[PHP] Re: PHP session variables

[Jim Giner]

On 8/8/2012 11:24 AM, Ansry User 01 wrote:

I am setting the _SESSION variables in one of my file, but whenever I leave the 
php page session variables are not accessible. Not sure what I need to do 
additionally other then defining _SESSION[].
Any pointer.




You must make it a habit to start each script with

session_start();

so that any thing you did in the last script is returned for use in the 
new script.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables in tmp

[Gerardo Benitez]

Ok, that usually happens.

Gerardo
www.webseficientes.com.ar

On Tue, Jun 8, 2010 at 1:48 PM, Stephen Sunderlin <
stephen.sunder...@verizon.net> wrote:

> Thanks Gerardo.
>
> I send a large dump.sql file to my /tmp dir and filled up the remaining
> space so PHP was not able to write any more session variable.  Took me a
> little while to figure that one out.
>
> Thanks for your response.
>
>
>
>
>
> On Tue, 08 Jun 2010 12:00:23 -0400, Gerardo Benitez
>  wrote:
>
>  Hi Stephen,
>>
>> you can try setting the session path using session_save_path
>> http://www.php.net/manual/en/function.session-save-path.php.
>>
>> Gerardo
>> www.webseficientes.com.ar
>>
>>
>>
>> On Sat, Jun 5, 2010 at 2:18 AM, Stephen Sunderlin <
>> stephen.sunder...@verizon.net> wrote:
>>
>>  trying out a CentOS release 5.2 (Final) V4_1_0  on AWS.  Was working fine
>>> and now it seems that php has stopped writing any session variable to
>>> /tmp.
>>>  I was cleaning up the user table in mysql and limiting permissions.
>>> Not
>>> sure that this would have anything to do with it.  Restarted
>>> apache/mysql.
>>>  tmp is  set to drwxrwxrwt  4 root root  4096 Jun  5 00:46 tmp
>>> PHP 5.2.4
>>> MySQL 5.0.45
>>> any thought on where else to look.
>>>
>>> Thanks.
>>>
>>> --
>>> PHP General Mailing List (http://www.php.net/)
>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>>
>>>
>>>
>>
>>
>
> --
> Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
>



-- 
Gerardo Benitez

Re: [PHP] session variables in tmp

[Stephen Sunderlin]

Thanks Gerardo.

I send a large dump.sql file to my /tmp dir and filled up the remaining
space so PHP was not able to write any more session variable.  Took me a
little while to figure that one out.

Thanks for your response.




On Tue, 08 Jun 2010 12:00:23 -0400, Gerardo Benitez
 wrote:


Hi Stephen,

you can try setting the session path using session_save_path
http://www.php.net/manual/en/function.session-save-path.php.

Gerardo
www.webseficientes.com.ar



On Sat, Jun 5, 2010 at 2:18 AM, Stephen Sunderlin <
stephen.sunder...@verizon.net> wrote:

trying out a CentOS release 5.2 (Final) V4_1_0  on AWS.  Was working  
fine
and now it seems that php has stopped writing any session variable to  
/tmp.
 I was cleaning up the user table in mysql and limiting permissions.
Not
sure that this would have anything to do with it.  Restarted  
apache/mysql.

 tmp is  set to drwxrwxrwt  4 root root  4096 Jun  5 00:46 tmp
PHP 5.2.4
MySQL 5.0.45
any thought on where else to look.

Thanks.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php








--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables in tmp

[Gerardo Benitez]

Hi Stephen,

you can try setting the session path using session_save_path
http://www.php.net/manual/en/function.session-save-path.php.

Gerardo
www.webseficientes.com.ar



On Sat, Jun 5, 2010 at 2:18 AM, Stephen Sunderlin <
stephen.sunder...@verizon.net> wrote:

> trying out a CentOS release 5.2 (Final) V4_1_0  on AWS.  Was working fine
> and now it seems that php has stopped writing any session variable to /tmp.
>  I was cleaning up the user table in mysql and limiting permissions.   Not
> sure that this would have anything to do with it.  Restarted apache/mysql.
>  tmp is  set to drwxrwxrwt  4 root root  4096 Jun  5 00:46 tmp
> PHP 5.2.4
> MySQL 5.0.45
> any thought on where else to look.
>
> Thanks.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


-- 
Gerardo Benitez

Re: [PHP] session variables and SVG documents

[Adam Richardson]

On Wed, Feb 3, 2010 at 8:20 AM, Ashley Sheridan 
wrote:

> On Wed, 2010-02-03 at 10:49 +0100, Aurelie REYMUND wrote:
>
> > Hello,
> >
> > unfortunately, it does not suite my needs. The image must be clickable.
> The
> > application I'm developping reads data from a database and display the
> > information graphically. The user must be able to click on some elements
> of
> > the picture, and I have to store the information the user clicked on
> > (session vars). I cannot tell the user not to use IE, so I have to find
> > another solution...
> >
> > Regards,
> > Aurelie
> >
> > 2010/2/1 Ray Solomon 
> >
> > > From: "Aurelie REYMUND" 
> > > Sent: Monday, February 01, 2010 3:37 AM
> > > To: 
> > > Subject: [PHP] session variables and SVG documents
> > >
> > >
> > >  Hello,
> > >>
> > >> I have the following problem with the Adobe SVG viewer:
> > >> I try to generate a SVG document using PHP. the following code is
> working
> > >> well under Firefox, as well as IE with ASV:
> > >>
> > >>  > >>
> > >> header("Content-type: image/svg+xml");
> > >>
> > >> $graph_title = 'title';
> > >>
> > >>
> > >> print('');
> > >> $svgwidth=500;
> > >> $svgheight=400;
> > >> ?>
> > >>
> > >>  > >> http://www.w3.org/TR/SVG/DTD/svg10.dtd";>
> > >>  > >> xmlns="http://www.w3.org/2000/svg";>
> > >>   This is a php-random rectangle test
> > >>  > >> srand((double) microtime() * 100); //initalizing random generator
> > >> for ($i = 0; $i < 20; $i+=1) {
> > >>   $x = floor(rand(0,$svgwidth-1)); //avoid getting a range 0..0 for
> rand
> > >> function
> > >>   $y = floor(rand(0,$svgheight-1));
> > >>   $width = floor(rand(0,$svgwidth-$x)); //avoid getting rect outside
> of
> > >> viewbox
> > >>   $height = floor(rand(0,$svgheight-$y));
> > >>   $red = floor(rand(0,255));
> > >>   $blue = floor(rand(0,255));
> > >>   $green = floor(rand(0,255));
> > >>   $color = "rgb(".$red.",".$green.",".$
> > >> blue.")";
> > >>   print "\t > >> style=\"fill:$color;\"/>\n";
> > >> }
> > >> ?>
> > >>> >> text-anchor="middle">The servers Date and Time is:  > >> (strftime("%Y-%m-%d, %H:%M:%S")); ?>
> > >>> >> text-anchor="middle">You are running:
> > >>> >> text-anchor="middle">
> > >> 
> > >>
> > >> If now I want to include the session_start() at the beginning of the
> code,
> > >> in IE I got a pop-up dialog called "download file"
> > >>
> > >> What am I doing wrong ?
> > >>
> > >> Regards,
> > >> Aurelie
> > >>
> > >>
> > >
> > > It appears IE does not support svg yet and you need a plugin for it.
> > >
> > > However, you could also design your code differently by using
> Imagemagick
> > > to convert the svg to png.
> > > If that suits your needs, then use the modified code below:
> > >
> > >
> > >  > >
> > > header("Content-type: image/png");
> > >
> > > $graph_title = 'title';
> > >
> > > $svgwidth=500;
> > > $svgheight=400;
> > >
> > > $svg = '
> > > http://www.w3.org/2000/svg";>
> > >   This is a php-random rectangle test';
> > >
> > >
> > > for ($i = 0; $i < 20; $i++) {
> > >
> > >$x = floor(rand(0,$svgwidth-1));
> > >$y = floor(rand(0,$svgheight-1));
> > >$width = floor(rand(0,$svgwidth-$x));
> > >$height = floor(rand(0,$svgheight-$y));
> > >$red = floor(rand(0,255));
> > >$blue = floor(rand(0,255));
> > >$green = floor(rand(0,255));
> > >$color = "rgb(".$red.",".$green.",".$blue.")";
> > >$svg .= "\t > > height=\"$height\" style=\"fill:$color;\"/>\n";
> > > }
> > >
> > >   $svg .= ' > > text-anchor="middle">The servers Date and Time is: '.date("Y-m-d,
> > > H:m:s").'
> > >> > text-anchor="middle">You are running:
> > >> > text-anchor="middle">'.$HTTP_USER_AGENT.'
> > > ';
> > >
> > >
> > > file_put_contents('/tmp/image.svg', $svg);
> > >
> > > exec("/usr/bin/rsvg /tmp/image.svg /tmp/image.png");
> > >
> > > echo file_get_contents('/tmp/image.png');
> > > ?>
> > >
> > > -Ray Solomon
> > >
> > >
> > >
> > > --
> > > PHP General Mailing List (http://www.php.net/)
> > > To unsubscribe, visit: http://www.php.net/unsub.php
> > >
> > >
>
>
> IE doesn't display SVG natively, and the plugins for it are pants.
> However, IE does make use of its own propitiatory vector language called
> VML, This is how the Cufon font replacer system works.
>
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>
>
>
Maybe svgweb (by Google) would allow you to achieve your goals:
http://code.google.com/p/svgweb/

Adam

-- 
Nephtali:  PHP web framework that functions beautifully
http://nephtaliproject.com

Re: [PHP] session variables and SVG documents

[tedd]

At 10:49 AM +0100 2/3/10, Aurelie REYMUND wrote:

Hello,

unfortunately, it does not suite my needs. The image must be clickable. The
application I'm developping reads data from a database and display the
information graphically. The user must be able to click on some elements of
the picture, and I have to store the information the user clicked on
(session vars). I cannot tell the user not to use IE, so I have to find
another solution...

Regards,
Aurelie



Aurelie:

The image must be clickable?

I must not be understanding something. Anything can be made 
clickable, just put it in an anchor, such as:


Click This

The previous post mentioned using ImageMagick to convert the svg to 
png -- so write that script and place it in an anchor. I don't see 
the problem.


Cheers,

tedd

--
---
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables and SVG documents

[Ashley Sheridan]

On Wed, 2010-02-03 at 10:49 +0100, Aurelie REYMUND wrote:

> Hello,
> 
> unfortunately, it does not suite my needs. The image must be clickable. The
> application I'm developping reads data from a database and display the
> information graphically. The user must be able to click on some elements of
> the picture, and I have to store the information the user clicked on
> (session vars). I cannot tell the user not to use IE, so I have to find
> another solution...
> 
> Regards,
> Aurelie
> 
> 2010/2/1 Ray Solomon 
> 
> > From: "Aurelie REYMUND" 
> > Sent: Monday, February 01, 2010 3:37 AM
> > To: 
> > Subject: [PHP] session variables and SVG documents
> >
> >
> >  Hello,
> >>
> >> I have the following problem with the Adobe SVG viewer:
> >> I try to generate a SVG document using PHP. the following code is working
> >> well under Firefox, as well as IE with ASV:
> >>
> >>  >>
> >> header("Content-type: image/svg+xml");
> >>
> >> $graph_title = 'title';
> >>
> >>
> >> print('');
> >> $svgwidth=500;
> >> $svgheight=400;
> >> ?>
> >>
> >>  >> http://www.w3.org/TR/SVG/DTD/svg10.dtd";>
> >>  >> xmlns="http://www.w3.org/2000/svg";>
> >>   This is a php-random rectangle test
> >>  >> srand((double) microtime() * 100); //initalizing random generator
> >> for ($i = 0; $i < 20; $i+=1) {
> >>   $x = floor(rand(0,$svgwidth-1)); //avoid getting a range 0..0 for rand
> >> function
> >>   $y = floor(rand(0,$svgheight-1));
> >>   $width = floor(rand(0,$svgwidth-$x)); //avoid getting rect outside of
> >> viewbox
> >>   $height = floor(rand(0,$svgheight-$y));
> >>   $red = floor(rand(0,255));
> >>   $blue = floor(rand(0,255));
> >>   $green = floor(rand(0,255));
> >>   $color = "rgb(".$red.",".$green.",".$
> >> blue.")";
> >>   print "\t >> style=\"fill:$color;\"/>\n";
> >> }
> >> ?>
> >>>> text-anchor="middle">The servers Date and Time is:  >> (strftime("%Y-%m-%d, %H:%M:%S")); ?>
> >>>> text-anchor="middle">You are running:
> >>>> text-anchor="middle">
> >> 
> >>
> >> If now I want to include the session_start() at the beginning of the code,
> >> in IE I got a pop-up dialog called "download file"
> >>
> >> What am I doing wrong ?
> >>
> >> Regards,
> >> Aurelie
> >>
> >>
> >
> > It appears IE does not support svg yet and you need a plugin for it.
> >
> > However, you could also design your code differently by using Imagemagick
> > to convert the svg to png.
> > If that suits your needs, then use the modified code below:
> >
> >
> >  >
> > header("Content-type: image/png");
> >
> > $graph_title = 'title';
> >
> > $svgwidth=500;
> > $svgheight=400;
> >
> > $svg = '
> > http://www.w3.org/2000/svg";>
> >   This is a php-random rectangle test';
> >
> >
> > for ($i = 0; $i < 20; $i++) {
> >
> >$x = floor(rand(0,$svgwidth-1));
> >$y = floor(rand(0,$svgheight-1));
> >$width = floor(rand(0,$svgwidth-$x));
> >$height = floor(rand(0,$svgheight-$y));
> >$red = floor(rand(0,255));
> >$blue = floor(rand(0,255));
> >$green = floor(rand(0,255));
> >$color = "rgb(".$red.",".$green.",".$blue.")";
> >$svg .= "\t > height=\"$height\" style=\"fill:$color;\"/>\n";
> > }
> >
> >   $svg .= ' > text-anchor="middle">The servers Date and Time is: '.date("Y-m-d,
> > H:m:s").'
> >> text-anchor="middle">You are running:
> >> text-anchor="middle">'.$HTTP_USER_AGENT.'
> > ';
> >
> >
> > file_put_contents('/tmp/image.svg', $svg);
> >
> > exec("/usr/bin/rsvg /tmp/image.svg /tmp/image.png");
> >
> > echo file_get_contents('/tmp/image.png');
> > ?>
> >
> > -Ray Solomon
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >


IE doesn't display SVG natively, and the plugins for it are pants.
However, IE does make use of its own propitiatory vector language called
VML, This is how the Cufon font replacer system works.

Thanks,
Ash
http://www.ashleysheridan.co.uk

Re: [PHP] session variables and SVG documents

[Aurelie REYMUND]

Hello,

unfortunately, it does not suite my needs. The image must be clickable. The
application I'm developping reads data from a database and display the
information graphically. The user must be able to click on some elements of
the picture, and I have to store the information the user clicked on
(session vars). I cannot tell the user not to use IE, so I have to find
another solution...

Regards,
Aurelie

2010/2/1 Ray Solomon 

> From: "Aurelie REYMUND" 
> Sent: Monday, February 01, 2010 3:37 AM
> To: 
> Subject: [PHP] session variables and SVG documents
>
>
>  Hello,
>>
>> I have the following problem with the Adobe SVG viewer:
>> I try to generate a SVG document using PHP. the following code is working
>> well under Firefox, as well as IE with ASV:
>>
>> >
>> header("Content-type: image/svg+xml");
>>
>> $graph_title = 'title';
>>
>>
>> print('');
>> $svgwidth=500;
>> $svgheight=400;
>> ?>
>>
>> > http://www.w3.org/TR/SVG/DTD/svg10.dtd";>
>> > xmlns="http://www.w3.org/2000/svg";>
>>   This is a php-random rectangle test
>> > srand((double) microtime() * 100); //initalizing random generator
>> for ($i = 0; $i < 20; $i+=1) {
>>   $x = floor(rand(0,$svgwidth-1)); //avoid getting a range 0..0 for rand
>> function
>>   $y = floor(rand(0,$svgheight-1));
>>   $width = floor(rand(0,$svgwidth-$x)); //avoid getting rect outside of
>> viewbox
>>   $height = floor(rand(0,$svgheight-$y));
>>   $red = floor(rand(0,255));
>>   $blue = floor(rand(0,255));
>>   $green = floor(rand(0,255));
>>   $color = "rgb(".$red.",".$green.",".$
>> blue.")";
>>   print "\t> style=\"fill:$color;\"/>\n";
>> }
>> ?>
>>   > text-anchor="middle">The servers Date and Time is: > (strftime("%Y-%m-%d, %H:%M:%S")); ?>
>>   > text-anchor="middle">You are running:
>>   > text-anchor="middle">
>> 
>>
>> If now I want to include the session_start() at the beginning of the code,
>> in IE I got a pop-up dialog called "download file"
>>
>> What am I doing wrong ?
>>
>> Regards,
>> Aurelie
>>
>>
>
> It appears IE does not support svg yet and you need a plugin for it.
>
> However, you could also design your code differently by using Imagemagick
> to convert the svg to png.
> If that suits your needs, then use the modified code below:
>
>
> 
> header("Content-type: image/png");
>
> $graph_title = 'title';
>
> $svgwidth=500;
> $svgheight=400;
>
> $svg = '
> http://www.w3.org/2000/svg";>
>   This is a php-random rectangle test';
>
>
> for ($i = 0; $i < 20; $i++) {
>
>$x = floor(rand(0,$svgwidth-1));
>$y = floor(rand(0,$svgheight-1));
>$width = floor(rand(0,$svgwidth-$x));
>$height = floor(rand(0,$svgheight-$y));
>$red = floor(rand(0,255));
>$blue = floor(rand(0,255));
>$green = floor(rand(0,255));
>$color = "rgb(".$red.",".$green.",".$blue.")";
>$svg .= "\t height=\"$height\" style=\"fill:$color;\"/>\n";
> }
>
>   $svg .= ' text-anchor="middle">The servers Date and Time is: '.date("Y-m-d,
> H:m:s").'
>text-anchor="middle">You are running:
>text-anchor="middle">'.$HTTP_USER_AGENT.'
> ';
>
>
> file_put_contents('/tmp/image.svg', $svg);
>
> exec("/usr/bin/rsvg /tmp/image.svg /tmp/image.png");
>
> echo file_get_contents('/tmp/image.png');
> ?>
>
> -Ray Solomon
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

Re: [PHP] session variables and SVG documents

[Ray Solomon]

From: "Aurelie REYMUND" 
Sent: Monday, February 01, 2010 3:37 AM
To: 
Subject: [PHP] session variables and SVG documents


Hello,

I have the following problem with the Adobe SVG viewer:
I try to generate a SVG document using PHP. the following code is working
well under Firefox, as well as IE with ASV:

');
$svgwidth=500;
$svgheight=400;
?>

http://www.w3.org/TR/SVG/DTD/svg10.dtd";>

xmlns="http://www.w3.org/2000/svg";>
   This is a php-random rectangle test
\n";
}
?>
   The servers Date and Time is: 
   You are running:
   


If now I want to include the session_start() at the beginning of the code,
in IE I got a pop-up dialog called "download file"

What am I doing wrong ?

