Rasmus
OK, I think I understand the principle now, yet, when I implement id, my
app still fails.
I have register_golbals = on, BUT, I want to find a way to code that I
know will always work, regardless of register_globals or cookies, so
that I am only dependant on the trans-sid ( but If I could rule that out
too, it would be even better)
How do you write your apps so you know that they will work on most
configurations? I have a bunch of older apps that will definately break
if I upgrade the server and turn register_globals off, and I want to
prevent it from happening with new apps I write now.
With what you said below, can I assume that:
1) If I know all the variables that I will need to be session variables,
I can session_register() them all on the first page, and then simply
give them values during the normal flow of the app?
I have tried to implement what you said below in my app as follow,
basically the route is:
Login form --> action page:
action page links to another form page
form page --> action page
All these pages are supposed to be part of the session, but between the
last two pages, the session disappears, and the form doesn't pass
variables...
I'm so utterly fed-up with myself for not being able to get this right.
Can you see ANYTHING that might cause this?
index.php
<?php
session_start();
?>
<form name="form1" method="post" action="admin_select.php">
<table border="0" cellspacing="0" cellpadding="0">
<tr bgcolor="#CFCFCF">
<td colspan="2">Admin Login
</td>
</tr>
<tr>
<td>Username:
</td>
<td><input type="text" name="user_name" >
</td>
</tr>
<tr>
<td>Password:
</td>
<td><input type="text" name="pass_word" >
</td>
</tr>
<tr>
<td>
<input type="submit" name="Submit4" value="Submit">
</td>
</tr>
</table>
</form>
Then:
admin_select.php
<?php
session_start();
if ((!$HTTP_SESSION_VARS["username"]) &&
(!$HTTP_SESSION_VARS["password"])) {
session_register("username","password");
}
if (($HTTP_POST_VARS["user_name"]) && ($HTTP_POST_VARS["pass_word"])) {
$username = $HTTP_POST_VARS["user_name"];
$password = $HTTP_POST_VARS["pass_word"];
}
/* Not sure if my logic above works, trying to check if the person is
coming back via a link or from the from for the first time; I'm not sure
what could happen if you session_register a variable twice??? */
$link = @mysql_connect("localhost",$username,$password) or die
('Could not connect!');
mysql_select_db("mafisa",$link);
$sql = "select * from project_table order by id";
$result = mysql_query($sql);
?>
<form action="admin_select_document.php" method="POST"
enctype="multipart/form-data">
<table border="1">
<tr>
<td colspan="2" bgcolor="CFCFCF">Admin Interface</td>
</tr>
<tr>
<td colspan="2">Please select Project to work with</td>
</tr>
<tr>
<td colspan ="2">
<?php
if (mysql_num_rows($result)) {
echo "<select name=\"sess_id_project\">";
while ($myrow = mysql_fetch_assoc($result)) {
$sess_project_name = $myrow["project_name"];
$sess_project_id = $myrow["id"];
echo '<option
value="'.$sess_project_id.'">'.$sess_project_name;
}
echo '</select>';
echo '</td>';
echo '</tr>';
echo '<tr>';
echo '<td colspan="2"><input type="submit" name="submit"
value="Go!"></td>';
echo '</tr>';
echo '</form>';
} else {
echo '<b><i>There are currently no Projects on the system,';
echo 'please use the section below to add one</i></b>';
echo '</td>';
echo '</tr>';
echo '</form>';
}
echo '<tr><td colspan="2" bgcolor="000000"></td></tr>
<tr>
<td colspan="2" bgcolor="CFCFCF"><a href="admin_add_project.php">Add
a new Project</a></td>
</tr>
</table>';
?>
This second page has two routes to go, either you select the document
from the drop_down, or you can "add a new project", It is with the
second route that I pick up further problems:
admin_add_project.php
<?php
session_start();
echo '
<form action="admin_add_project_do.php" method="POST"
enctype="multipart/form-data">
<table>
<tr>
<td colspan="2" bgcolor="CFCFCF">Mafisa Admin Interface</td>
</tr>
<tr>
<td>New Project Name</td>
<td><input type="text" name="project_name_add"></td>
</tr>
<tr>
<td>Project Descriptions</td>
<td><textarea name="project_description_add"></textarea></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="submit"
value="Save"></td>
</tr>
</table>
</form>
';
?>
Now, on this last page that is supposed to insert the form data into the
db, there is simply no form data, or session variables!!!!!
admin_add_project_do.php
<?php
session_start();
$date = date('Y-m-d');
$link =
@mysql_connect('localhost',$HTTP_SESSION_VARS["username"],$HTTP_SESSION_VARS["password"])
or die ('Could not connect!');
mysql_select_db('mafisa',$link);
$project_name_db =
addslashes($HTTP_POST_VARS["project_name_add"]);
$project_description_db =
addslashes($HTTP_POST_VARS["project_description_add"]);
$sql = "insert into project_table
(project_name,project_description,date) values
('$project_name_db','$project_description_db','$date')";
$result = mysql_query($sql);
echo 'Thank you, new project ::
<b><i>'.$project_name_db.'</i></b> was added to the system. <br>
<a href="admin_select.php">Back</a><br>';
?>
I really appreciate your time, and thanks in advance for your help.
