Re: [PHP] GET variable unexpectedly assigned to session variable
On Thu, May 10, 2007 1:51 pm, Armando Acosta wrote: Problem is, that, once the page usr_frm.php have been hit, the session variable $_SESSION[usr_type] gets changed (unexpectedly) to exactly the same value passed to the script via GET variable typ. But even worse: this code works perfectly well on my developer machine (Windows) but in doesn't on the actual server (Linux). I realized that the server uses a different PHP configuration, specially: register_globals set to ON. I already got them to change this value to OFF... but this did not solve the problem. It should have solved it, unless you've messed up your session data with the previous script already... Are you SURE they turned it OFF? Check phpinfo again. If all else fails, just change the variable name to something else in the usr_frm.php script, so they don't collide with session data... -- Some people have a gift link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] GET variable unexpectedly assigned to session variable
On Thu, May 10, 2007 2:00 pm, Robert Cummings wrote: BTW, what's the point of abbreviating short words like user to usr and type to typ? Mayb his 'e' ky is brokn? -- Some people have a gift link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] GET variable unexpectedly assigned to session variable
On Sun, 2007-05-13 at 02:05 -0500, Richard Lynch wrote: On Thu, May 10, 2007 2:00 pm, Robert Cummings wrote: BTW, what's the point of abbreviating short words like user to usr and type to typ? Mayb his 'e' ky is brokn? Mayb his 'o' ky t sinc h shrtnd form to frm. Prbbly h jst hs n vrsn t vwls. Chrs, Rb. Ps. In case that was as incomprehensible as code created by abbreviators that I've had the displeasure to come across it says: Maybe his 'o' key too since he shortened form to frm. Probably he just has an aversion to vowels. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] GET variable unexpectedly assigned to session variable
On Friday 11 May 2007 03:08, Dave Goodchild wrote: Another small and unrelated point - you don't need to use double quotes inside the array brackets - you're not processing them at all. You seemed to have left out: use single quotes instead. -- Crayon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] GET variable unexpectedly assigned to session variable
Let's try to make a long story short. I'm writing a (not too complex) system visible to authorized users only. My users are stored in a MySQL database table with usr_id and usr_typ (user type) among other fields. When a user logs in, I retrieve those values from the database and store them into separate session variables: $_SESSION[usr_id] = $rs[usr_id]; $_SESSION[usr_typ] = $rs[usr_typ]; When the user visits a restricted page, I read those session variables to validate the user. So far so good. Problem started when I added a new script named usr_frm.php. This page accepts the user's id and type from the query string, like this: $id = (integer)$HTTP_GET_VARS[id]; $usr_typ = (integer)$HTTP_GET_VARS[typ]; The call comes from a list of users displayed by another script, usr_lst.php, like this (within a loop, of course): print(a href='usr_frm.php?id=.$row[usr_id].typ=.$row[usr_typ].'); Problem is, that, once the page usr_frm.php have been hit, the session variable $_SESSION[usr_type] gets changed (unexpectedly) to exactly the same value passed to the script via GET variable typ. But even worse: this code works perfectly well on my developer machine (Windows) but in doesn't on the actual server (Linux). I realized that the server uses a different PHP configuration, specially: register_globals set to ON. I already got them to change this value to OFF... but this did not solve the problem. I will appreciate any help, suggestion, idea currently I am (honestly) clue less... Thank you in advance. --Armando--.
Re: [PHP] GET variable unexpectedly assigned to session variable
On Thu, 2007-05-10 at 14:51 -0400, Armando Acosta wrote: Let's try to make a long story short. I realized that the server uses a different PHP configuration, specially: register_globals set to ON. I already got them to change this value to OFF... but this did not solve the problem. I will appreciate any help, suggestion, idea currently I am (honestly) clue less... Did they restart the webserver after changing the config? BTW, what's the point of abbreviating short words like user to usr and type to typ? Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] GET variable unexpectedly assigned to session variable
Armando;
First, you can just change these:
$id = (integer)$HTTP_GET_VARS[id];
$usr_typ = (integer)$HTTP_GET_VARS[typ];
to:
$id = $_GET['id'];
$usr_typ = $_GET['typ'];
Second, I see that you're using $row[] variables for your MySQL result
sets but where and how are the $rs[] values populated?
On 5/10/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Thu, 2007-05-10 at 14:51 -0400, Armando Acosta wrote:
Let's try to make a long story short.
I realized that the server uses a different PHP configuration,
specially: register_globals set to ON. I already got them to change this
value to OFF... but this did not solve the problem.
I will appreciate any help, suggestion, idea currently I am
(honestly) clue less...
Did they restart the webserver after changing the config?
BTW, what's the point of abbreviating short words like user to usr
and type to typ?
Cheers,
Rob.
--
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`'
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107
Re: [PHP] GET variable unexpectedly assigned to session variable
Another small and unrelated point - you don't need to use double quotes inside the array brackets - you're not processing them at all.