Regards,
Aurelie




It appears IE does not support svg yet and you need a plugin for it.

However, you could also design your code differently by using Imagemagick to 
convert the svg to png.

If that suits your needs, then use the modified code below:



xmlns="http://www.w3.org/2000/svg";>

   This is a php-random rectangle test';


for ($i = 0; $i < 20; $i++) {
$x = floor(rand(0,$svgwidth-1));
$y = floor(rand(0,$svgheight-1));
$width = floor(rand(0,$svgwidth-$x));
$height = floor(rand(0,$svgheight-$y));
$red = floor(rand(0,255));
$blue = floor(rand(0,255));
$green = floor(rand(0,255));
$color = "rgb(".$red.",".$green.",".$blue.")";
	$svg .= "\tstyle=\"fill:$color;\"/>\n";

}

   $svg .= 'text-anchor="middle">The servers Date and Time is: '.date("Y-m-d, 
H:m:s").'
   text-anchor="middle">You are running:
   text-anchor="middle">'.$HTTP_USER_AGENT.'

';


file_put_contents('/tmp/image.svg', $svg);

exec("/usr/bin/rsvg /tmp/image.svg /tmp/image.png");

echo file_get_contents('/tmp/image.png');
?>

-Ray Solomon



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables and SVG documents

[Ashley Sheridan]

On Mon, 2010-02-01 at 11:37 +0100, Aurelie REYMUND wrote:

> Hello,
> 
> I have the following problem with the Adobe SVG viewer:
> I try to generate a SVG document using PHP. the following code is working
> well under Firefox, as well as IE with ASV:
> 
>  
> header("Content-type: image/svg+xml");
> 
> $graph_title = 'title';
> 
> 
> print('');
> $svgwidth=500;
> $svgheight=400;
> ?>
> 
>  http://www.w3.org/TR/SVG/DTD/svg10.dtd";>
>  xmlns="http://www.w3.org/2000/svg";>
> This is a php-random rectangle test
>  srand((double) microtime() * 100); //initalizing random generator
> for ($i = 0; $i < 20; $i+=1) {
> $x = floor(rand(0,$svgwidth-1)); //avoid getting a range 0..0 for rand
> function
> $y = floor(rand(0,$svgheight-1));
> $width = floor(rand(0,$svgwidth-$x)); //avoid getting rect outside of
> viewbox
> $height = floor(rand(0,$svgheight-$y));
> $red = floor(rand(0,255));
> $blue = floor(rand(0,255));
> $green = floor(rand(0,255));
> $color = "rgb(".$red.",".$green.",".$
> blue.")";
> print "\t style=\"fill:$color;\"/>\n";
> }
> ?>
>  text-anchor="middle">The servers Date and Time is:  (strftime("%Y-%m-%d, %H:%M:%S")); ?>
>  text-anchor="middle">You are running:
>  text-anchor="middle">
> 
> 
> If now I want to include the session_start() at the beginning of the code,
> in IE I got a pop-up dialog called "download file"
> 
> What am I doing wrong ?
> 
> Regards,
> Aurelie


It sounds like it's the SVG plugin you're using on IE that's badly
misbehaving. That said, I've not seen any plugins that correctly pass
across the full headers that the browser would. I tried using sessions
once to secure media files by checking for a valid login against the
session id, but the plugins requesting the video clips didn't send any
cookie data in the header request. As such, it might be better to not
rely on it in this case.

Thanks,
Ash
http://www.ashleysheridan.co.uk

RE: [PHP] SESSION VARIABLES ACROSS DIFFERENT WINDOWS/TABS

[Leon du Plessis]

Hi Jamie. 

Thanks. Good info. I knew something changed somewhere. This works like a
charm in IE8..never saw the New Session option under file...me bad !!

Greetings.


-Original Message-
From: Jaime Bozza [mailto:jbo...@mindsites.com] 
Sent: 20 August 2009 09:49 PM
To: Leon du Plessis; 'Floyd Resler'
Cc: a...@dotcontent.net; php-general@lists.php.net
Subject: RE: [PHP] SESSION VARIABLES ACROSS DIFFERENT WINDOWS/TABS

Leon,

This is really just a function of the browser.   When a session cookie is
created, if the browser is setup for a single instance, that's the session
cookie it'll use for *any* request to that domain.  This functions
differently depending on what browser you're using.

For example:
Firefox - All windows, tabs, etc, under the same profile will use the same
session.   If you create profiles, you can have different sessions.
IE7, IE6 - All tabs or windows opened from clicks will share the same
instance/session.  Starting IE from the icon will open up a "new"
instance/session.  This worked great if you wanted to run two different
sessions at the same site/domain.  Just start IE up from the icon again and
you'd have a new session.
IE8 - IE8 model changed, so that all browser windows, tabs, etc., run under
the same frame/session, much like Firefox.  Clicking the IE icon again now
just keeps the same frame and thus the same session.  Originally, this
sounded like a big problem, but IE8 introduced a new feature - File Menu ->
New Session.   This will open up a new window that will be a separate frame
that will not use current session cookies.

Here's just one of many links, but gives some helpful hints on the IE side:
http://blogs.msdn.com/ie/archive/2009/05/06/session-cookies-sessionstorage-a
nd-ie8.aspx

And another:
http://blogs.msdn.com/askie/archive/2009/05/08/session-management-within-int
ernet-explorer-8-0.aspx

One of the issues now is that if you close IE, your session does not
disappear.  In the past (IE7/IE6), your session would disappear if you
closed a browser window that you opened yourself, but it *wouldn't*
disappear if you closed a browser window that was opened by a click from
Outlook or another program.  This was a bit inconsistent.  I won't argue
whether or not their "fix" was the best way to go, but now it's at least
consistent.

Note - In Firefox, not even "Private Browsing" separates the session
cookies.  If you start Private Browsing (Firefox 3.5), log into a site, then
start a new browser window from the icon (that isn't in Private Browsing
mode), it shares the session cookies. (Before you ask, I just checked this
to be sure.)

IE8 "InPrivate Mode" is a totally separate session, cookies and all.  This
could possibly be another way for you to run multiple sessions against the
same domain.  OTOH, multiple InPrivate sessions running at the same time
share the same frame, so they share the same session, so it would only be
good for a single new session.  If you need more, just use File - New
Session.

Jaime 


> -Original Message-
> From: Leon du Plessis [mailto:l...@dsgnit.com]
> Sent: Thursday, August 20, 2009 8:16 AM
> To: 'Floyd Resler'
> Cc: a...@dotcontent.net; php-general@lists.php.net
> Subject: [PHP] SESSION VARIABLES ACROSS DIFFERENT WINDOWS/TABS
> 
> It is just strange that I have this "condition" now...maybe I missed it
> a
> year ago ?
> 
> >> "Having a different session start up for each window for tab would
> be a
> major pain."
> 
> Why?
> 
> People must please try and understand what I mean by NEW. It does not
> apply
> to windows/tabs being opened from a link or request.
> 
> Imho, keeping the session per domain "sounds" wrong, it does not mean
> it is.
> It would have been nice if:
> 
> Browser/tab one -> my login detail container A.
> Browser/tab two -> my admin login container B.
> (tabs/windows opened from browser one, then inherits container A
> naturally)
> (Closing browser one, then destroys container A then naturally only)
> 
> NOT
> 
> Domain.com -> one session container only.
> 
> Heck, I am surprised it works that way at all cause it "sounds" like
> the
> domain can then only handle one user a time if arrays are not used or
> profiles not created on FF no matter where the request come from, but,
> then
> I am obviously missing something in this respect as stated. When I have
> time
> I will reconstruct this concept again.
> 
> Thanks anyway guys. I received some helpful advise for future
> reference.
> 
> But please..I do not, like many others, want to start a war. I am ok
> with
> things how they are. We can put this thing to rest.
> 
> -Original Message-
> From: Floyd Resler [mailto:fres...@adex-intl.c

RE: [PHP] SESSION VARIABLES ACROSS DIFFERENT WINDOWS/TABS

[Jaime Bozza]

Leon,

This is really just a function of the browser.   When a session cookie is 
created, if the browser is setup for a single instance, that's the session 
cookie it'll use for *any* request to that domain.  This functions differently 
depending on what browser you're using.

For example:
Firefox - All windows, tabs, etc, under the same profile will use the same 
session.   If you create profiles, you can have different sessions.
IE7, IE6 - All tabs or windows opened from clicks will share the same 
instance/session.  Starting IE from the icon will open up a "new" 
instance/session.  This worked great if you wanted to run two different 
sessions at the same site/domain.  Just start IE up from the icon again and 
you'd have a new session.
IE8 - IE8 model changed, so that all browser windows, tabs, etc., run under the 
same frame/session, much like Firefox.  Clicking the IE icon again now just 
keeps the same frame and thus the same session.  Originally, this sounded like 
a big problem, but IE8 introduced a new feature - File Menu -> New Session.   
This will open up a new window that will be a separate frame that will not use 
current session cookies.

Here's just one of many links, but gives some helpful hints on the IE side:
http://blogs.msdn.com/ie/archive/2009/05/06/session-cookies-sessionstorage-and-ie8.aspx

And another:
http://blogs.msdn.com/askie/archive/2009/05/08/session-management-within-internet-explorer-8-0.aspx

One of the issues now is that if you close IE, your session does not disappear. 
 In the past (IE7/IE6), your session would disappear if you closed a browser 
window that you opened yourself, but it *wouldn't* disappear if you closed a 
browser window that was opened by a click from Outlook or another program.  
This was a bit inconsistent.  I won't argue whether or not their "fix" was the 
best way to go, but now it's at least consistent.

Note - In Firefox, not even "Private Browsing" separates the session cookies.  
If you start Private Browsing (Firefox 3.5), log into a site, then start a new 
browser window from the icon (that isn't in Private Browsing mode), it shares 
the session cookies. (Before you ask, I just checked this to be sure.)

IE8 "InPrivate Mode" is a totally separate session, cookies and all.  This 
could possibly be another way for you to run multiple sessions against the same 
domain.  OTOH, multiple InPrivate sessions running at the same time share the 
same frame, so they share the same session, so it would only be good for a 
single new session.  If you need more, just use File - New Session.

Jaime 


> -Original Message-
> From: Leon du Plessis [mailto:l...@dsgnit.com]
> Sent: Thursday, August 20, 2009 8:16 AM
> To: 'Floyd Resler'
> Cc: a...@dotcontent.net; php-general@lists.php.net
> Subject: [PHP] SESSION VARIABLES ACROSS DIFFERENT WINDOWS/TABS
> 
> It is just strange that I have this "condition" now...maybe I missed it
> a
> year ago ?
> 
> >> "Having a different session start up for each window for tab would
> be a
> major pain."
> 
> Why?
> 
> People must please try and understand what I mean by NEW. It does not
> apply
> to windows/tabs being opened from a link or request.
> 
> Imho, keeping the session per domain "sounds" wrong, it does not mean
> it is.
> It would have been nice if:
> 
> Browser/tab one -> my login detail container A.
> Browser/tab two -> my admin login container B.
> (tabs/windows opened from browser one, then inherits container A
> naturally)
> (Closing browser one, then destroys container A then naturally only)
> 
> NOT
> 
> Domain.com -> one session container only.
> 
> Heck, I am surprised it works that way at all cause it "sounds" like
> the
> domain can then only handle one user a time if arrays are not used or
> profiles not created on FF no matter where the request come from, but,
> then
> I am obviously missing something in this respect as stated. When I have
> time
> I will reconstruct this concept again.
> 
> Thanks anyway guys. I received some helpful advise for future
> reference.
> 
> But please..I do not, like many others, want to start a war. I am ok
> with
> things how they are. We can put this thing to rest.
> 
> -Original Message-
> From: Floyd Resler [mailto:fres...@adex-intl.com]
> Sent: 20 August 2009 02:25 PM
> To: Leon du Plessis
> Cc: a...@dotcontent.net; php-general@lists.php.net
> Subject: Re: [PHP] SESSIONS lost sometimes
> 
> Leon,
>   Sessions are used on a per-domain basis.  So, no matter how many
> windows or tabs you have open for mydomain.com it will be the same
> session for all.  Having a different session start up for each window
> or tab would be a major pain.  If you needed to keep track of a user
> ID, for example, you wouldn't be able to.  As already mentioned you
> can use different browsers.  You can also set up sub-domains which
> would each have their own sessions.
> 
> Take care,
> Floyd
> 
> On Aug 20, 2009, at 4:26 AM, Leon du Plessis wrote:
> 
> > ">> It's not a

Re: [PHP] SESSION VARIABLES ACROSS DIFFERENT WINDOWS/TABS

[Ashley Sheridan]

On Thu, 2009-08-20 at 15:16 +0200, Leon du Plessis wrote:
> It is just strange that I have this "condition" now...maybe I missed it a
> year ago ? 
> 
> >> "Having a different session start up for each window for tab would be a
> major pain."
> 
> Why? 
> 
> People must please try and understand what I mean by NEW. It does not apply
> to windows/tabs being opened from a link or request.
> 
> Imho, keeping the session per domain "sounds" wrong, it does not mean it is.
> It would have been nice if:
> 
> Browser/tab one -> my login detail container A.
> Browser/tab two -> my admin login container B.
> (tabs/windows opened from browser one, then inherits container A naturally)
> (Closing browser one, then destroys container A then naturally only)
> 
> NOT
> 
> Domain.com -> one session container only.
> 
> Heck, I am surprised it works that way at all cause it "sounds" like the
> domain can then only handle one user a time if arrays are not used or
> profiles not created on FF no matter where the request come from, but, then
> I am obviously missing something in this respect as stated. When I have time
> I will reconstruct this concept again.
> 
> Thanks anyway guys. I received some helpful advise for future reference.
> 
> But please..I do not, like many others, want to start a war. I am ok with
> things how they are. We can put this thing to rest.
> 
> -Original Message-
> From: Floyd Resler [mailto:fres...@adex-intl.com] 
> Sent: 20 August 2009 02:25 PM
> To: Leon du Plessis
> Cc: a...@dotcontent.net; php-general@lists.php.net
> Subject: Re: [PHP] SESSIONS lost sometimes
> 
> Leon,
>   Sessions are used on a per-domain basis.  So, no matter how many  
> windows or tabs you have open for mydomain.com it will be the same  
> session for all.  Having a different session start up for each window  
> or tab would be a major pain.  If you needed to keep track of a user  
> ID, for example, you wouldn't be able to.  As already mentioned you  
> can use different browsers.  You can also set up sub-domains which  
> would each have their own sessions.
> 
> Take care,
> Floyd
> 
> On Aug 20, 2009, at 4:26 AM, Leon du Plessis wrote:
> 
> > ">> It's not an issue, it's a feature."
> >
> > Thanks Arno...but it is a pain also.
> > If I work with user A in Tab1 (window1), I want to work with user B
> > separately in Tab2. When user in Tab2 logs off, I still want user A  
> > to work,
> > and not suddenly have to re-login. Same with bank. If I work with my  
> > company
> > account, then my personal account must not become an issue because I  
> > am on
> > the same machine and site.
> >
> > I have no issue with using FF and IE to do testing as that takes  
> > care of
> > browser compatibility testing at the same time :-), but I think when  
> > you
> > start a new session with new values, it should be kept under that  
> > window/tab
> > alone. Cookies can take care of more details, but my opinion is data  
> > should
> > never be affected across windows/tabs unless the same user is logged  
> > in on
> > botheven then I would expect PHP to keep data per session. Maybe  
> > it goes
> > beyond being an IE or FF issue..the questiojn is...will PHP allow  
> > variables
> > from session A become corrupted when session B is in progress when  
> > they
> > should actually be handled seperately?
> >
> > In the end I think it is something I do wrong in PHP with the SESSION
> > variables and how I clear themif so...I don't think PHP should  
> > allow
> > clearing SESSION variables from other sessions.
> >
> > -Original Message-
> > From: Arno Kuhl [mailto:ak...@telkomsa.net]
> > Sent: 20 August 2009 10:03 AM
> > To: 'Leon du Plessis'; php-general@lists.php.net
> > Subject: RE: [PHP] SESSIONS lost sometimes
> >
> > -Original Message-
> > From: Leon du Plessis [mailto:l...@dsgnit.com]
> > Sent: 20 August 2009 09:44 AM
> > To: php-general@lists.php.net
> > Subject: RE: [PHP] SESSIONS lost sometimes
> >
> > Since we are on the subject: I have the following similar problem:
> >
> > When testing page on internet explorer, I find that one tab's  
> > variables can
> > affect another tab's variables. Thus when having the same web-site  
> > open and
> > using SESSION variables but for different users, Internet explorer can
> > become "disorientated". This also "sometimes" happen when I have two
> > separate browsing windows open with Internet Explorer for the same  
> > site.
> >
> > I have yet to determine if this is an internet explorer, or PHP or
> > combination of the two that is causing this condition.
> >
> > To my understanding _SESSION variables should be maintained per  
> > session, tab
> > or window. If this has been addressed already, my apologies, but  
> > thought it
> > worthwhile to mention.
> >
> > If someone perhaps have a solution or can confirm this as a known  
> > issue and
> > maybe is the same or related to Angelo's problem?
> >
> > 
> >
> > If different bro

Re: [PHP] session variables - help RESOLVED

[Allen McCabe]

Thanks everyone for your help, I finally got it working.