On Mon, 2002-08-12 at 22:44, Rasmus Lerdorf wrote:
> No, you don't need to use HTTP_SESSION_VARS for anything if
> register_globals is on. Sessions are very simple. You start a session,
> and you register variables to be part of that session. Like this:
>
> session_start();
> session_register('a');
> session_register('b');
>
> If you have that at the top of the first page, then whatever values $a and
> $b have by the time the script finishes is what will be written to the
> session backend.
>
> So, on a subsequent page you just do:
>
> session_start();
>
> This will see the session ID that the browser passed to it either via a
> cookie or in the URL and it will go and restore the variables from the
> session backend. That means that at this point you can just do:
>
> echo $a;
> echo $b;
>
> At no point is there any need for $HTTP_SESSION_VARS nor $_SESSION if you
> are sure that register_globals will always be on.
>
> Now, if you want it to work with register_globals off, you still don't
> need to use $HTTP_SESSION_VARS when setting the variables, you only need
> to use it when retrieving them. So, instead of echo $a and echo $b you
> would have:
>
> echo $HTTP_SESSION_VARS['a'];
> echo $HTTP_SESSION_VARS['b'];
>
> Or, of course in newer PHP's you can use $_SESSION['a'].
>
> Your stuff probably didn't work because you were setting the session vars
> via the $HTTP_SESSION_VARS array. That works now, but it probably didn't
> use to as it is a bit of a weird way to do it.
>
> -Rasmus
>
> On 12 Aug 2002, Petre Agenbag wrote:
>
> > You lost me there...
> > Are you saying I don't need to access those variable in that way?
> > Can I simply use $variable in successive pages then?
> > Surely I MUST use that notation to assign values then right?, specially
> > to the session vars, right?
> >
> > But, just out of curiosity, why does it work fine on my newer system?
> >
> > Thanks
> >
> > On Mon, 2002-08-12 at 21:17, Rasmus Lerdorf wrote:
> > > If register_globals is known to be on, why are you worrying about
> > > the $HTTP_* arrays?
> > >
> > > On 12 Aug 2002, Petre Agenbag wrote:
> > >
> > > > Hi
> > > > Me again
> > > >
> > > > Still having problems with forms not sending variables, and session
> > > > variables dissapearing.
> > > >
> > > > I have 2 systems, one older 4.0.3 PHP which is my main webserver, so all
> > > > scripts must comply with it...
> > > > And the other my development server with the latest 4.1.2
> > > >
> > > > So, I'm trying to write scripts that will happily work on both, and I
> > > > understand that I must use HTTP_POST_VARS and HTTP_SESSION_VARS in order
> > > > to comply with 4.0.3.
> > > >
> > > > register_globals and track_vars as well as trans_sid are enabled on
> > > > both.
> > > >
> > > > Now, take a look at the example below:
> > > > index.php
> > > >
> > > > <form action="page2.php" method="POST" >
> > > > <input type="text" name="test"><input type="submit" name="submit">
> > > > </form>
> > > >
> > > >
> > > > page2.php
> > > >
> > > > <?php
> > > > session_start();
> > > > echo ' HTTP_POST_VARS :'.$HTTP_POST_VARS["test"].'<br>';
> > > > echo ' POST_VARS: '.$_POST["test"].'<br>';
> > > > echo ' normal test :'.$test.'<br>';
> > > > echo 'Session Value (only for
> > > > re-entry):'.$HTTP_SESSION_VARS["testing"].'<br>';
> > > >
> > > > if ($HTTP_POST_VARS["test"]) {
> > > > $HTTP_SESSION_VARS["testing"] = $HTTP_POST_VARS["test"];
> > > > }
> > > > echo '<a href="page3.php">Click</a>';
> > > > ?>
> > > >
> > > > page3.php
> > > >
> > > > <?php
> > > > session_start();
> > > > echo 'Session Variable:'.$HTTP_SESSION_VARS["testing"].'<br>';
> > > > echo '<a href="page4.php">Forward to test sess var further</a><br>';
> > > > echo '<a href="page2.php">Back to test sess var</a><br>';
> > > > ?>
> > > >
> > > > page4.php
> > > >
> > > > <?php
> > > > session_start();
> > > > echo 'Session Variable:'.$HTTP_SESSION_VARS["testing"].'<br>';
> > > > echo '<a href="page3.php">Back to page 3 to test sess var
> > > > further</a><br>';
> > > > echo '<a href="page2.php">Back to page 2 to test sess var</a><br>';
> > > > ?>
> > > >
> > > > This small test works 100% on my newer system, and I was under the
> > > > impression that I coded it to be backwards compatible with my older
> > > > system, BUT,
> > > >
> > > > look here: http://www.linuxhelp.co.za/session_test to see what it does
> > > > on my working server. The scripts are identical.
> > > >
> > > > Please can you point out my mistakes in reasoning?
> > > >
> > > > Also, I want these scripts to work regardless of cookies, so if you see
> > > > something that might cause problems when ppl disable cookies, plz
> > > > advise.
> > > >
> > > >
> > > >
> > > > --
> > > > PHP General Mailing List (http://www.php.net/)
> > > > To unsubscribe, visit: http://www.php.net/unsub.php
> > > >
> > >
> >
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
