Forums / General / Loses information (session?) when browsing.

Loses information (session?) when browsing.

Previous topic

General

Next topic

Author	Message
Robin Sørlie	Thursday 21 August 2003 4:55:56 am Hi, posted this in the developer forum, put it here to: Hi. Having troubles regarding the add loaction an add related object function. When doing this I can browse and choose a new location/object but when the page refreshes it's gone. Seem's to like the eZ is loosing information, this is in session right? I've been in contact with serveradministrator, he says the minor upgrades has been done with PHP, the server runs ensim controlpanel. http://onlinesupport.ensim.com/TWKB/ViewCase.asp?QSRuleID=774 - here is the upgrade that has been done - just log in as guest, no password needed. Thanx in advance. Debug output: eZ debug Timing: Aug 19 2003 15:52:36 Script start Timing: Aug 19 2003 15:52:36 Module start 'content' Warning: PHP Aug 19 2003 15:52:36 Undefined variable: limitationList in /home/virtual/site4/fst/var/www/html/kernel/content/browse.php on line 82 Warning: PHP Aug 19 2003 15:52:36 Undefined index: ClassFilterType in /home/virtual/site4/fst/var/www/html/kernel/classes/ezcontentobjecttreenode.php on line 343 Warning: PHP Aug 19 2003 15:52:36 Undefined index: ClassFilterType in /home/virtual/site4/fst/var/www/html/kernel/classes/ezcontentobjecttreenode.php on line 343 Warning: PHP Aug 19 2003 15:52:36 Undefined variable: limitationList in /home/virtual/site4/fst/var/www/html/kernel/content/browse.php on line 87 Notice: eZTSTranslator::load Aug 19 2003 15:52:36 Loading cached translation Timing: Aug 19 2003 15:52:36 Module end 'content' Warning: PHP Aug 19 2003 15:52:36 Use of undefined constant EZ_SDK_VERSION_REVISION - assumed 'EZ_SDK_VERSION_REVISION' in /home/virtual/site4/fst/var/www/html/lib/version.php on line 92 Warning: PHP Aug 19 2003 15:52:36 Undefined variable: lang in /home/virtual/site4/fst/var/www/html/kernel/classes/ezcontentobject.php on line 429 Timing: Aug 19 2003 15:52:36 End Timing points: Checkpoint Elapsed Rel. Elapsed Script start 0.0000 sec 0.1109 sec Module start 'content' 0.1109 sec 0.9537 sec Module end 'content' 1.0646 sec 0.5895 sec End 1.6541 sec Total runtime: 1.6546 sec Time accumulators: Accumulator Elapsed Percent Count Average Mysql Total Mysql_queries 0.0330 sec 1.9654% 11 0.0030 sec Looping result 0.0025 sec 0.1468% 10 0.0002 sec Template Total 1.3659 sec 81.4% 2 0.6829 sec Template load 0.3381 sec 20.1376% 2 0.1690 sec String conversion in template resource 0.0063 sec 0.3779% 12 0.0005 sec Template parser: create text elements 0.0671 sec 3.9972% 12 0.0056 sec Template parser: remove whitespace 0.0246 sec 1.4666% 12 0.0021 sec Template parser: construct tree 0.4177 sec 24.8822% 12 0.0348 sec Template load and register function 0.0145 sec 0.8632% 5 0.0029 sec Template processing 1.0261 sec 61.1150% 2 0.5130 sec General String conversion 0.0015 sec 0.0867% 12 0.0001 sec Total script time: 1.6789 sec
Jan Borsodi	Monday 25 August 2003 5:25:45 am My guess is this issue: Transparent session ID support exposes PHP to cross-site-scripting attacks. This is required for eZ publish to work properly with session if the cookie are not set in your browser. Also eZ publish escapes the session key so it's not possible to hack your site if transparent sessions are on. You should see if a cookie has been made in your browser, if not it won't know the session id from one page load to another. -- Amos Documentation: http://ez.no/ez_publish/documentation FAQ: http://ez.no/ez_publish/documentation/faq
Robin Sørlie	Tuesday 26 August 2003 8:02:44 pm Thx for your reply. Guess you're right, no cookies is saved in my browser. I will consult my server administrator and see if he can sort it out. thanks again.