For those that were curious, my writeResultRow() function was not naming the
input fields properly, so the SESSION variables could not be updated
properly. I had to add an array item for each show, an id, then call the id
to name the inputs with.

On Fri, Aug 14, 2009 at 11:13 AM, Ben Dunlap wrote:

> Great, hope it helps! -Ben
>
> On Fri, Aug 14, 2009 at 10:52 AM, Allen McCabe
> wrote:
> > This is an EXCELLENT idea.
> >
>

Re: [PHP] session variables - help

[Ben Dunlap]

> Thanks all for your patience! I will work on this today and write back with
> any further questions I can't figure out on my own. And if anyone has any
> advice I will be checking my email regularly.

If you've already tried this with no luck, please ignore -- but you
might speed up the whole process by stepping aside from the "real"
code briefly, starting fresh in an empty directory, and just putting
together a handful of extremely simple scripts with the single goal of
entering one value, updating it, and then doing some final
pseudo-processing on the updated value.

Then, you could step it up a bit by by adding a second value that gets
entered at the beginning, and cannot be updated in the middle but must
be preserved through to the end.

Doing all this might help clarify the basic flow of the system and
enable you to simplify its structure before going back and tackling
the real code.

Ben

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables - help

[Martin Scotta]

On Fri, Aug 14, 2009 at 12:25 PM, Allen McCabe wrote:

> Thank you all for your responses.
>
> Mike.
>
> I like the ii option better, mostly because I already have most of that in
> place (ie. order posts to process, and process has editable fields and
> hidden fields with the remaining complimentary values).
> Martin suggested I use the following code for my update script (which is
> posted to via the process page):
>
> [code]
>
> foreach($_POST as $key => $value)
>if( '0' == $value || '' == $value )
>{
>/*if*/ session_is_registered( $key ) &&
>session_unregister( $key );
>}
>
> [/code]
>
> I am not following the logic on the above code very well, but is this
> indeed
> a better option? And is not session_*whatever deprecated? The reason I am
> using $_SESSION is because it seems that php 6 will use solely this method,
> and it currently works with php 5. The other reason I am using it is so
> that
> I can keep the variables stored elsewhere for whenever I need them; I don't
> want to have to juggle all the information with POST and hidden inputs
> unless it will work seamlessly, and be ready for update at a later date (if
> I move to using a database to store show information, or when php 6 is
> mainstream).
>
> Keep in mind that once I get the update feature working, I need the process
> page to have a final submit button that will insert the order into a
> database table AND send a notification email to myself (and an email to the
> user). Am I setting myself up for failure with this udate order option? I
> ask because the update feature relies on a form, and are not forms limited
> to one submit button?
>
> Thanks all for your patience! I will work on this today and write back with
> any further questions I can't figure out on my own. And if anyone has any
> advice I will be checking my email regularly.
>
> Allen
> On Fri, Aug 14, 2009 at 7:52 AM, Ford, Mike  wrote:
>
> > > -Original Message-
> > > From: Allen McCabe [mailto:allenmcc...@gmail.com]
> > > Sent: 14 August 2009 06:58
> > >
> > > Here is some more complete code:
> > >
> > > [code = order_process.php]
> > >
> > >  > > session_start();
> > > // POST ALL $_POST VALUES, CREATE AS VARIABLES IN SESSION
> > > foreach($_POST as $k=>$v) {
> > >  $_SESSION[$k]=$v;
> > > }
> > >
> > > $thisPage="AFY";  //NAVIGATION PURPOSES
> > > include("afyshows.php"); //CONTAINS ARRAYS FOR SHOW ENTITIES;
> > > POPULATES
> > > ORDER FORM
> > > ?>
> > >
> > > . . .
> > >
> > > 
> > >  
> >
> > Er wait, no! Sessions and hidden form fields are generally alternative
> > solutions to the same problem -- you shouldn't be putting the same values
> > both in the session and in hidden form fields.  In this case, I'm
> beginning
> > to suspect that the hidden fields are the better solution, but there is a
> > certain amount of personal preference in this.
> >
> > >  
> > >  
> > >  
> > >  
> > >  
> > >  
> > >  
> > >  
> > >   > > />
> > >  
> > > . . .
> > >
> > >  > >
> > > function findTotalCost($b, $c) {
> > >  $total = $b * $c;
> > >  return $total;
> > > }
> > >
> > > function writeResultRow($a, $b, $c, $d, $e, $f) {
> > >  if($a != '') {
> > >   echo "\n\n\t";
> > >   echo "".$b."".$c."".$d."";
> > >   echo "".$e."  > > value='".$a."'
> > > name='".$a."' id='".$a."' size='2'
> > > />=\$".$f."";
> > >   echo "";
> > >  }
> > > }
> > >
> > > //SETS $Total_show_01 to PRICE * QUANTITY
> > > //FORMATS TOTAL
> > > //IF A QUANTITY IS ENTERED, WRITES THE ROW WITH CURRENT VARIABLES
> > > $Total_show_01 = findTotalCost($shows['show_01']['price'],
> > > $_SESSION['show_01_qty']);
> > > $Total_show_01_fmtd = number_format($Total_show_01, 2, '.', '');
> > > writeResultRow($_SESSION['show_01_qty'], $shows['show_01']['title'],
> > > $shows['show_01']['date'], $shows['show_01']['time'],
> > > $shows['show_01']['price'],$Total_show_01_fmtd);
> > >
> > > //ABOVE LINES REPEATED FOR ALL 38 ENTITIES (show_01 to show_38)
> > >
> > > ?>
> > > . . .
> > >
> > > 
> > >
> > > [/code]
> >
> > If I'm reading what you want to do correctly, it seems to me there are
> two
> > obvious approaches to this:
> >
> > (i) Have a single form which posts back to itself, showing all the show
> > information and requested quantities and calculated result fields (such
> as
> > total cost); initially, this will have the calculated fields not
> displaying
> > anything, and these will be (re)populated at each Update.  Using this
> > method, all your values are contained solely within the $_POST array.
> >
> > (ii) Have your initial form post to the process form, which then also
> posts
> > to itself on Update. This process form will have visible fields only for
> > values which can be changed, but *must* then contain hidden fields for
> all
> > the other values which were originally passed in the $_POST array.  This
> > arrangement means that the process form always receives a full complement
> of
> > values in the $_POST array -- either from the original form, or from
>

Re: [PHP] session variables - help

[Allen McCabe]

Thank you all for your responses.

Mike.

I like the ii option better, mostly because I already have most of that in
place (ie. order posts to process, and process has editable fields and
hidden fields with the remaining complimentary values).
Martin suggested I use the following code for my update script (which is
posted to via the process page):

[code]

foreach($_POST as $key => $value)
if( '0' == $value || '' == $value )
{
/*if*/ session_is_registered( $key ) &&
session_unregister( $key );
}

[/code]

I am not following the logic on the above code very well, but is this indeed
a better option? And is not session_*whatever deprecated? The reason I am
using $_SESSION is because it seems that php 6 will use solely this method,
and it currently works with php 5. The other reason I am using it is so that
I can keep the variables stored elsewhere for whenever I need them; I don't
want to have to juggle all the information with POST and hidden inputs
unless it will work seamlessly, and be ready for update at a later date (if
I move to using a database to store show information, or when php 6 is
mainstream).

Keep in mind that once I get the update feature working, I need the process
page to have a final submit button that will insert the order into a
database table AND send a notification email to myself (and an email to the
user). Am I setting myself up for failure with this udate order option? I
ask because the update feature relies on a form, and are not forms limited
to one submit button?

Thanks all for your patience! I will work on this today and write back with
any further questions I can't figure out on my own. And if anyone has any
advice I will be checking my email regularly.

Allen
On Fri, Aug 14, 2009 at 7:52 AM, Ford, Mike  wrote:

> > -Original Message-
> > From: Allen McCabe [mailto:allenmcc...@gmail.com]
> > Sent: 14 August 2009 06:58
> >
> > Here is some more complete code:
> >
> > [code = order_process.php]
> >
> >  > session_start();
> > // POST ALL $_POST VALUES, CREATE AS VARIABLES IN SESSION
> > foreach($_POST as $k=>$v) {
> >  $_SESSION[$k]=$v;
> > }
> >
> > $thisPage="AFY";  //NAVIGATION PURPOSES
> > include("afyshows.php"); //CONTAINS ARRAYS FOR SHOW ENTITIES;
> > POPULATES
> > ORDER FORM
> > ?>
> >
> > . . .
> >
> > 
> >  
>
> Er wait, no! Sessions and hidden form fields are generally alternative
> solutions to the same problem -- you shouldn't be putting the same values
> both in the session and in hidden form fields.  In this case, I'm beginning
> to suspect that the hidden fields are the better solution, but there is a
> certain amount of personal preference in this.
>
> >  
> >  
> >  
> >  
> >  
> >  
> >  
> >  
> >   > />
> >  
> > . . .
> >
> >  >
> > function findTotalCost($b, $c) {
> >  $total = $b * $c;
> >  return $total;
> > }
> >
> > function writeResultRow($a, $b, $c, $d, $e, $f) {
> >  if($a != '') {
> >   echo "\n\n\t";
> >   echo "".$b."".$c."".$d."";
> >   echo "".$e."  > value='".$a."'
> > name='".$a."' id='".$a."' size='2'
> > />=\$".$f."";
> >   echo "";
> >  }
> > }
> >
> > //SETS $Total_show_01 to PRICE * QUANTITY
> > //FORMATS TOTAL
> > //IF A QUANTITY IS ENTERED, WRITES THE ROW WITH CURRENT VARIABLES
> > $Total_show_01 = findTotalCost($shows['show_01']['price'],
> > $_SESSION['show_01_qty']);
> > $Total_show_01_fmtd = number_format($Total_show_01, 2, '.', '');
> > writeResultRow($_SESSION['show_01_qty'], $shows['show_01']['title'],
> > $shows['show_01']['date'], $shows['show_01']['time'],
> > $shows['show_01']['price'],$Total_show_01_fmtd);
> >
> > //ABOVE LINES REPEATED FOR ALL 38 ENTITIES (show_01 to show_38)
> >
> > ?>
> > . . .
> >
> > 
> >
> > [/code]
>
> If I'm reading what you want to do correctly, it seems to me there are two
> obvious approaches to this:
>
> (i) Have a single form which posts back to itself, showing all the show
> information and requested quantities and calculated result fields (such as
> total cost); initially, this will have the calculated fields not displaying
> anything, and these will be (re)populated at each Update.  Using this
> method, all your values are contained solely within the $_POST array.
>
> (ii) Have your initial form post to the process form, which then also posts
> to itself on Update. This process form will have visible fields only for
> values which can be changed, but *must* then contain hidden fields for all
> the other values which were originally passed in the $_POST array.  This
> arrangement means that the process form always receives a full complement of
> values in the $_POST array -- either from the original form, or from hidden
> fields posted back to itself.
>
> This is all just coming off the top of my head, and I'm sure there are
> improvements/other solutions to be offered.  Hope this will give you some
> things to think about, and maybe a pointer or two towards a satisfactory
> solution.
>
>
> Cheers!
>
> Mike
>  --
> Mike Ford,
> Electronic Information D

RE: [PHP] session variables - help

[Ford, Mike]

> -Original Message-
> From: Allen McCabe [mailto:allenmcc...@gmail.com]
> Sent: 14 August 2009 06:58
> 
> Here is some more complete code:
> 
> [code = order_process.php]
> 
>  session_start();
> // POST ALL $_POST VALUES, CREATE AS VARIABLES IN SESSION
> foreach($_POST as $k=>$v) {
>  $_SESSION[$k]=$v;
> }
> 
> $thisPage="AFY";  //NAVIGATION PURPOSES
> include("afyshows.php"); //CONTAINS ARRAYS FOR SHOW ENTITIES;
> POPULATES
> ORDER FORM
> ?>
> 
> . . .
> 
> 
>  

Er wait, no! Sessions and hidden form fields are generally alternative 
solutions to the same problem -- you shouldn't be putting the same values both 
in the session and in hidden form fields.  In this case, I'm beginning to 
suspect that the hidden fields are the better solution, but there is a certain 
amount of personal preference in this.

>  
>  
>  
>  
>  
>  
>  
>  
>   />
>  
> . . .
> 
>  
> function findTotalCost($b, $c) {
>  $total = $b * $c;
>  return $total;
> }
> 
> function writeResultRow($a, $b, $c, $d, $e, $f) {
>  if($a != '') {
>   echo "\n\n\t";
>   echo "".$b."".$c."".$d."";
>   echo "".$e."  value='".$a."'
> name='".$a."' id='".$a."' size='2'
> />=\$".$f."";
>   echo "";
>  }
> }
> 
> //SETS $Total_show_01 to PRICE * QUANTITY
> //FORMATS TOTAL
> //IF A QUANTITY IS ENTERED, WRITES THE ROW WITH CURRENT VARIABLES
> $Total_show_01 = findTotalCost($shows['show_01']['price'],
> $_SESSION['show_01_qty']);
> $Total_show_01_fmtd = number_format($Total_show_01, 2, '.', '');
> writeResultRow($_SESSION['show_01_qty'], $shows['show_01']['title'],
> $shows['show_01']['date'], $shows['show_01']['time'],
> $shows['show_01']['price'],$Total_show_01_fmtd);
> 
> //ABOVE LINES REPEATED FOR ALL 38 ENTITIES (show_01 to show_38)
> 
> ?>
> . . .
> 
> 
> 
> [/code]

If I'm reading what you want to do correctly, it seems to me there are two 
obvious approaches to this:

(i) Have a single form which posts back to itself, showing all the show 
information and requested quantities and calculated result fields (such as 
total cost); initially, this will have the calculated fields not displaying 
anything, and these will be (re)populated at each Update.  Using this method, 
all your values are contained solely within the $_POST array.

(ii) Have your initial form post to the process form, which then also posts to 
itself on Update. This process form will have visible fields only for values 
which can be changed, but *must* then contain hidden fields for all the other 
values which were originally passed in the $_POST array.  This arrangement 
means that the process form always receives a full complement of values in the 
$_POST array -- either from the original form, or from hidden fields posted 
back to itself.

This is all just coming off the top of my head, and I'm sure there are 
improvements/other solutions to be offered.  Hope this will give you some 
things to think about, and maybe a pointer or two towards a satisfactory 
solution.


Cheers!

Mike
 -- 
Mike Ford,
Electronic Information Developer, Libraries and Learning Innovation,  
Leeds Metropolitan University, C507, Civic Quarter Campus, 
Woodhouse Lane, LEEDS,  LS1 3HE,  United Kingdom 
Email: m.f...@leedsmet.ac.uk 
Tel: +44 113 812 4730





To view the terms under which this email is distributed, please go to 
http://disclaimer.leedsmet.ac.uk/email.htm

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] session variables - help

[Ford, Mike]

> -Original Message-
> From: Ford, Mike [mailto:m.f...@leedsmet.ac.uk]
> Sent: 14 August 2009 11:45


> > Now, here is the update_order.php code in entirety:
> >
> > [code]
> >
> >  > session_start();
> > foreach ($_SESSION as $var => $val) {
> >  if ($val == "0") {
> >   unset($_SESSION[$var]);
> >  } elseif ($val == '') {
> >   unset($_SESSION[$var]);
> >  } else {
> >   $val = $_SESSION[$var];
> 
> That line is back-to-front -- you're assigning the current value in
> the session to $val, which is then immediately thrown away as the
> foreach loop starts a new iteration. What you mean is
> $_SESSION[$var] = $val.

No, wait a minute, hold your foot up!  I was so focussed on the strange 
assignment that I didn't read the whole thing properly.  What you're *actually* 
doing here is -- er, well, totally not what you want to, I suspect! Having 
re-read the message I responded to, I'm going to go back to it and post another 
response


Cheers!

