PHP and session.cookie_path - Heisenbug.

Submitted by michael on Tue, 02/18/2014 - 15:32
TIL: PHP's session.cookie_path defaults to '/', which is good. But if session.cookie_path is the empty string (''), then the cookie path is set relative to the current URL. If the request is to example.com/foo/bar/bax.php and the cookie path is '', then the cookie is set for example.com/foo/bar - not example.com/ as one might expect. But then the browser goes and saves it forever. And you can the same cookie id on multiple paths and then the expire and maybe some get reset during a logout/login cycle.

tunnelling mysql over ssh

Submitted by michael on Wed, 10/16/2013 - 23:42
Suppose you have a database server (db.example.com) which only accepts connections from the web server (www.example.com). The web server accepts SSH connections from anywhere (so ssh user@www.example.com works). And you have 200 tables to update. Start by opening a tunnelled SSH connection in a terminal window like so: [shell]ssh user@www.example.com -L 31123:db.example.com:3306 [/shell] The command starts like a normal ssh connection. The extra syntax is -L <local port number>:<database host name>:<remote port number> MySQL normally uses port 3306.