to do is this: I have 10 separate pages that share the same template, named cursus.php. These are pages with course info and have different title's. these page all do the following: $session->remove($cursus); $session->set($cursus, $page->title); They all have a link to one page where you can subscribe for the course on that page I call out the session variable and want to recall there from what page they entered the subscription page by doing the following: <div>Subscribe for the course: <?PHP echo $session->get($cursus); ?></div> and that, on it's turn, gets mailed to my client. Now Firefox and Safari seem to be displaying the variable perfectly fine but Chrome is not. I've tried it on my mobile and and desktop and even in incognito mode, which should clear any cache problems, but it still doesn't work. Am i going about this completely the wrong way or does anyone have a suggestion of what the problem could be? As you can image it's very important to my client and thus to me, that I get this working as soon as possible! Any help will be greatly appreciated. Bram Wolf
  22. I didn't have time to look into the code, so I have to ask here: is there a limit for the password length? I'm using LastPass and wherever it's possible I use ridiculously long passwords. And so I did in PW for an admin password. After a logout I couldn't log in again. I managed to do that only after setting the pass to something shorter than 50-chars. I see no reason why the passwords could have been limited (as they're hashed anyway), so that totally might be something on my end (or LastPass). But, just in case, I thought it's worth mentioning here as a potential issue.
  23. Hi guys, Is there any reason why $session variables shouldn't get updated when using jQuery $.post? For some reason, no matter how trivial the example I use, data received from $.post which is successfully updating pages is failing to set $session variables. Am properly in "banging head against wall territory" now
  24. Hi all I have built my own module for processing forms on my site. The module does check to see of the request was forged or not, but I am unable to inset the token name and value into my template. I use Twig for my templates, and this is what I'm calling: <form data-form-ident="contact-form" data-form-token-name="{{ this.session.CSRF.getTokenName() }}" data-form-token-value="{{ this.session.CSRF.getTokenValue() }}"> The output for that is an empty string. Could it perhaps be because I am using Twig? Side note: disabling Twig is not an option as the templates I'm using are very complex - it would be a darn mission to revert to native PHP. (PW 2.4.0)
  25. So, I was looking to implement the remember me for the login. I didnot find a module for that. The functionality will be some token saved on the user side, and on the first request make the user authenticate if he/she has the token with the request. So the question is what will be the first hook, which will be called, so I can implement the hook to add the implementation. Do you have any insights on the same?
×
×
  • Create New...