Mike
 -- 
Mike Ford,
Electronic Information Developer, Libraries and Learning Innovation,  
Leeds Metropolitan University, C507, Civic Quarter Campus, 
Woodhouse Lane, LEEDS,  LS1 3HE,  United Kingdom 
Email: m.f...@leedsmet.ac.uk 
Tel: +44 113 812 4730





To view the terms under which this email is distributed, please go to 
http://disclaimer.leedsmet.ac.uk/email.htm

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] session variables - help

[Ford, Mike]

> -Original Message-
> From: Allen McCabe [mailto:allenmcc...@gmail.com]
> Sent: 14 August 2009 06:58

 
> My ai with using unset($var) in update_order.php is to set the
> SESSION
> variable for an item to ' ' (empty) so that it would not show up on
> the
> order summary (because my writeResultRow() function will only write
> a row if
> that variable is greater than 0).
> 
> I just can't figure out what I'm missing here. Before I received
> your
> response, I made a few changes to my code, which helped streamline
> the
> calculating parts (grabbing values from SESSION instead of POST, and
> now
> when I update order_summary, the values will remain because it pulls
> them
> from the SESSION).
> 
> I want to edit the values in the SESSION, so that when
> update_order.php
> redirects to order_process.php, the values are changed, and if
> applicable,
> an item is removed from the html table (if the quantity is less than
> 1).
> 
> Here is some more complete code:
> 
> [code = order_process.php]
> 
>  session_start();
> // POST ALL $_POST VALUES, CREATE AS VARIABLES IN SESSION
> foreach($_POST as $k=>$v) {
>  $_SESSION[$k]=$v;
> }

This has just destroyed anything that was previously in the session, so if 
you're recycling from the update_order.php script, you've just thrown away 
whatever that script did!  You need to make this conditional on having arrived 
here from the initial form -- various ways you could do that, but I leave you 
to figure that one out.

(Also, personally, if I were doing this at all, I would just copy the array as 
a single entity:

$_SESSION['_POST'] = $_POST;

and then reference individual elements through that as, e.g., 
$_SESSION['_POST']['School']. That's probably a matter of personal style as 
much as anything, but gives you another way to think about.)


[ . . . . ]


> 
>  
> function findTotalCost($b, $c) {
>  $total = $b * $c;
>  return $total;
> }
> 
> function writeResultRow($a, $b, $c, $d, $e, $f) {
>  if($a != '') {
>   echo "\n\n\t";
>   echo "".$b."".$c."".$d."";
>   echo "".$e."  value='".$a."'
> name='".$a."' id='".$a."' size='2'
> />=\$".$f."";
>   echo "";
>  }
> }
> 
> //SETS $Total_show_01 to PRICE * QUANTITY
> //FORMATS TOTAL
> //IF A QUANTITY IS ENTERED, WRITES THE ROW WITH CURRENT VARIABLES
> $Total_show_01 = findTotalCost($shows['show_01']['price'],
> $_SESSION['show_01_qty']);
> $Total_show_01_fmtd = number_format($Total_show_01, 2, '.', '');
> writeResultRow($_SESSION['show_01_qty'], $shows['show_01']['title'],
> $shows['show_01']['date'], $shows['show_01']['time'],
> $shows['show_01']['price'],$Total_show_01_fmtd);
> 
> //ABOVE LINES REPEATED FOR ALL 38 ENTITIES (show_01 to show_38)

AARRRGHHH!!

This cries out for an array-based solution -- repeating near-identical code 
that many times is totally ludicrous, and should be a major clue that you need 
to refactor.  You'll have to forgo using indexes like ['show_01'] and use 
straight integers, but the massive reduction in repetitive code (and hence far 
fewer opportunities for mistakes!) will be well worth it.

Something like:

   for ($i=1; $i<=38; ++$i):
  $Total[$i] = findTotalCost($shows[$i]['price'], $_SESSION['qty'][$i]);
  $Total_fmtd[$i] = number_format($Total[$i], 2, '.', '');
  writeResultRow($_SESSION['qty'][$i], $shows[$i]['title'], 
$shows[$i]['date'], $shows[$i]['time'], $shows[$i]['price'],$Total_fmtd[$i]);
   endfor;

[ . . . . ]
 
> Now, here is the update_order.php code in entirety:
> 
> [code]
> 
>  session_start();
> foreach ($_SESSION as $var => $val) {
>  if ($val == "0") {
>   unset($_SESSION[$var]);
>  } elseif ($val == '') {
>   unset($_SESSION[$var]);
>  } else {
>   $val = $_SESSION[$var];

That line is back-to-front -- you're assigning the current value in the session 
to $val, which is then immediately thrown away as the foreach loop starts a new 
iteration. What you mean is $_SESSION[$var] = $val.


Cheers!

Mike
 -- 
Mike Ford,
Electronic Information Developer, Libraries and Learning Innovation,  
Leeds Metropolitan University, C507, Civic Quarter Campus, 
Woodhouse Lane, LEEDS,  LS1 3HE,  United Kingdom 
Email: m.f...@leedsmet.ac.uk 
Tel: +44 113 812 4730






To view the terms under which this email is distributed, please go to 
http://disclaimer.leedsmet.ac.uk/email.htm

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables - help

[Ashley Sheridan]

On Fri, 2009-08-14 at 10:05 +0200, Ralph Deffke wrote:
> well thanks good they are far away then, but the problem is ur client, i
> didnt find anybody giving me the permission to beat his customers
> 
> "Ashley Sheridan"  wrote in message
> news:1250236989.2344.10.ca...@localhost...
> > On Fri, 2009-08-14 at 09:55 +0200, Ralph Deffke wrote:
> > > user often leave
> > > forms open for hours and then submit them
> >
> > These users should be taken out and beaten over the head with their
> > keyboards!
> >
> > Thanks,
> > Ash
> > http://www.ashleysheridan.co.uk
> >
> 
> 
> 

Beat them hard enough and they tend to forget who did it...

My life would be so much easier without end users!

Thanks,
Ash
http://www.ashleysheridan.co.uk


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables - help

[Ralph Deffke]

well thanks good they are far away then, but the problem is ur client, i
didnt find anybody giving me the permission to beat his customers

"Ashley Sheridan"  wrote in message
news:1250236989.2344.10.ca...@localhost...
> On Fri, 2009-08-14 at 09:55 +0200, Ralph Deffke wrote:
> > user often leave
> > forms open for hours and then submit them
>
> These users should be taken out and beaten over the head with their
> keyboards!
>
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables - help

[Ashley Sheridan]

On Fri, 2009-08-14 at 09:55 +0200, Ralph Deffke wrote:
> user often leave
> forms open for hours and then submit them

These users should be taken out and beaten over the head with their
keyboards!

Thanks,
Ash
http://www.ashleysheridan.co.uk


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables - help

[Ralph Deffke]

I'm realy sorry for u, but the reason for no answers is ur concept.

may be some rules will help u and I recommend u to think to spend the time
to rewrite the whole code. Im shure u will solve the problem then:
first  dont use the global arrays directly. pick the values u need and put
them in reasonable types of variables.
build the business logic on these variables and if u feel like put the
results in well readable new ones
then populate the presentation in the required htmls
this will give u an more structured code, easier to debug and more fun for
the group to help u

I still dont understand why u use the $_SESSION variable. user often leave
forms open for hours and then submit them. u can not expect a user to end a
job in the livecycle of the session. thats what hidden form fields are made
for.

the $_session is for member like things and applications with security
issues where u can expect the user to finish things in a certain time or u
restart the whole.

"Allen McCabe"  wrote in message
news:657acef20908132257x630719e1g4ecddcdff9492...@mail.gmail.com...
> Ben,
>
> First of all, I thank you for your time and help.
>
> My ai with using unset($var) in update_order.php is to set the SESSION
> variable for an item to ' ' (empty) so that it would not show up on the
> order summary (because my writeResultRow() function will only write a row
if
> that variable is greater than 0).
>
> I just can't figure out what I'm missing here. Before I received your
> response, I made a few changes to my code, which helped streamline the
> calculating parts (grabbing values from SESSION instead of POST, and now
> when I update order_summary, the values will remain because it pulls them
> from the SESSION).
>
> I want to edit the values in the SESSION, so that when update_order.php
> redirects to order_process.php, the values are changed, and if applicable,
> an item is removed from the html table (if the quantity is less than 1).
>
> Here is some more complete code:
>
> [code = order_process.php]
>
>  session_start();
> // POST ALL $_POST VALUES, CREATE AS VARIABLES IN SESSION
> foreach($_POST as $k=>$v) {
>  $_SESSION[$k]=$v;
> }
>
> $thisPage="AFY";  //NAVIGATION PURPOSES
> include("afyshows.php"); //CONTAINS ARRAYS FOR SHOW ENTITIES; POPULATES
> ORDER FORM
> ?>
>
> . . .
>
> 
>  
>  
>  
>  
>  
>  
>  
>  
>  
>   />
>  
> . . .
>
> 
> function findTotalCost($b, $c) {
>  $total = $b * $c;
>  return $total;
> }
>
> function writeResultRow($a, $b, $c, $d, $e, $f) {
>  if($a != '') {
>   echo "\n\n\t";
>   echo "".$b."".$c."".$d."";
>   echo "".$e."  name='".$a."' id='".$a."' size='2' />=\$".$f."";
>   echo "";
>  }
> }
>
> //SETS $Total_show_01 to PRICE * QUANTITY
> //FORMATS TOTAL
> //IF A QUANTITY IS ENTERED, WRITES THE ROW WITH CURRENT VARIABLES
> $Total_show_01 = findTotalCost($shows['show_01']['price'],
> $_SESSION['show_01_qty']);
> $Total_show_01_fmtd = number_format($Total_show_01, 2, '.', '');
> writeResultRow($_SESSION['show_01_qty'], $shows['show_01']['title'],
> $shows['show_01']['date'], $shows['show_01']['time'],
> $shows['show_01']['price'],$Total_show_01_fmtd);
>
> //ABOVE LINES REPEATED FOR ALL 38 ENTITIES (show_01 to show_38)
>
> ?>
> . . .
>
> 
>
> [/code]
>
> Now, here is the update_order.php code in entirety:
>
> [code]
>
>  session_start();
> foreach ($_SESSION as $var => $val) {
>  if ($val == "0") {
>   unset($_SESSION[$var]);
>  } elseif ($val == '') {
>   unset($_SESSION[$var]);
>  } else {
>   $val = $_SESSION[$var];
>
>  }
> }
> header("Location: order_process.php");
>
> //NOTICE I FIXED THE LOCATION OF THE header() FUNCTION
> //BUT IT STILL DOES NOT UPDATE
>
> ?>
>
> [/code]
>
> If you're still with me, I thank you. I removed all the styling elements
> from the html to make it easier for you (and me) to see what it says. I
have
> invested many hours into this, and have generated many many lines of code,
> but I hope what I gave you is sufficient, while not being overwhelming at
> this hour.
>
> Thank you very much for your help thus far, anything else would be greatly
> appreciated.
>
>
> On Thu, Aug 13, 2009 at 5:56 PM, Ben Dunlap
wrote:
>
> >
> >
> >> I have the following code for order_update.php:
> >>
> >> [code]
> >>
> >> session_start();
> >> extract($_POST);
> >> foreach ($_POST as $var => $val) {
> >>  if ($val > 0) {
> >>  $_SESSION[$var] = $val;
> >>  } else {
> >>  unset($var);
> >>
> >>  }
> >>  header("Location: order_process.php");
> >> }
> >>
> >> [/code]
> >>
> >> This is not working, however, and it just loads order_process.php with
no
> >> values for the varaibles, as if I just refreshed the page with no
> >> sessions.
> >
> >
> > Maybe you left it out but I didn't see any place where you used
$_SESSION
> > in order_process.php. Also, your redirect in order_update.php appears to
be
> > inside your foreach loop, which would definitely mess things right up -- 
but
> > maybe that was just a typo in your email?
> >
> > Otherwise the logic in order_update.php looks OK, but th

Re: [PHP] session variables - help

[Allen McCabe]

Ben,

First of all, I thank you for your time and help.

My ai with using unset($var) in update_order.php is to set the SESSION
variable for an item to ' ' (empty) so that it would not show up on the
order summary (because my writeResultRow() function will only write a row if
that variable is greater than 0).

I just can't figure out what I'm missing here. Before I received your
response, I made a few changes to my code, which helped streamline the
calculating parts (grabbing values from SESSION instead of POST, and now
when I update order_summary, the values will remain because it pulls them
from the SESSION).

I want to edit the values in the SESSION, so that when update_order.php
redirects to order_process.php, the values are changed, and if applicable,
an item is removed from the html table (if the quantity is less than 1).

Here is some more complete code:

[code = order_process.php]

$v) {
 $_SESSION[$k]=$v;
}

$thisPage="AFY";  //NAVIGATION PURPOSES
include("afyshows.php"); //CONTAINS ARRAYS FOR SHOW ENTITIES; POPULATES
ORDER FORM
?>

. . .


 
 
 
 
 
 
 
 
 
 
 
. . .

\n\t";
  echo "".$b."".$c."".$d."";
  echo "".$e." =\$".$f."";
  echo "";
 }
}

//SETS $Total_show_01 to PRICE * QUANTITY
//FORMATS TOTAL
//IF A QUANTITY IS ENTERED, WRITES THE ROW WITH CURRENT VARIABLES
$Total_show_01 = findTotalCost($shows['show_01']['price'],
$_SESSION['show_01_qty']);
$Total_show_01_fmtd = number_format($Total_show_01, 2, '.', '');
writeResultRow($_SESSION['show_01_qty'], $shows['show_01']['title'],
$shows['show_01']['date'], $shows['show_01']['time'],
$shows['show_01']['price'],$Total_show_01_fmtd);

//ABOVE LINES REPEATED FOR ALL 38 ENTITIES (show_01 to show_38)

?>
. . .



[/code]

Now, here is the update_order.php code in entirety:

[code]

 $val) {
 if ($val == "0") {
  unset($_SESSION[$var]);
 } elseif ($val == '') {
  unset($_SESSION[$var]);
 } else {
  $val = $_SESSION[$var];

 }
}
header("Location: order_process.php");

//NOTICE I FIXED THE LOCATION OF THE header() FUNCTION
//BUT IT STILL DOES NOT UPDATE

?>

[/code]

If you're still with me, I thank you. I removed all the styling elements
from the html to make it easier for you (and me) to see what it says. I have
invested many hours into this, and have generated many many lines of code,
but I hope what I gave you is sufficient, while not being overwhelming at
this hour.

Thank you very much for your help thus far, anything else would be greatly
appreciated.


On Thu, Aug 13, 2009 at 5:56 PM, Ben Dunlap wrote:

>
>
>> I have the following code for order_update.php:
>>
>> [code]
>>
>> session_start();
>> extract($_POST);
>> foreach ($_POST as $var => $val) {
>>  if ($val > 0) {
>>  $_SESSION[$var] = $val;
>>  } else {
>>  unset($var);
>>
>>  }
>>  header("Location: order_process.php");
>> }
>>
>> [/code]
>>
>> This is not working, however, and it just loads order_process.php with no
>> values for the varaibles, as if I just refreshed the page with no
>> sessions.
>
>
> Maybe you left it out but I didn't see any place where you used $_SESSION
> in order_process.php. Also, your redirect in order_update.php appears to be
> inside your foreach loop, which would definitely mess things right up -- but
> maybe that was just a typo in your email?
>
> Otherwise the logic in order_update.php looks OK, but there are a few side
> notes that jumped out:
>
> 1. I'm not seeing why you used "extract($_POST)" in order_update.php. Right
> after the extract() call, you iterate through $_POST with a foreach loop, so
> what's the purpose of calling extract()? Is there more code that you left
> out?
>
> 2. Calling "extract($_POST)" is dangerous. The PHP manual warns against it,
> although without giving much of an explanation:
>
> http://us2.php.net/manual/en/function.extract.php
>
> Apart from making it difficult to filter the input you're expecting to see,
> "extract($_POST)" also allows a malicious end-user to define any variable of
> his choosing and to overwrite any variables that you may have defined in the
> script before the extract() call.
>
> I like to use filter_input() to read the values of POST variables.
>
> By much the same token, you'll want to escape $a, etc., in your
> writeResultRow() function, with something like htmlentities().
>
> 3. Why the "unset($var)" in order_update.php? $var already gets reset each
> time foreach iterates. So, calling unset() on it at the end of the loop
> doesn't really do much. I'm wondering what you were aiming at there.
>
> Thanks,
>
> Ben
>
>

Re: [PHP] session variables - help

[Ben Dunlap]

>
> I have the following code for order_update.php:
>
> [code]
>
> session_start();
> extract($_POST);
> foreach ($_POST as $var => $val) {
>  if ($val > 0) {
>  $_SESSION[$var] = $val;
>  } else {
>  unset($var);
>
>  }
>  header("Location: order_process.php");
> }
>
> [/code]
>
> This is not working, however, and it just loads order_process.php with no
> values for the varaibles, as if I just refreshed the page with no sessions.


Maybe you left it out but I didn't see any place where you used $_SESSION in
order_process.php. Also, your redirect in order_update.php appears to be
inside your foreach loop, which would definitely mess things right up -- but
maybe that was just a typo in your email?

Otherwise the logic in order_update.php looks OK, but there are a few side
notes that jumped out:

1. I'm not seeing why you used "extract($_POST)" in order_update.php. Right
after the extract() call, you iterate through $_POST with a foreach loop, so
what's the purpose of calling extract()? Is there more code that you left
out?

2. Calling "extract($_POST)" is dangerous. The PHP manual warns against it,
although without giving much of an explanation:

http://us2.php.net/manual/en/function.extract.php

Apart from making it difficult to filter the input you're expecting to see,
"extract($_POST)" also allows a malicious end-user to define any variable of
his choosing and to overwrite any variables that you may have defined in the
script before the extract() call.

