ajoo

Hi Gurus ! Just as Justsomeguy mentioned, It is indeed the session_regenerate_id() function that is causing the logout problems on my website. Would it mean that all websites that use session_regenerate_id() would log out the user if say he/she pressed and kept pressed the F5 key ( refresh ) on the keyboard?? Other than multi-clicking the same button, my website logs me out if i keep pressed the refresh button for just a little while. If not so, then does it mean that there is a way in which we can use the session_regenerate_id() and take care of this problem of getting logged out on multiple refreshes or double, tripple clicking a button. 1. I would be grateful if you can demonstrate that via an example. I am unable to understand that how, once my session has been hijacked , would then it matter at all about the pseudo-random key? I mean after all the session_id is also a sort of random key itself. I would be glad if you can explain that in greater detail and with an example of its implementation. Thanks !

Hi justsomeguy, Thanks loads for that insight. I will now look along those lines and maybe i'll be able to locate the problem. I'ld like to mention though that in almost all the tutorials that I looked up on the net, they have one of the first line in the php page that says "session_start" followed by session_regenerate_id(). And this is on all the pages that are linked to the main page. So if a user visits one of the links on a page, the first few top lines of that page would have the "session _start" and "session_regenerate_id". So every time the page runs through itself or is refreshed the session_id is going to change. I also read somewhere that every time the program goes through an important part of the program ( for example a user logs in ) the session_id should be changed for security reasons. I wanted to design a login page where if a user is already logged in at a given place and wishes to login from another, the system invalidates the previous session and lets him login from another place. Keeping all this in mind I designed a page which has a session_secure() at the very top and is traversed every time it is refreshed and it also checks if the user is not already logged in which case it invalidates the previous session and validates a new one.for the same user. So session_secure runs once in a page except when a user is logging in. In that case session _secure is called once again in the login routine once the user has been identified and the session is then given a new session_id. I have one more question and that is I am using "include members.php" to display the member page and its not via a link. So at the end of the main login file I have this include command which is executed if a valid user is logged in and displays the user page. Will I have to have the session_secure() routine which houses the session_start() and regenerate_id() routines on the members.php page and all the other sub pages that member.php calls for maintaining a secure session OR does the include command considers the pages (members.php) that it loads as an extension of the main page and so there is no need to add session_secure on these and sub pages. I'll look into the session again and try and see what i can find. I'll come back again on this later. Thanks loads some_nice_guy !

Hi all ! I am facing this very weird problem of unexpected and unnatural log out when I double click either the menu buttons or the form buttons. I am using a jquery slider login panel to login users but i have been plagued with this problem where they are logged out as mentioned. I have been struggling to find the cause of for almost a week now without success. This behavior can be seen at my website whose link is www.bestbet.bugs3.com/club/demo.php. The user id and password is "Itsme " & bcf134. I would be grateful if any of the gurus can take a look at it and help me solve this one. I would be willing to share the files with anyone who is willing to take a look at them. Looking forward to responses from all of you, Thanks tons.

Thanks dsonesuk, I'll try this one and revert. Is there any way to neutralize the keyboard drawback? Thanks again.

Please I hope someone can help solve this with an example. Thanks desonesuk, for the explanation. This ofcourse I understood but thought maybe you were trying to say something else as well. I await some to do this as an exercise with an example. The main problem that i have is , as already mentioned, trying to find the correct button using jquery and disabling the concerned button alone instead of all the buttons being affected. And so far as i know there is no if else that can be used in jquery. Requesting the gurus for their guiding light. Thanks all !

Hi guys ! Thanks for the inputs so far. Haiden what you are suggesting is absolutely correct except that I don;t know how to select the correct submit button that was clicked. As far as I have read, there is no if else loops in jquery for then I would have polled the various submit buttons to check the one that was clicked. The buttons can also be polled by their name ( i tried that) so if they have unique names and I could somehow use an if else statement I could have found the correct button that was clicked. It's important to submit the form as well which must be submitted before the attributes for the buttons can be changed to disabled. So any one has any ideas that you can implement in an example and show ( for maybe greater than 2 buttons, say 3 buttons) . Dsonesuk I am not unable to understand your statement possibly because I am pretty new to jquery and have very basic idea of it. How and where the submit button has to be canceled? I also think that the form should be submitted first bcos once the button is disabled, the form does not submit the $_POST array. If i am wrong please correct me. Hoping for more inputs and preferably a working example involving a form and 3 buttons. Thanks all !

Well that's because I would like to keep it mostly HTML. Besides the event handler can also be written for Input. Instead of button we can then use Input['type=submit'] or input['name = up']. However its the actual handler that I am asking help for. Can you show me how it could be done even for buttons. Thanks

Hi, I have this problem where there are 3 buttons on a form called up, edit, down. <input type="Submit" name = "up" value="Up"> <input type="Submit" name = "edit" value="Edit"> <input type="Submit" name = "down" value="Down"> What I wish to do using jquery is : a) submit the form. Then find out which of these buttons was pressed, disable it for a short duration and display a "wait" sign on that button. I hope someone can show me how this can be achieved. Thanks for any help on this to all.