Author

Message

Robin Sørlie

Thursday 21 August 2003 4:55:56 am

Hi, posted this in the developer forum, put it here to:

Hi.

Having troubles regarding the add loaction an add related object function. When doing this I can browse and choose a new location/object but when the page refreshes it's gone. Seem's to like the eZ is loosing information, this is in session right?

I've been in contact with serveradministrator, he says the minor upgrades has been done with PHP, the server runs ensim controlpanel. http://onlinesupport.ensim.com/TWKB/ViewCase.asp?QSRuleID=774 - here is the upgrade that has been done - just log in as guest, no password needed.

Thanx in advance.

Debug output:
eZ debug
Timing: Aug 19 2003 15:52:36
Script start
Timing: Aug 19 2003 15:52:36
Module start 'content'
Warning: PHP Aug 19 2003 15:52:36
Undefined variable: limitationList in /home/virtual/site4/fst/var/www/html/kernel/content/browse.php on line 82
Warning: PHP Aug 19 2003 15:52:36
Undefined index: ClassFilterType in /home/virtual/site4/fst/var/www/html/kernel/classes/ezcontentobjecttreenode.php on line 343
Warning: PHP Aug 19 2003 15:52:36
Undefined index: ClassFilterType in /home/virtual/site4/fst/var/www/html/kernel/classes/ezcontentobjecttreenode.php on line 343
Warning: PHP Aug 19 2003 15:52:36
Undefined variable: limitationList in /home/virtual/site4/fst/var/www/html/kernel/content/browse.php on line 87
Notice: eZTSTranslator::load Aug 19 2003 15:52:36
Loading cached translation
Timing: Aug 19 2003 15:52:36
Module end 'content'
Warning: PHP Aug 19 2003 15:52:36
Use of undefined constant EZ_SDK_VERSION_REVISION - assumed 'EZ_SDK_VERSION_REVISION' in /home/virtual/site4/fst/var/www/html/lib/version.php on line 92
Warning: PHP Aug 19 2003 15:52:36
Undefined variable: lang in /home/virtual/site4/fst/var/www/html/kernel/classes/ezcontentobject.php on line 429
Timing: Aug 19 2003 15:52:36
End

Timing points:
Checkpoint Elapsed Rel. Elapsed
Script start 0.0000 sec 0.1109 sec
Module start 'content' 0.1109 sec 0.9537 sec
Module end 'content' 1.0646 sec 0.5895 sec
End 1.6541 sec
Total runtime: 1.6546 sec

Time accumulators:
Accumulator Elapsed Percent Count Average
Mysql Total
Mysql_queries 0.0330 sec 1.9654% 11 0.0030 sec
Looping result 0.0025 sec 0.1468% 10 0.0002 sec
Template Total 1.3659 sec 81.4% 2 0.6829 sec
Template load 0.3381 sec 20.1376% 2 0.1690 sec
String conversion in template resource 0.0063 sec 0.3779% 12 0.0005 sec
Template parser: create text elements 0.0671 sec 3.9972% 12 0.0056 sec
Template parser: remove whitespace 0.0246 sec 1.4666% 12 0.0021 sec
Template parser: construct tree 0.4177 sec 24.8822% 12 0.0348 sec
Template load and register function 0.0145 sec 0.8632% 5 0.0029 sec
Template processing 1.0261 sec 61.1150% 2 0.5130 sec
General
String conversion 0.0015 sec 0.0867% 12 0.0001 sec
Total script time: 1.6789 sec

Jan Borsodi

Monday 25 August 2003 5:25:45 am

My guess is this issue:
Transparent session ID support exposes PHP to cross-site-scripting attacks.

This is required for eZ publish to work properly with session if the cookie are not set in your browser.
Also eZ publish escapes the session key so it's not possible to hack your site if transparent sessions are on.

You should see if a cookie has been made in your browser, if not it won't know the session id from one page load to another.

--
Amos

Documentation: http://ez.no/ez_publish/documentation
FAQ: http://ez.no/ez_publish/documentation/faq

Robin Sørlie

Tuesday 26 August 2003 8:02:44 pm

Thx for your reply.

Guess you're right, no cookies is saved in my browser. I will consult my server administrator and see if he can sort it out.

thanks again.