I like to use filter_input() to read the values of POST variables.

By much the same token, you'll want to escape $a, etc., in your
writeResultRow() function, with something like htmlentities().

3. Why the "unset($var)" in order_update.php? $var already gets reset each
time foreach iterates. So, calling unset() on it at the end of the loop
doesn't really do much. I'm wondering what you were aiming at there.

Thanks,

Ben

Re: [PHP] Session variables

[German Geek]

Yeah i guess the cookie doesn't need to be stored on the server since it's
in the header anyway.

Thanks for clearing that up.

Tim-Hinnerk Heuer

http://www.ihostnz.com
Charles M. Schulz  - "I love mankind; it's people I can't stand."

2009/2/7 Stuart 

> 2009/2/7 Paul M Foster :
> > I'm not too clear on HTTP headers, cookies, and such. So here are
> > questions related to that. Let's say I generate a random number that I
> > want the user to enter in a form. When I generate the number, I store it
> > in a session variable ($_SESSION). When the user submits the form, I
> > check the number they enter with what I've stored in the session
> > variable.
> >
> > Since this session variable survives across page loads (assuming
> > session_start() is appropriately called), how is it stored and recalled?
> >
> > Is it automatically stored as a cookie on the user's system?
> >
> > Or is it stored on the server?
> >
> > And how does a server "get" a cookie?
> >
> > Is it a separate request made by the server to the client?
> >
> > If the value I've asked the user for is *not* stored as a cookie, then
> > is it passed as part of the HTTP submission or what?
> >
> > Thanks for any enlightenment on this.
>
> Session data is stored on the server and tied to a browser using a
> cookie. The cookie contains a random string which uniquely identifies
> a session on the server. The session_start() function handles all the
> details of setting and maintaining that cookie and managing the
> server-side data.
>
> Cookies are transferred between client and server with every request
> in the headers. If you don't have Firefox getfirefox.com. The google
> for the livehttpheaders addon and install that. Turn it on and browse
> your site. You will see the cookies in the headers of both requests
> and responses. Cookies are not stored on the server side, they are
> sent by the client with each request.
>
> No additional HTTP requests are involved when using sessions.
>
> -Stuart
>
> --
> http://stut.net/
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

Re: [PHP] Session variables

[Stuart]

2009/2/7 Paul M Foster :
> I'm not too clear on HTTP headers, cookies, and such. So here are
> questions related to that. Let's say I generate a random number that I
> want the user to enter in a form. When I generate the number, I store it
> in a session variable ($_SESSION). When the user submits the form, I
> check the number they enter with what I've stored in the session
> variable.
>
> Since this session variable survives across page loads (assuming
> session_start() is appropriately called), how is it stored and recalled?
>
> Is it automatically stored as a cookie on the user's system?
>
> Or is it stored on the server?
>
> And how does a server "get" a cookie?
>
> Is it a separate request made by the server to the client?
>
> If the value I've asked the user for is *not* stored as a cookie, then
> is it passed as part of the HTTP submission or what?
>
> Thanks for any enlightenment on this.

Session data is stored on the server and tied to a browser using a
cookie. The cookie contains a random string which uniquely identifies
a session on the server. The session_start() function handles all the
details of setting and maintaining that cookie and managing the
server-side data.

Cookies are transferred between client and server with every request
in the headers. If you don't have Firefox getfirefox.com. The google
for the livehttpheaders addon and install that. Turn it on and browse
your site. You will see the cookies in the headers of both requests
and responses. Cookies are not stored on the server side, they are
sent by the client with each request.

No additional HTTP requests are involved when using sessions.

-Stuart

-- 
http://stut.net/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables

[German Geek]

The session data is stored on the server. In the user's browser, only a
session cookie is stored, usually a random session id string. I could never
retrieve the session variables with any browser tools, always only with PHP
by echoing them out or something. Also, a cookie is simply a text file with
a maximum of 4096 characters on the user's browser, not enough to store big
session variables with big objects. So, the user's browser just stores a
cookie with the session id, so that the server knows which user to map to
which session variables. The session variables (in PHP) are stored in the
temporary directory on the server in a text file (flattened or serialized),
where the server can retrieve them across requests. This is important for
security reasons. You might not want the user to be able to view certain
variables in their browser otherwise they could change them and cause some
damage, e.g. imagine a user has a permission level between 1 and 10 and 1 is
the super user. You can store this level in a session variable, and the user
cannot change it. If they could, it would be a disaster! Also, if one could
store more than 4096 characters, it would be relatively easy to write out
some session variables in order to flood the browser memory and make it
crash or even worse.

Oh, and the Cookies, as far as i know, are always sent in the http headers.
They are stored on both client and server and can be set on both sides, with
javascript or server side code (php). So they can only be checked in every
request by the server side code, and while javascript is being executed on
the client.

Please correct me if I'm wrong because I would need to review a lot of code
in which it is assumed that session variables are NOT stored on the user's
machine.


Makes sense?

Regards,
Tim

Tim-Hinnerk Heuer

http://www.ihostnz.com


On Sat, Feb 7, 2009 at 8:11 PM, Phpster  wrote:

> A Session is stored on the user browser in a session ( in memory cookie)
> and on the server as a file. The session mgmt tools will read the file as
> needed.
>
> Bastien
>
> Sent from my iPod
>
>
> On Feb 7, 2009, at 1:58, Paul M Foster  wrote:
>
>  I'm not too clear on HTTP headers, cookies, and such. So here are
>> questions related to that. Let's say I generate a random number that I
>> want the user to enter in a form. When I generate the number, I store it
>> in a session variable ($_SESSION). When the user submits the form, I
>> check the number they enter with what I've stored in the session
>> variable.
>>
>> Since this session variable survives across page loads (assuming
>> session_start() is appropriately called), how is it stored and recalled?
>>
>> Is it automatically stored as a cookie on the user's system?
>>
>> Or is it stored on the server?
>>
>> And how does a server "get" a cookie?
>>
>> Is it a separate request made by the server to the client?
>>
>> If the value I've asked the user for is *not* stored as a cookie, then
>> is it passed as part of the HTTP submission or what?
>>
>> Thanks for any enlightenment on this.
>>
>> Paul
>> --
>> Paul M. Foster
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

Re: [PHP] Session variables

[Phpster]

A Session is stored on the user browser in a session ( in memory  
cookie) and on the server as a file. The session mgmt tools will read  
the file as needed.


Bastien

Sent from my iPod

On Feb 7, 2009, at 1:58, Paul M Foster  wrote:


I'm not too clear on HTTP headers, cookies, and such. So here are
questions related to that. Let's say I generate a random number that I
want the user to enter in a form. When I generate the number, I  
store it

in a session variable ($_SESSION). When the user submits the form, I
check the number they enter with what I've stored in the session
variable.

Since this session variable survives across page loads (assuming
session_start() is appropriately called), how is it stored and  
recalled?


Is it automatically stored as a cookie on the user's system?

Or is it stored on the server?

And how does a server "get" a cookie?

Is it a separate request made by the server to the client?

If the value I've asked the user for is *not* stored as a cookie, then
is it passed as part of the HTTP submission or what?

Thanks for any enlightenment on this.

Paul
--
Paul M. Foster

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] SESSION variables

[Ron Piggott]

Oops

Logins are from

http://www.rons-home.net/page/login-greeting/

Blog postings are from

http://www.rons-home.net/blog/28/

with the word 'page' gone the session variable doesn't acknowledge the
login.

Ron


On Sat, 2008-10-11 at 21:12 -0400, Ron Piggott wrote:
> I did some more testing.  The URL is the problem.  
> 
> Logins are from
> 
> 
> On Sat, 2008-10-11 at 19:59 -0400, Daniel Brown wrote:
> > On Sat, Oct 11, 2008 at 7:49 PM, Ron Piggott <[EMAIL PROTECTED]> wrote:
> > > I am programming a blog.
> > >
> > > index.php sets up the layout for the web page.  This includes the
> > > heading, left hand and bottom menus.
> > >
> > > The content  is loaded by the command:
> > >
> > > include($filename);
> > >
> > > the $_SESSION variables aren't available to files like blog.php .  The
> > > session variables only work in the initial file, index.php.
> > 
> > Did you remember to add session_start() to the head of the master
> > file that's including the other files?
> > 
-- 

Acts Ministries Christian Evangelism
Where People Matter
12 Burton Street
Belleville, Ontario, Canada 
K8P 1E6

[EMAIL PROTECTED]
www.actsministrieschristianevangelism.org

In Belleville Phone: (613) 967-0032
In North America Call Toll Free: (866) ACTS-MIN
Fax: (613) 967-9963


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] SESSION variables

[Ron Piggott]

I did some more testing.  The URL is the problem.  

Logins are from


On Sat, 2008-10-11 at 19:59 -0400, Daniel Brown wrote:
> On Sat, Oct 11, 2008 at 7:49 PM, Ron Piggott <[EMAIL PROTECTED]> wrote:
> > I am programming a blog.
> >
> > index.php sets up the layout for the web page.  This includes the
> > heading, left hand and bottom menus.
> >
> > The content  is loaded by the command:
> >
> > include($filename);
> >
> > the $_SESSION variables aren't available to files like blog.php .  The
> > session variables only work in the initial file, index.php.
> 
> Did you remember to add session_start() to the head of the master
> file that's including the other files?
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] SESSION variables

[Ron Piggott]

This is one of the first commands given.  

I am using modrewrites to call the blog entries.  

blog.php is responsible for displaying both the table of contents and
the blog entries.  When the table of contents is called
(http://www.rons-home.net/page/blog/ ) the session variables are
present.  When an actual blog entry is displayed
( http://www.rons-home.net/blog/28/ ) the session variables aren't
there.

I am not sure what is happening / why.  

The login is at http://www.rons-home.net/page/login/  It has 'page' in
the URL.  But I am not sure why this should upset the session
variables ...

Any thoughts?

Ron

On Sat, 2008-10-11 at 19:59 -0400, Daniel Brown wrote:
> On Sat, Oct 11, 2008 at 7:49 PM, Ron Piggott <[EMAIL PROTECTED]> wrote:
> > I am programming a blog.
> >
> > index.php sets up the layout for the web page.  This includes the
> > heading, left hand and bottom menus.
> >
> > The content  is loaded by the command:
> >
> > include($filename);
> >
> > the $_SESSION variables aren't available to files like blog.php .  The
> > session variables only work in the initial file, index.php.
> 
> Did you remember to add session_start() to the head of the master
> file that's including the other files?
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] SESSION variables

[Daniel Brown]

On Sat, Oct 11, 2008 at 7:49 PM, Ron Piggott <[EMAIL PROTECTED]> wrote:
> I am programming a blog.
>
> index.php sets up the layout for the web page.  This includes the
> heading, left hand and bottom menus.
>
> The content  is loaded by the command:
>
> include($filename);
>
> the $_SESSION variables aren't available to files like blog.php .  The
> session variables only work in the initial file, index.php.

Did you remember to add session_start() to the head of the master
file that's including the other files?

-- 

More full-root dedicated server packages:
Intel 2.4GHz/60GB/512MB/2TB $49.99/mo.
Intel 3.06GHz/80GB/1GB/2TB $59.99/mo.
Intel 2.4GHz/320/GB/1GB/3TB $74.99/mo.
Dedicated servers, VPS, and hosting from $2.50/mo.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Session variables and words with spaces

[Beauford]

Yep, I see that now. I really need to take a break - been at this way to
long. 

Thanks to all. 

-Original Message-
From: Brad Bonkoski [mailto:[EMAIL PROTECTED] 
Sent: May 31, 2006 3:02 PM
To: Beauford
Cc: php-general@lists.php.net
Subject: Re: [PHP] Session variables and words with spaces



Beauford wrote:

> 
>Thanks - Done that though. It shows the way it should be.
>
>Example: Niagara Falls
>
>
>  
>
which of course is wrong and explains perfectly why you are getting the
results you are getting...
it *should* display:
Niagra Falls (View source is a
powerful tool!) -Brad

>-Original Message-
>From: Brad Bonkoski [mailto:[EMAIL PROTECTED]
>Sent: May 31, 2006 2:28 PM
>To: Beauford
>Cc: php-general@lists.php.net
>Subject: Re: [PHP] Session variables and words with spaces
>
>Perhaps you should load up your initial form and then use the "view source"
>option in your browser as this will probably give you insight into your 
>problems...
>-Brad
>
>Beauford wrote:
>
>  
>
>>Hi,
>>
>>I have a form in which a drop down field is populated from a MySQL
>>
>>
>database.
>  
>
>>I am also using sessions.
>>
>>The problem is this. After I submit the form the session variable only 
>>shows the part of the input before the space.
>>
>>Example: if I choose Niagra Falls from the drop down list, then I only 
>>see Niagra when I display it.
>>
>>I'm not sure though if it is the session or the forms variable that is 
>>causing the problem. I haven't been able to find much on this.
>>
>>See code below
>>
>>Thanks
>>
>>
>>
>>session_start(  );
>>
>>..Open database and connect to server...
>>
>>Include("connect.inc");
>>
>>!! Start of form !!
>>
>>
>>-- Select Province --
>>   
>>>
>>$query = "select pid, location from province order by location"; 
>>$results =
>>mysql_query($query) or $mysqlerror = mysql_error(); if ($mysqlerror) { 
>>  $dberror = "Messed Up";
>>  include("index.php");
>>  exit;
>>  }   
>>  
>>while ($line = mysql_fetch_array($results)) {
>>  if($line['pid'] == 1) {
>>  echo ">Value="$line['location'].">"$line['location']."\n";
>>  }
>>}
>>
>>
>>
>>!! Rest of Form !!
>>
>> 
>>
>>
>>
>
>--
>
>  
>

--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit:
http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Session variables and words with spaces

[Beauford]

Not sure why I would get a parse error, but that did correct the problem. I
just completely missed the single quote. I never even clue'd in when I
looked at the source of the page.

Sometimes another pair of eyes does the trick. Maybe it's time for a break.

Thanks


>> I'm surprised you're not getting a parse error...

echo "" . $line['location'] . 
"\n";
--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit:
http://www.php.net/unsub.php

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables and words with spaces

[cajbecu]

Niagara Falls

replace with

Niagara Falls (note the quotes)

because you will post only "Niagara" instead "Niagara Falls"

cheers,

On 5/31/06, Beauford <[EMAIL PROTECTED]> wrote:


Thanks - Done that though. It shows the way it should be.

Example: Niagara Falls


-Original Message-
From: Brad Bonkoski [mailto:[EMAIL PROTECTED]
Sent: May 31, 2006 2:28 PM
To: Beauford
Cc: php-general@lists.php.net
Subject: Re: [PHP] Session variables and words with spaces

Perhaps you should load up your initial form and then use the "view source"
option in your browser as this will probably give you insight into your
problems...
-Brad

Beauford wrote:

>Hi,
>
>I have a form in which a drop down field is populated from a MySQL
database.
>I am also using sessions.
>
>The problem is this. After I submit the form the session variable only
>shows the part of the input before the space.
>
>Example: if I choose Niagra Falls from the drop down list, then I only
>see Niagra when I display it.
>
>I'm not sure though if it is the session or the forms variable that is
>causing the problem. I haven't been able to find much on this.
>
>See code below
>
>Thanks
>
>
>
>session_start(  );
>
>..Open database and connect to server...
>
>Include("connect.inc");
>
>!! Start of form !!
>
>
>-- Select Province --
>
>
>$query = "select pid, location from province order by location";
>$results =
>mysql_query($query) or $mysqlerror = mysql_error(); if ($mysqlerror) {
>   $dberror = "Messed Up";
>   include("index.php");
>   exit;
>   }
>
>while ($line = mysql_fetch_array($results)) {
>   if($line['pid'] == 1) {
>   echo "Value="$line['location'].">"$line['location']."\n";
>   }
>}
>
>
>
>!! Rest of Form !!
>
>
>

--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit:
http://www.php.net/unsub.php

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables and words with spaces

[Brad Bonkoski]

Beauford wrote:



Thanks - Done that though. It shows the way it should be.

Example: Niagara Falls


 

which of course is wrong and explains perfectly why you are getting 
the results you are getting...

it *should* display:
Niagra Falls
(View source is a powerful tool!)
-Brad


-Original Message-
From: Brad Bonkoski [mailto:[EMAIL PROTECTED] 
Sent: May 31, 2006 2:28 PM

To: Beauford
Cc: php-general@lists.php.net
Subject: Re: [PHP] Session variables and words with spaces

Perhaps you should load up your initial form and then use the "view source"
option in your browser as this will probably give you insight into your
problems...
-Brad

Beauford wrote:

 


Hi,

I have a form in which a drop down field is populated from a MySQL
   


database.
 


I am also using sessions.

The problem is this. After I submit the form the session variable only 
shows the part of the input before the space.


Example: if I choose Niagra Falls from the drop down list, then I only 
see Niagra when I display it.


I'm not sure though if it is the session or the forms variable that is 
causing the problem. I haven't been able to find much on this.


See code below

Thanks



session_start(  );

..Open database and connect to server...

Include("connect.inc");

!! Start of form !!


-- Select Province --			 
			 


$query = "select pid, location from province order by location"; 
$results =
mysql_query($query) or $mysqlerror = mysql_error(); if ($mysqlerror) { 
 	$dberror = "Messed Up";

include("index.php");
exit;
}   

while ($line = mysql_fetch_array($results)) {
if($line['pid'] == 1) {
echo ""$line['location']."\n";
}
}



!! Rest of Form !!



   



--

 



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Session variables and words with spaces

[Beauford]

 
Thanks - Done that though. It shows the way it should be.

Example: Niagara Falls


-Original Message-
From: Brad Bonkoski [mailto:[EMAIL PROTECTED] 
Sent: May 31, 2006 2:28 PM
To: Beauford
Cc: php-general@lists.php.net
Subject: Re: [PHP] Session variables and words with spaces

Perhaps you should load up your initial form and then use the "view source"
option in your browser as this will probably give you insight into your
problems...
-Brad

Beauford wrote:

>Hi,
>
>I have a form in which a drop down field is populated from a MySQL
database.
>I am also using sessions.
>
>The problem is this. After I submit the form the session variable only 
>shows the part of the input before the space.
>
>Example: if I choose Niagra Falls from the drop down list, then I only 
>see Niagra when I display it.
>
>I'm not sure though if it is the session or the forms variable that is 
>causing the problem. I haven't been able to find much on this.
>
>See code below
>
>Thanks
>
>
>
>session_start(  );
>
>..Open database and connect to server...
>
>Include("connect.inc");
>
>!! Start of form !!
>
>
>-- Select Province -- 
>
>
>$query = "select pid, location from province order by location"; 
>$results =
>mysql_query($query) or $mysqlerror = mysql_error(); if ($mysqlerror) { 
>   $dberror = "Messed Up";
>   include("index.php");
>   exit;
>   }   
>   
>while ($line = mysql_fetch_array($results)) {
>   if($line['pid'] == 1) {
>   echo "Value="$line['location'].">"$line['location']."\n";
>   }
>}
>
>
>
>!! Rest of Form !!
>
>  
>

--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit:
http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables and words with spaces

[John Nichel]

Beauford wrote:

Hi,

I have a form in which a drop down field is populated from a MySQL database.
I am also using sessions.

The problem is this. After I submit the form the session variable only shows
the part of the input before the space.

Example: if I choose Niagra Falls from the drop down list, then I only see
Niagra when I display it.

I'm not sure though if it is the session or the forms variable that is
causing the problem. I haven't been able to find much on this.

See code below

Thanks



session_start(  );

..Open database and connect to server...

Include("connect.inc");

!! Start of form !!


-- Select Province --			 
			 


$query = "select pid, location from province order by location"; $results =
mysql_query($query) or $mysqlerror = mysql_error(); if ($mysqlerror) { 
   	$dberror = "Messed Up";

include("index.php");
exit;
}   

while ($line = mysql_fetch_array($results)) {
if($line['pid'] == 1) {
echo ""$line['location']."\n";
}
}





I'm surprised you're not getting a parse error...

echo "" . $line['location'] . 
"\n";

--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
[EMAIL PROTECTED]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables and words with spaces

[Brad Bonkoski]

Perhaps you should load up your initial form and then use the "view 
source" option in your browser as this will probably give you insight 
into your problems...

-Brad

Beauford wrote:


Hi,

I have a form in which a drop down field is populated from a MySQL database.
I am also using sessions.

The problem is this. After I submit the form the session variable only shows
the part of the input before the space.

Example: if I choose Niagra Falls from the drop down list, then I only see
Niagra when I display it.

I'm not sure though if it is the session or the forms variable that is
causing the problem. I haven't been able to find much on this.

See code below

Thanks



session_start(  );

..Open database and connect to server...

Include("connect.inc");

!! Start of form !!


-- Select Province --			 
			 


$query = "select pid, location from province order by location"; $results =
mysql_query($query) or $mysqlerror = mysql_error(); if ($mysqlerror) { 
  	$dberror = "Messed Up";

include("index.php");
exit;
}   

while ($line = mysql_fetch_array($results)) {
if($line['pid'] == 1) {
echo ""$line['location']."\n";
}
}



!! Rest of Form !!

 



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: php session variables limited to 1 character -- please help

[Oliver Grätz]

Zac Smith schrieb:
> http://www.triptrivia.com/step2-debug.php?State=abc

404

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Jason Wong]

On Monday 06 September 2004 14:08, Peter Brodersen wrote:
> On Mon, 6 Sep 2004 13:33:02 +0800, in php.general
>
> [EMAIL PROTECTED] (Jason Wong) wrote:
> >>   $username = trim(addslashes($_POST['user_name']));
> >>   $pass = trim(addslashes($_POST['password']));
> >
> >addslashes() is not needed as you're performing SELECT query and not an
> > INSERT query.
>
> How did you come up with that? The escape mechanism is the same for
> SELECT and INSERT.

Sorry, you're right. I'll go back to sleep now!

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
A beautiful woman is a blessing from Heaven, but a good cigar is a smoke.
-- Kipling
*/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Marek Kilimajer]

Dre wrote:
no I did this a long time ago
(I did have this problem before :o) )
Try echo $_REQUEST[session_name()]; in members/main.php. It should print 
the session id. Then there should be a session file sess_[session id].

"Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Dre wrote:
and by the way ..
I'm using MS Windows XP Pro. which I do believe that it has some hand in
the
problem :)
Like you did not change session.save_path setting in php.ini from /tmp
to whatever it is supposed to be on windows.

"Dre" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]

I do know this
and what happen is that the $_SESSION array become empty once I redirect

from the login page (after login) to another members' area page .. !!

"Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]

Dre wrote:

I don't know why but session variables does not get posted .. is there
any

thing in the php.ini that I should configure as
I can't find any thing wrong in the code I'm using !!
Session variables are not posted, they are kept on the server. Only the
session id is sent as a cookie, get or post variable. Session variables
are available in $_SESSION array


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Dre]

no I did this a long time ago
(I did have this problem before :o) )

"Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Dre wrote:
> > and by the way ..
> > I'm using MS Windows XP Pro. which I do believe that it has some hand in
the
> > problem :)
>
> Like you did not change session.save_path setting in php.ini from /tmp
> to whatever it is supposed to be on windows.
>
> >
> >
> > "Dre" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]
> >
> >>I do know this
> >>and what happen is that the $_SESSION array become empty once I redirect
> >>from the login page (after login) to another members' area page .. !!
> >>
> >>
> >>"Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message
> >>news:[EMAIL PROTECTED]
> >>
> >>>Dre wrote:
> >>>
> I don't know why but session variables does not get posted .. is there
> >>
> >>any
> >>
> thing in the php.ini that I should configure as
> I can't find any thing wrong in the code I'm using !!
> 
> >>>
> >>>Session variables are not posted, they are kept on the server. Only the
> >>>session id is sent as a cookie, get or post variable. Session variables
> >>>are available in $_SESSION array
> >
> >

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Chris Shiflett]

--- Jason Wong <[EMAIL PROTECTED]> wrote:
> > $username = trim(addslashes($_POST['user_name']));
> > $pass = trim(addslashes($_POST['password']));
> 
> addslashes() is not needed as you're performing SELECT query
> and not an INSERT query.

That's not true, since he's using user data in the SQL statement. The
query method has nothing to do with whether data should be escaped.

Of course, addslashes() is sort of a last result with regard to escaping
data for use in a query. The more preferable options are those native to
the database you're using, if they exist. MySQL users can use
mysql_escape_string(), for example.

Chris

=
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly
 Coming Fall 2004
HTTP Developer's Handbook - Sams
 http://httphandbook.org/
PHP Community Site
 http://phpcommunity.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Marek Kilimajer]

Dre wrote:
and by the way ..
I'm using MS Windows XP Pro. which I do believe that it has some hand in the
problem :)
Like you did not change session.save_path setting in php.ini from /tmp 
to whatever it is supposed to be on windows.


"Dre" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
I do know this
and what happen is that the $_SESSION array become empty once I redirect
from the login page (after login) to another members' area page .. !!
"Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Dre wrote:
I don't know why but session variables does not get posted .. is there
any
thing in the php.ini that I should configure as
I can't find any thing wrong in the code I'm using !!
Session variables are not posted, they are kept on the server. Only the
session id is sent as a cookie, get or post variable. Session variables
are available in $_SESSION array

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Peter Brodersen]

On Mon, 6 Sep 2004 13:33:02 +0800, in php.general
[EMAIL PROTECTED] (Jason Wong) wrote:

>>   $username = trim(addslashes($_POST['user_name']));
>>   $pass = trim(addslashes($_POST['password']));
>
>addslashes() is not needed as you're performing SELECT query and not an INSERT 
>query.

How did you come up with that? The escape mechanism is the same for
SELECT and INSERT.

addslashes() is not needed if magic_quotes is enabled, though. But if
it isn't, it could be easy to login as another user, e.g. post:

other_user' OR user_name = 'foo

.. as user_name.

In that case the attacker could login as other_user.

-- 
- Peter Brodersen

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Jason Wong]

Please do not top post.

On Monday 06 September 2004 06:53, Dre wrote:

As well as what everybody else has said ...

>   $username = trim(addslashes($_POST['user_name']));
>   $pass = trim(addslashes($_POST['password']));

addslashes() is not needed as you're performing SELECT query and not an INSERT 
query.

>$sql = "SELECT * FROM  members_webdata WHERE user_name='".$username."'
> AND password='".$pass."'";

$sql = "SELECT * FROM  members_webdata WHERE user_name='$username' AND 
password='$pass'";

Much easier on the eyes.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
Of course you have a purpose -- to find a purpose.
*/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[John Nichel]

Dre wrote:
yes I'm sure
Won't hurt to echo it out.
--
By-Tor.com
It's all about the Rush
http://www.by-tor.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Dre]

yes I'm sure

"John Nichel" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Dre wrote:
> 
> >   if((empty($_POST['user_name'])) || (empty($_POST['password'])))
> >   {
> >   header('Location: index.php');
> >include("login_form");
> >exit();
> >   }
>
> That include is useless, as you're forwarding to another document right
> before it.
>
> >   else{
> >include("db.php");
> >$sql = "SELECT * FROM  members_webdata WHERE
user_name='".$username."'
> > AND password='".$pass."'";
> >$result = mysql_query($sql);
> >$num_return = mysql_num_rows($result);
> >
> >if($num_return ==1)
> >{
> > $row = mysql_fetch_array($result);
> >  $_SESSION['uname'] = $row['user_name'];
>
> Are you sure $row['user_name'] has value?
>
> -- 
> By-Tor.com
> It's all about the Rush
> http://www.by-tor.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[John Nichel]

Dre wrote:

  if((empty($_POST['user_name'])) || (empty($_POST['password'])))
  {
  header('Location: index.php');
   include("login_form");
   exit();
  }
That include is useless, as you're forwarding to another document right 
before it.

  else{
   include("db.php");
   $sql = "SELECT * FROM  members_webdata WHERE user_name='".$username."'
AND password='".$pass."'";
   $result = mysql_query($sql);
   $num_return = mysql_num_rows($result);
   if($num_return ==1)
   {
$row = mysql_fetch_array($result);
 $_SESSION['uname'] = $row['user_name'];
Are you sure $row['user_name'] has value?
--
By-Tor.com
It's all about the Rush
http://www.by-tor.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Dre]

and by the way ..
I'm using MS Windows XP Pro. which I do believe that it has some hand in the
problem :)


"Dre" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I do know this
> and what happen is that the $_SESSION array become empty once I redirect
> from the login page (after login) to another members' area page .. !!
>
>
> "Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
> > Dre wrote:
> > > I don't know why but session variables does not get posted .. is there
> any
> > > thing in the php.ini that I should configure as
> > > I can't find any thing wrong in the code I'm using !!
> > >
> >
> > Session variables are not posted, they are kept on the server. Only the
> > session id is sent as a cookie, get or post variable. Session variables
> > are available in $_SESSION array

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Dre]

this is the username/password validation script which receives the user name
and password from a regular form
and they are sent correctly

logme_in.php
//==
==
"."CLICK HERE TO GO TO MEMBERS SECTION";
 echo "";
 //session_write_close();
// header('Location: members/main.php'."?_SESSION['uname']=".
$row['user_name']);
   }
   else {
   }
  }

?>
//
this is the page I try to open after logging in but it behaves like if I'm
not logged at all

members/main.php
//


...

//
//

"Dre" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I do know this
> and what happen is that the $_SESSION array become empty once I redirect
> from the login page (after login) to another members' area page .. !!
>
>
> "Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
> > Dre wrote:
> > > I don't know why but session variables does not get posted .. is there
> any
> > > thing in the php.ini that I should configure as
> > > I can't find any thing wrong in the code I'm using !!
> > >
> >
> > Session variables are not posted, they are kept on the server. Only the
> > session id is sent as a cookie, get or post variable. Session variables
> > are available in $_SESSION array

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[John Nichel]

Dre wrote:
I do know this
and what happen is that the $_SESSION array become empty once I redirect
from the login page (after login) to another members' area page .. !!
Are you starting the session on every page?  How are you sending the 
session id?

--
By-Tor.com
It's all about the Rush
http://www.by-tor.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Marek Kilimajer]

Dre wrote:
I do know this
and what happen is that the $_SESSION array become empty once I redirect
from the login page (after login) to another members' area page .. !!
That means you are loosing your session. Is the session id sent? Is the 
session file (usualy in /tmp) created?

"Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Dre wrote:
I don't know why but session variables does not get posted .. is there
any
thing in the php.ini that I should configure as
I can't find any thing wrong in the code I'm using !!
Session variables are not posted, they are kept on the server. Only the
session id is sent as a cookie, get or post variable. Session variables
are available in $_SESSION array

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Dre]

I do know this
and what happen is that the $_SESSION array become empty once I redirect
from the login page (after login) to another members' area page .. !!


"Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Dre wrote:
> > I don't know why but session variables does not get posted .. is there
any
> > thing in the php.ini that I should configure as
> > I can't find any thing wrong in the code I'm using !!
> >
>
> Session variables are not posted, they are kept on the server. Only the
> session id is sent as a cookie, get or post variable. Session variables
> are available in $_SESSION array

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables does not get sent

[Marek Kilimajer]

Dre wrote:
I don't know why but session variables does not get posted .. is there any
thing in the php.ini that I should configure as
I can't find any thing wrong in the code I'm using !!
Session variables are not posted, they are kept on the server. Only the 
session id is sent as a cookie, get or post variable. Session variables 
are available in $_SESSION array

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session Variables ~ Best Practices

[Harlequin]

thanks Jay.

-- 
-
 Michael Mason
 Arras People
 www.arraspeople.co.uk
-
"Jay Blanchard" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
[snip]
I am also wondering if I need to declare all my variables one after the
other or can I simply declare variables that I will be using immediately
upon submission.
[/snip]

Since PHP is not strongly typed (like C or C++) you need not declare any
variables. There are some caveats (see
http://www.php.net/error_reporting ). Is it good practice? Not really,
especially if you have a shop where more than one developer may be
touching the code.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session Variables ~ Best Practices

[Justin Patrin]

On Tue, 13 Jul 2004 17:52:44 +0100, Harlequin
<[EMAIL PROTECTED]> wrote:
> I'm right in the middle of developing some pages that will require session
> cookies. Now I have a few questions and hope I don't bore you too much...
> 
> I presume I am right in assuming that I can declare variables anywhere I
> like providing I have started a session on the page but I cannot actually
> use those variables until a post or some similar action has been performed
> by the user.
> 
> I am also wondering if I need to declare all my variables one after the
> other or can I simply declare variables that I will be using immediately
> upon submission.
> 

I'm not quite sure what your question is, but here's some info. You
have to call session_start() before using anything in the session.
This must be called before there is any output to the browser.

After the call to session_start() you can get/set/unset any session
value you want at any time in the script (all of this is stored on the
server). The best way to do all of this is through the $_SESSION
superglobal. Use it like a normal assicative array:

$_SESSION['var'] = 'value';

or:

$_SESSION['array'] = array(1, 2, 3, 4);

os:

$_SESSION['object'] = new Object();

Everything you put in there will be available from any function
without having to use the global keyword or the $GLOBALS superglobal.

Note that you can't store recources in the session (at least, they
can't be used as resources on subsequent requests.) This includes
things such as open file desriptors and database connections or
statement handles.

-- 
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder

paperCrane --Justin Patrin--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session Variables ~ Best Practices

[Michal Migurski]

> I presume I am right in assuming that I can declare variables anywhere I
> like providing I have started a session on the page but I cannot
> actually use those variables until a post or some similar action has
> been performed by the user.

No, you can use them right away - they are stored server-side, so you
don't need to wait for a request/response loop before reading them:

session_start();
$_SESSION['foo'] = 'bar';
echo $_SESSION['foo']; // 'foo' is available immediately

No need to perform any special declarations. It's cookies that need to
wait for a subsequent request to be available via getcookie().

Careful with your session variable naming - you may want to implement a
primitive namespace, by using named arrays in $_SESSION, such as
$_SESSION['auth']['username'] or $_SESSION['prefs']['boxers_or_briefs'].

-mike.

-
michal migurski- contact info and pgp key:
sf/cahttp://mike.teczno.com/contact.html

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Session Variables ~ Best Practices

[Jay Blanchard]

[snip]
I am also wondering if I need to declare all my variables one after the
other or can I simply declare variables that I will be using immediately
upon submission.
[/snip]

Since PHP is not strongly typed (like C or C++) you need not declare any
variables. There are some caveats (see
http://www.php.net/error_reporting ). Is it good practice? Not really,
especially if you have a shop where more than one developer may be
touching the code. 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables

[Bob Lockie]

On 06/01/04 22:12 John Nichel spoke:
Bob Lockie wrote:
$_SESSION['new_name'] = $_REQUEST['new_name'];
Is not global.
I printed out the value locally but it is not made into a session 
variable.

Did you start the session before you set $_SESSION['new_name']?
That was my problem.
I reorganized and put some code in a file that didn't have a 
session_start() call. :-(

Thanks.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables

[John W. Holmes]

Bob Lockie wrote:
$_SESSION['new_name'] = $_REQUEST['new_name'];
Is not global.
I printed out the value locally but it is not made into a session variable.
Yes, it is. Providing you have sessions configured correctly and use 
session_start().

--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables

[John Nichel]

Bob Lockie wrote:
$_SESSION['new_name'] = $_REQUEST['new_name'];
Is not global.
I printed out the value locally but it is not made into a session variable.
Did you start the session before you set $_SESSION['new_name']?
--
By-Tor.com
It's all about the Rush
http://www.by-tor.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables not recognized?

[John Nichel]

Brian Dunning wrote:
This is 4.3.2 and sessions are enabled.
Session handling was added in PHP 4.0.
The first line of my file is session_start(); but whenever I try to set
or reference $_SESSION['anything'] I get:
 Undefined variable: _SESSION

- Brian
Post some code.
--
John C. Nichel
KegWorks.com
716.856.9675
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables not recognized?

[Brian Dunning]

This is 4.3.2 and sessions are enabled.
Session handling was added in PHP 4.0.
The first line of my file is session_start(); but whenever I try to 
set
or reference $_SESSION['anything'] I get:

 Undefined variable: _SESSION
- Brian
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables not recognized?

[Daniel Clark]

Session handling was added in PHP 4.0. 

>>The first line of my file is session_start(); but whenever I try to set 
>>or reference $_SESSION['anything'] I get:
>>
>>  Undefined variable: _SESSION
>>
>>What's up with that???
>>
>>- Brian

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables not working

[Andrew Wood]

If a page accesses the session variables does it need to explicity 
reset them as well because it would appear that an intermediate PHP 
script which also reads the 2 variables is destroying the session for 
no apparent reason


On 14 May 2004, at 22:11, Brad Pauly wrote:
On Fri, 2004-05-14 at 14:48, Andrew Wood wrote:
I'm trying to set the following two vars on one page then read their
values on another like this:
page1.php...
ob_start();
session_start();
  $_SESSION['member_id'] = $member_id;
  $_SESSION['password'] = $password;
ob_end_flush();
Where are $member_id and $password coming from?
page2.php...
ob_start();
session_start();
  $member_id = $_SESSION['member_id'];
  $password $_SESSION['password'];
ob_end_flush();
I think you want $password = $_SESSION['password'];
But on page2.php the variables are null.  Can anyone help me out with
this. I must be doing something really obvious wrong.
Where are you outputting the variables to see what they are? You might
want to add a print_r($_SESSION) to see what is there. The ob_*
functions don't cause any output of variables, they only output what 
you
output within them (if that makes sense). For example:

ob_start();
  echo 'Hi';
ob_end_flush();
- Brad
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables not working

[Andrew Wood]

Either typing the URL directly or by using a hyperlink.

On 14 May 2004, at 22:09, John W. Holmes wrote:

From: "Andrew Wood" <[EMAIL PROTECTED]>

Using a cookie which is shown in my browser as PHPSESSID

Yes they're on the same domain but no there's nothing being passed
accross the URL.  Should there be?
No, not normally. How are you getting from page 1 to page 2?

page1.php...

ob_start();
session_start();
  $_SESSION['member_id'] = $member_id;
  $_SESSION['password'] = $password;
ob_end_flush();
page2.php...

ob_start();
session_start();
  $member_id = $_SESSION['member_id'];
  $password $_SESSION['password'];
ob_end_flush();
What's with the output buffering functions? Are you sure $member_id and
$password have a value in the first script? I assume there is more 
code to
this, or no?

---John Holmes...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables not working

[Brad Pauly]

On Fri, 2004-05-14 at 14:48, Andrew Wood wrote:
> I'm trying to set the following two vars on one page then read their 
> values on another like this:
> 
> page1.php...
> 
> ob_start();
> session_start();
>   $_SESSION['member_id'] = $member_id;
>   $_SESSION['password'] = $password;
> ob_end_flush();

Where are $member_id and $password coming from?

> page2.php...
> 
> ob_start();
> session_start();
>   $member_id = $_SESSION['member_id'];
>   $password $_SESSION['password'];
> ob_end_flush();

I think you want $password = $_SESSION['password'];

> But on page2.php the variables are null.  Can anyone help me out with 
> this. I must be doing something really obvious wrong.

Where are you outputting the variables to see what they are? You might
want to add a print_r($_SESSION) to see what is there. The ob_*
functions don't cause any output of variables, they only output what you
output within them (if that makes sense). For example:

ob_start();
  echo 'Hi';
ob_end_flush();

- Brad

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables not working

[John W. Holmes]

From: "Andrew Wood" <[EMAIL PROTECTED]>

> Using a cookie which is shown in my browser as PHPSESSID
>
> Yes they're on the same domain but no there's nothing being passed
> accross the URL.  Should there be?

No, not normally. How are you getting from page 1 to page 2?

> page1.php...
>
> ob_start();
> session_start();
>   $_SESSION['member_id'] = $member_id;
>   $_SESSION['password'] = $password;
> ob_end_flush();
>
>
> page2.php...
>
> ob_start();
> session_start();
>   $member_id = $_SESSION['member_id'];
>   $password $_SESSION['password'];
> ob_end_flush();

What's with the output buffering functions? Are you sure $member_id and
$password have a value in the first script? I assume there is more code to
this, or no?

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables not working

[Andrew Wood]

Using a cookie which is shown in my browser as PHPSESSID

Yes they're on the same domain but no there's nothing being passed 
accross the URL.  Should there be?

AW

On 14 May 2004, at 21:59, John W. Holmes wrote:

- Original Message -
From: "Andrew Wood" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, May 14, 2004 4:48 PM
Subject: [PHP] Session variables not working

I'm trying to set the following two vars on one page then read their
values on another like this:
[snip]
But on page2.php the variables are null.  Can anyone help me out with
this. I must be doing something really obvious wrong.
How are you getting from page 1 to page 2? Is a session cookie being 
set?
Are page 1 and page 2 on the same domain? Do you see a PHPSESSID in 
the URL?

---John Holmes...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables not working

[John W. Holmes]

- Original Message - 
From: "Andrew Wood" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, May 14, 2004 4:48 PM
Subject: [PHP] Session variables not working


> I'm trying to set the following two vars on one page then read their
> values on another like this:
[snip]
> But on page2.php the variables are null.  Can anyone help me out with
> this. I must be doing something really obvious wrong.

How are you getting from page 1 to page 2? Is a session cookie being set?
Are page 1 and page 2 on the same domain? Do you see a PHPSESSID in the URL?

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables

[Curt Zirzow]

* Thus wrote Curt Zirzow ([EMAIL PROTECTED]):
> This looks like output from 'php -i'. The php module *can* have a
> different config, check these values from phpinfo() in  a webpage
> in the same directory as your scripts with

I fired my proofreader so I have to do this manually now :)

s/ with/.


Curt
-- 
"I used to think I was indecisive, but now I'm not so sure."

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables

[Curt Zirzow]

* Thus wrote Charles Collins ([EMAIL PROTECTED]):
> I have two test files running on a server, which is giving me a headache,
> due to the fact the session variables are not been maintained across the two
> pages.
> 
> The server is running ...
> 
> PHP Version  = 4.0.5
> register_globals = ON
> Session Support = Enabled

This looks like output from 'php -i'. The php module *can* have a
different config, check these values from phpinfo() in  a webpage
in the same directory as your scripts with

> ...
> 
>   session_start();
>  session_register("test");
>  $test = "Hullo World";
>  print $test; // prints "test"
> ?>
> 
> Page # 2
> 
>   session_start();
>  print $test;// prints nothing, zip!
> ?>
I would strongly suggest using the $_SESSION variable, even if
register_globals is on, that way sessions work regardless of its
setting.

page 1:
session_start();
$test = $_SESSION['test'] = 'Hullo World';
echo $test;

page 2:
session_start();
$test = $_SESSION['test'];
echo $test;


Curt
-- 
"I used to think I was indecisive, but now I'm not so sure."

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables

[Daniel Clark]

Does page1 call page2?
Or do you open another browser window and open page2?

My understanding is some browsers to NOT transfer the same session info to
another borwser window.

> Tried that as well as $HTTP_SERVER_VARS, $_SESSION, etc., still cannot get
> the damn thing working.
>
> Regards,
> Charlie.
>
> "Vincent Dupont" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
> I would do
> script 1 :
> $_SESSION['test'] = "hello world";
>
> and in script2 :
> print($_SESSION['test']);
>
>
> vincent
>
> -Original Message-
> From: Charles Collins [mailto:[EMAIL PROTECTED]
> Sent: mardi 20 avril 2004 17:44
> To: [EMAIL PROTECTED]
> Subject: [PHP] session variables
>
>
> I have two test files running on a server, which is giving me a headache,
> due to the fact the session variables are not been maintained across the
> two
> pages.
>
> The server is running ...
>
> PHP Version  = 4.0.5
> register_globals = ON
> Session Support = Enabled
> session.auto_start = Off
> session.cache_expire =  180
> session.cache_limiter = nocache
> session.cookie_domain = inweb.net.uk
> session.cookie_lifetime = 600
> session.cookie_path =  /
> session.cookie_secure = Off
> session.entropy_file = no value
> session.entropy_length = 0
> session.gc_maxlifetime = 1440
> session.gc_probability = 1
> session.name = PHPSESSID
> session.referer_check = no value
> session.save_handler = files
> session.save_path = /tmp
> session.serialize_handler php
> session.use_cookies = On
>
> The two script files are as follows: -
>
> Page #1:
>
>   session_start();
>  session_register("test");
>  $test = "Hullo World";
>  print $test; // prints "test"
> ?>
>
> Page # 2
>
>   session_start();
>  print $test;// prints nothing, zip!
> ?>
>
> Can anyone tell me where I'm going wrong, works fine of test servers,
> etc.,
> only screwed up when site was lauched.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables

[Daniel Clark]

hum.  Try $_SESSION['test'] on page 2.

> I have two test files running on a server, which is giving me a headache,
> due to the fact the session variables are not been maintained across the
> two
> pages.
>
> The server is running ...
>
> PHP Version  = 4.0.5
> register_globals = ON
> Session Support = Enabled
> session.auto_start = Off
> session.cache_expire =  180
> session.cache_limiter = nocache
> session.cookie_domain = inweb.net.uk
> session.cookie_lifetime = 600
> session.cookie_path =  /
> session.cookie_secure = Off
> session.entropy_file = no value
> session.entropy_length = 0
> session.gc_maxlifetime = 1440
> session.gc_probability = 1
> session.name = PHPSESSID
> session.referer_check = no value
> session.save_handler = files
> session.save_path = /tmp
> session.serialize_handler php
> session.use_cookies = On
>
> The two script files are as follows: -
>
> Page #1:
>
>   session_start();
>  session_register("test");
>  $test = "Hullo World";
>  print $test; // prints "test"
> ?>
>
> Page # 2
>
>   session_start();
>  print $test;// prints nothing, zip!
> ?>
>
> Can anyone tell me where I'm going wrong, works fine of test servers,
> etc.,
> only screwed up when site was lauched.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables

[Charles Collins]

Dear Vincent,

Tried that as well as $HTTP_SERVER_VARS, $_SESSION, etc., still cannot get
the damn thing working.

Regards,
Charlie.

"Vincent Dupont" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
I would do
script 1 :
$_SESSION['test'] = "hello world";

and in script2 :
print($_SESSION['test']);


vincent

-Original Message-
From: Charles Collins [mailto:[EMAIL PROTECTED]
Sent: mardi 20 avril 2004 17:44
To: [EMAIL PROTECTED]
Subject: [PHP] session variables


I have two test files running on a server, which is giving me a headache,
due to the fact the session variables are not been maintained across the two
pages.

The server is running ...

PHP Version  = 4.0.5
register_globals = ON
Session Support = Enabled
session.auto_start = Off
session.cache_expire =  180
session.cache_limiter = nocache
session.cookie_domain = inweb.net.uk
session.cookie_lifetime = 600
session.cookie_path =  /
session.cookie_secure = Off
session.entropy_file = no value
session.entropy_length = 0
session.gc_maxlifetime = 1440
session.gc_probability = 1
session.name = PHPSESSID
session.referer_check = no value
session.save_handler = files
session.save_path = /tmp
session.serialize_handler php
session.use_cookies = On

The two script files are as follows: -

Page #1:



Page # 2



Can anyone tell me where I'm going wrong, works fine of test servers, etc.,
only screwed up when site was lauched.

Thanks in advance ...

Regards
Charlie.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] session variables

[Vincent DUPONT]

I would do
script 1 :
$_SESSION['test'] = "hello world";

and in script2 :
print($_SESSION['test']);


vincent

-Original Message-
From: Charles Collins [mailto:[EMAIL PROTECTED]
Sent: mardi 20 avril 2004 17:44
To: [EMAIL PROTECTED]
Subject: [PHP] session variables


I have two test files running on a server, which is giving me a headache,
due to the fact the session variables are not been maintained across the two
pages.

The server is running ...

PHP Version  = 4.0.5
register_globals = ON
Session Support = Enabled
session.auto_start = Off
session.cache_expire =  180
session.cache_limiter = nocache
session.cookie_domain = inweb.net.uk
session.cookie_lifetime = 600
session.cookie_path =  /
session.cookie_secure = Off
session.entropy_file = no value
session.entropy_length = 0
session.gc_maxlifetime = 1440
session.gc_probability = 1
session.name = PHPSESSID
session.referer_check = no value
session.save_handler = files
session.save_path = /tmp
session.serialize_handler php
session.use_cookies = On

The two script files are as follows: -

Page #1:



Page # 2



Can anyone tell me where I'm going wrong, works fine of test servers, etc.,
only screwed up when site was lauched.

Thanks in advance ...

Regards
Charlie.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session variables as array

[John W. Holmes]

Joseph Ross Lee wrote:

Hello... Is there any example that I can look at that does a session
variable as an array? thanks
session_start();
$_SESSION['somekey'] = 'somevalue';
$_SESSION['someotherkey'] = array('one','two','three','four');

$_SESSION['yetanother'] = 
array(array('one','two','three'),array(1,2,3),array('foo','bar','blah'));

--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/

php|architect: The Magazine for PHP Professionals – www.phparch.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] SESSION VARIABLES

[Adam Bregenzer]

On Tue, 2004-02-10 at 03:13, Ronald Ramos wrote:
> It Worked. Thanks Man!
> So I can use this to any other page?

Awesome!  You have access to the $_SESSION variables on any php page on
the same server.  Just make sure you call session_start() before you
access the $_SESSION array.

> Let's say I have two users, first one logged in, using ronald as
> username, while user ronald is still logged-in
> User nhadie also logged-in from somewhere, will the value of $username
> of user ronald be changed to nhadie?

No, with sessions there will essentially be multiple values for the
variables, one for each session.  When a user requests a page their
session id will be used to set the correct values in the $_SESSION
array.  For example, when ronald loads the page $_SESSION['username']
will be ronald.  When nhadie loads the page the $_SESSION['username']
variable will be nahdie.

-- 
Adam Bregenzer
[EMAIL PROTECTED]
http://adam.bregenzer.net/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] SESSION VARIABLES

[Adam Bregenzer]

On Tue, 2004-02-10 at 02:45, Ronald Ramos wrote:
> $_SESSION['username'];
> $_SESSION['password'];

Close, try this instead:
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;

> I edited page3.php but it still shows me nothing.

It looks great, now you just need to clear up your use of the $_SESSION
variable in page2.php.

-- 
Adam Bregenzer
[EMAIL PROTECTED]
http://adam.bregenzer.net/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] SESSION VARIABLES

[Adam Bregenzer]

On Tue, 2004-02-10 at 00:43, Ronald Ramos wrote:
> Hi All,
> 
> I've created 3 sample scripts, pls see below.
> My problem is that page3.php can't display the value $username and
> $password
> Or is it because it the variables were not importe to that page, that's
> why
> $username and $password has no value? If it is, how can I import it?

You need to have session_start() at the top of the third script as
well.  Also you have a typo:
> echo "#password";

should be:
echo "$password";

Consider using $_SESSION[1] instead of session_register[2].

[1] http://www.php.net/reserved.variables#reserved.variables.session
[2] http://www.php.net/session_register

-- 
Adam Bregenzer
[EMAIL PROTECTED]
http://adam.bregenzer.net/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables

[Chris Shiflett]

--- Diana Castillo <[EMAIL PROTECTED]> wrote:
> If you store session variables , but the user has session cookies
> disabled, is there any way to recuperate those session variables?

Cookies come in two types: session cookies and persistent cookies. Session
cookies have no set expiration date, so they expire as soon as the browser
session ends. Persistent cookies don't expire until the date indicated,
and this often involves persisting them in a file (cookies.txt, for
example).

So, I think you just mean to ask how to make sessions work when the user
has disabled cookies. Cookies are only used to propagate the session
identifier, so you don't lose session data. At worst, you would just be
unable to identify the user on the next request.

PHP handles this last potential problem for you with the
session.use_trans_sid php.ini directive. This will rewrite your URLs (in
links and such) to include the session identifier, and PHP will
automatically check both for the bookie and the URL variable. So, you will
probably not need to do anything special.

Hope that helps.

Chris

=
Chris Shiflett - http://shiflett.org/

PHP Security Handbook
 Coming mid-2004
HTTP Developer's Handbook
 http://httphandbook.org/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables

[John Nichel]

Diana Castillo wrote:

If you store session variables , but the user has session cookies disabled,
is there any way to recuperate those session variables?
--
--
Diana Castillo
Global Reservas, S.L.
C/Granvia 22 dcdo 4-dcha
28013 Madrid-Spain
Tel : 00-34-913604039
Fax : 00-34-915228673
email: [EMAIL PROTECTED]
Web : http://www.hotelkey.com
  http://www.destinia.com
Session variables are stored on the web server.  A session cookie is 
used to carry the session id from page to page.  If the user has cookies 
disabled, the session can be passed in the URL.

http://us3.php.net/manual/en/ref.session.php

--
By-Tor.com
It's all about the Rush
http://www.by-tor.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] session variables

[Matt Matijevich]

If you store session variables , but the user has session cookies
disabled,
is there any way to recuperate those session variables?


Yes, look at the  session.use_trans_sid variable.

http://www.php.net/session 

If cookies are disabled, php will pass the session id as a ur variable
or a hidden field.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] session variables scope problem. HELP!

[Johnson, Kirk]

> It seems that once a session is started and variables set, I 
> can access the
> variables on the page on which they are set, but on 
> subsequent pages via
> link or Header redirect the session variables are not set and 
> cannot be
> accesses.

Be sure you have session_start() at the top of *all* pages.

Kirk

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] SOLVED RE: [PHP] SESSION variables losing data on WinXP?

[Jami]

In case anyone else runs into this problem, the way I solved it was by
reinstalling php with the windows installer from php.net. I'm not
exactly sure what the problem was, but reinstalling it this way solved
the problem. Hope this helps someone else.

Jami Moore
LightSpark Digital Designs
[EMAIL PROTECTED]
http://www.lightsparkdigital.com/


-Original Message-
From: Jami [mailto:[EMAIL PROTECTED] 


I'm working on a project, and up until recently was using my hosting
account to do projects, but decided to update PHP on my comp to be able
to work on projects locally. I'm running WindowsXP, PHP 4.3.2, Apache
1.3, and MySQL 3.23.53. The validation page is called on each page, but
if I go to a page other than the entry page (which the validation page
takes you to when you first log in), it throws me back to the login
page. Has anyone run into this and have you solved it? Anyone have a
suggestion?

 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] STILL NOT SOLVED RE: [PHP] SESSION variables losing data on WinXP?

[Jami]

Scott,

thanks for the suggestion, but my php.ini is the same as yours. And I
still have the problem. Any idea why $_SESSION[] variables would loose
data on my server type and not on another?

Jami Moore
LightSpark Digital Designs
[EMAIL PROTECTED]
http://www.lightsparkdigital.com/


-Original Message-
From: Scott Fletcher [mailto:[EMAIL PROTECTED] 

Upon closer inspection on the script, it look like either the
$_POST['***']
wasn't returning data or the $_SESSION['***'] doesn't have data in it
that
tripped the header() function.  So, I'll take the assumption that the
$_POST['***'] does work as it alway does.  So, it narrow down to
$_SESSION['***'].

Since you mentioned that you use it on both Unix and Windows.  So, most
likely it all narrow down to php.ini.  Can you check to verify that the
filepath is correct for Windows and that there is no issue with file
permission.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] SESSION variables losing data on WinXP?

[Scott Fletcher]

Speaking of your problem, you're using the header() function to exit the
webpage to the login page.  So, it all come down to the either one of these
two or both of these two

 if(!isset($uname)) {
 if (mysql_num_rows($result) == 0) {

Upon closer inspection on the script, it look like either the $_POST['***']
wasn't returning data or the $_SESSION['***'] doesn't have data in it that
tripped the header() function.  So, I'll take the assumption that the
$_POST['***'] does work as it alway does.  So, it narrow down to
$_SESSION['***'].

Since you mentioned that you use it on both Unix and Windows.  So, most
likely it all narrow down to php.ini.  Can you check to verify that the
filepath is correct for Windows and that there is no issue with file
permission.  Here's what I have that work for me on Windows 2000.

--clip--
[Session]
; Handler used to store/retrieve data.
session.save_handler = files

; Argument passed to save_handler.  In the case of files, this is the path
; where data files are stored. Note: Windows users have to change this
; variable in order to use PHP's session functions.
session.save_path = c:\tmp

; Whether to use cookies.
session.use_cookies = 1

; This option enables administrators to make their users invulnerable to
; attacks which involve passing session ids in URLs; defaults to 0.
; session.use_only_cookies = 1

; Name of the session (used as cookie name).
session.name = PHPSESSID

; Initialize session on request startup.
session.auto_start = 0

; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0

; The path for which the cookie is valid.
session.cookie_path = c:\tmp

; The domain for which the cookie is valid.
session.cookie_domain =

; Handler used to serialize data.  php is the standard serializer of PHP.
session.serialize_handler = php

; Define the probability that the 'garbage collection' process is started
; on every session initialization.
; The probability is calculated by using gc_probability/gc_divisor,
; e.g. 1/100 means there is a 1% chance that the GC process starts
; on each request.

session.gc_probability = 1
session.gc_divisor = 1000

; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 1440

; PHP 4.2 and less have an undocumented feature/bug that allows you to
; to initialize a session variable in the global scope, albeit
register_globals
; is disabled.  PHP 4.3 and later will warn you, if this feature is used.
; You can disable the feature and the warning seperately. At this time,
; the warning is only displayed, if bug_compat_42 is enabled.

session.bug_compat_42 = 0
session.bug_compat_warn = 1

; Check HTTP Referer to invalidate externally stored URLs containing ids.
; HTTP_REFERER has to contain this substring for the session to be
; considered as valid.
session.referer_check =

; How many bytes to read from the file.
session.entropy_length = 0

; Specified here to create the session id.
session.entropy_file =

;session.entropy_length = 16

;session.entropy_file = /dev/urandom

; Set to {nocache,private,public,} to determine HTTP caching aspects.
; or leave this empty to avoid sending anti-caching headers.
session.cache_limiter = nocache

; Document expires after n minutes.
session.cache_expire = 180

; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
;   to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
;   in publically accessible computer.
; - User may access your site with the same session ID
;   always using URL stored in browser's history or bookmarks.
session.use_trans_sid = 0

; The URL rewriter will look for URLs in a defined set of HTML tags.
; form/fieldset are special; if you include them here, the rewriter will
; add a hidden  field with the info which is otherwise appended
; to URLs.  If you want XHTML conformity, remove the form entry.
; Note that all valid entries require a "=", even if no value follows.
url_rewriter.tags =
"a=href,area=href,frame=src,input=src,form=fakeentry"--clip--

One thing I noticed is that I had to create a folder called 'tmp' for it to
work.

Hope that help..
 Scott F.


"Jami" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Knew I forgot to mention something. No, register_globals are off. Using
> $_SESSION[] variables. I am logging in first. I log in fine, its when I
> try to go to another page via a link on the entry page that I get booted
> back to the login page. My scripts work fine on a Unix server, which is
> what I reluctantly had to go back to using as this projects deadline is
> too close not to do so. Its just on my computer locally that this does
> not work. Code is below, it is fairly long.
>
> Example Code:
>
> //validation.php
> include_once 'db.php';
> include_once 'common.php'
>
>  s

RE: [PHP] SESSION variables losing data on WinXP?

[Jami]

Knew I forgot to mention something. No, register_globals are off. Using
$_SESSION[] variables. I am logging in first. I log in fine, its when I
try to go to another page via a link on the entry page that I get booted
back to the login page. My scripts work fine on a Unix server, which is
what I reluctantly had to go back to using as this projects deadline is
too close not to do so. Its just on my computer locally that this does
not work. Code is below, it is fairly long.
 
Example Code:
 
//validation.php
include_once 'db.php';
include_once 'common.php'
 
 session_start();
 
 $uname = isset($_POST['username']) ? $_POST['username'] :
$_SESSION['username']; 
 $pwd = isset($_POST['password']) ? $_POST['password'] :
$_SESSION['password'];
 
 if(!isset($uname))
 {
  header("Location: login.php");
  exit;
 }
 
 $_SESSION['username'] = $uname; 
 $_SESSION['password'] = $pwd;
 
 dbConnect("db"); 
 $sql = "SELECT * FROM admin WHERE 
 admin_uname = '$uname' AND admin_pword = PASSWORD('$pwd')";
 $result = mysql_query($sql); 
 
 if (!$result) { 
  error('A database error occurred while checking your login
details.\\nIf this error persists, please contact
[EMAIL PROTECTED]'); 
 }
 
 while($row = mysql_fetch_array($result))
 {
  $admin_id = $row['admin_id'];
 }
 
 $_SESSION['aid'] = $admin_id;
 
 if (mysql_num_rows($result) == 0) { 
   unset($_SESSION['username']); 
   unset($_SESSION['password']);
   
   header("Location:login.php?item=badlogin");
   exit;  
 }
 
___
//login.php
... this is an html page with the login form. When submitted it goes to
index.php.
 
___
//index.php
include('validation.php');
 
 if(!$_SESSION['aid'])
 {
  header("Location:login.php");
  exit;
 }
 rest of page is HTML with a php include for the navigation
___
//nav.php
<.a href="admin_signup.php">Add Admin
 
___
//admin_signup.php
include('validation.php');
 
 if(!$_SESSION['aid'])
 {
  header("Location:admin_login.php");
  exit;
 }
 rest of page is HTML with a form that goes to add_admin.php for
validation and submission to the database. Its when I try to go to this
page via the link that I get sent back to the login page.
 

Jami Moore
LightSpark Digital Designs
  [EMAIL PROTECTED]
  http://www.lightsparkdigital.com/

 


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]

Sent: Wednesday, September 17, 2003 3:08 AM


Did you open register_globals = On in php.ini? 


 -Original Message- 
Larry Li/CNTR/APPLIED [EMAIL PROTECTED] 
09/17/2003 04:04 PM   

I believe all pages in your site are protected by session variables. Try

to login first, then go where you want to go. Or try to remark codes
which 
check your login status. 


-Original Message-
"Jami" <[EMAIL PROTECTED]>
09/17/2003 03:52 PM

I'm working on a project, and up until recently was using my hosting
account to do projects, but decided to update PHP on my comp to be able
to work on projects locally. I'm running WindowsXP, PHP 4.3.2, Apache
1.3, and MySQL 3.23.53. The validation page is called on each page, but
if I go to a page other than the entry page (which the validation page
takes you to when you first log in), it throws me back to the login
page. Has anyone run into this and have you solved it? Anyone have a
suggestion? Code is rather lengthy, if you want it I can send it off
list.

Jami Moore
LightSpark Digital Designs
 [EMAIL PROTECTED]
 http://www.lightsparkdigital.com/

Re: [PHP] SESSION variables losing data on WinXP?

[Larry_Li]

Did you open register_globals = On in php.ini?







Larry Li/CNTR/APPLIED [EMAIL PROTECTED]
09/17/2003 04:04 PM
 
To: <[EMAIL PROTECTED]>
cc: "PHP General" <[EMAIL PROTECTED]>
        Subject:    Re: [PHP] SESSION variables losing data on WinXP?
 


I believe all pages in your site are protected by session variables. Try 
to login first, then go where you want to go. Or try to remark codes which 

check your login status. 






"Jami" <[EMAIL PROTECTED]>
09/17/2003 03:52 PM
Please respond to listmail
 
To: "PHP General" <[EMAIL PROTECTED]>
cc: 
Subject:[PHP] SESSION variables losing data on WinXP?
 


I'm working on a project, and up until recently was using my hosting
account to do projects, but decided to update PHP on my comp to be able
to work on projects locally. I'm running WindowsXP, PHP 4.3.2, Apache
1.3, and MySQL 3.23.53. The validation page is called on each page, but
if I go to a page other than the entry page (which the validation page
takes you to when you first log in), it throws me back to the login
page. Has anyone run into this and have you solved it? Anyone have a
suggestion? Code is rather lengthy, if you want it I can send it off
list.
 

Jami Moore
LightSpark Digital Designs
 <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED]
 <http://www.lightsparkdigital.com/> http://www.lightsparkdigital.com/

 

Re: [PHP] SESSION variables losing data on WinXP?

[Larry_Li]

I believe all pages in your site are protected by session variables. Try 
to login first, then go where you want to go. Or try to remark codes which 
check your login status. 






"Jami" <[EMAIL PROTECTED]>
09/17/2003 03:52 PM
Please respond to listmail
 
To: "PHP General" <[EMAIL PROTECTED]>
cc: 
Subject:[PHP] SESSION variables losing data on WinXP?
 


I'm working on a project, and up until recently was using my hosting
account to do projects, but decided to update PHP on my comp to be able
to work on projects locally. I'm running WindowsXP, PHP 4.3.2, Apache
1.3, and MySQL 3.23.53. The validation page is called on each page, but
if I go to a page other than the entry page (which the validation page
takes you to when you first log in), it throws me back to the login
page. Has anyone run into this and have you solved it? Anyone have a
suggestion? Code is rather lengthy, if you want it I can send it off
list.
 

Jami Moore
LightSpark Digital Designs
  [EMAIL PROTECTED]
  http://www.lightsparkdigital.com/

 

Re: [PHP] Session Variables in a Class

[CPT John W. Holmes]

From: "micro brew" <[EMAIL PROTECTED]>

> Here's my class.  I start the session in the
> constructor and in later methods attempt to register
> session variables.  You can see I've tried a couple
> different methods but none of them maintain the
> session variable values.  Any suggestions?

Is register_globals ON or OFF? You shouldn't mix session_register() with
$_SESSION. Just use one other the other, but I recommend just using
$_SESSION.

$_SESSION['var'] = 'some value';

to set a session var, and

if(isset($_SESSION['var']))

to see if a variable is set.

Also, if you have a varible $foobar within a class method that you define as
a session var, you must make it global if you want to access it in other
methods. The same thing for HTTP_SESSION_VARS. I think you're just running
into a scope issue.

---John Holmes...

> Mike
>
> 
> class login {
>
> //This variable tells the browser where to redirect to
> the loginpage
> var
> $loginPage='http://www.somedomain.com/somepage.php';
> var
> $exitPage='http://www.somedomain.com/somepage.html';
> var $loggedIn;
> var $access;
> var $accesslevel;
>
>  function login($loggedIn, $access, $accesslevel) {
>
>   session_start();
>   if ($loggedIn=='1') {
>$this->checkLogin();
>   }
>   if ($access=='1') {
>$this->checkAccess();
>   }
>   if ($access=='0' && $loggedIn=='0') {
>$this->authenticateLogin();
>   }
>  }
>
> function checkLogin() {
>
>   if (session_is_registered('user')!='True') {
>session_register('unauthorizedaccess');
>$unauthorizedaccess="http://"; .
> $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'];
>header("location: $this->loginPage");
>exit();
>   }
>  }
>
>  function checkAccess() {
>
>if (session_is_registered('permission')=='True') {
> if
> ($HTTP_SESSION_VARS['permission']<$this->accesslevel)
> {
>  session_destroy();
>  header("location: $this->exitPage");
>  exit();
> }
>}
>else {
> session_register('unauthorizedaccess');
> $unauthorizedaccess="http://"; .
> $_SERVER["SERVER_NAME"] . $_SERVER["SCRIPT_NAME"];
> header("location: $this->loginPage");
> exit();
>}
>  }
>
>  function authenticateLogin() {
>
>   if ((!$HTTP_POST_VARS['un']) ||
> (!$HTTP_POST_VARS['pw'])) {
>session_register('loginError');
>header("Location: $this->loginPage");
>exit();
>   }
>
>   else {
>
>include("includes/db_connect.inc");
>
>//call db_connect function from db_connect.inc
>db_connect() or trigger_error("MySQL error #" .
> mysql_errno() . ":" . mysql_error());
>
>$query="select * from users where username=\"" .
> addslashes($HTTP_POST_VARS['un']) ."\" and
> password=\"" . addslashes($HTTP_POST_VARS['pw']) .
> "\"";
>
>$result=mysql_query($query) or trigger_error("MySQL
> error #" . mysql_errno() . ":" . mysql_error());
>
>$foundCount = mysql_num_rows($result);
>
>if ($foundCount==1) {
> session_register('user');
> session_register('permission');
> session_register('company');
> session_unregister('loginError');
> for ($i=0; $i < $foundCount; $i++) {
>  $row=mysql_fetch_array($result);
>  $_SESSION['user']=$row['userID'];
>  $_SESSION['permission']=$row['permissionLevel'];
>
>  $_SESSION['company']=$row['companyID'];
> }
> if
> (session_is_registered('unauthorizedaccess')=='True')
> {
>
> $location=$HTTP_SESSION_VARS['unauthorizedaccess'];
>  session_unregister('unauthorizedaccess');
>  header("Location: $location");
>  exit();
> }
>}
>else {
> session_register('loginError');
> header("Location: $this->loginPage");
> exit();
>}
>   }
>  }
>
>
> //closes class
> }
>
> ?>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session Variables in a Class

[micro brew]

Thanks Curt,

You were absolutely correct.  Removing the
session_register() lines before the $_SESSION[] fixed
the problem.  By mixing the two before, it actually
would register the variable so I could later test for
the registered session variable but it did not retain
the value I assigned it.  Thanks again for the help.

Mike

>* Thus wrote micro brew ([EMAIL PROTECTED]):
>> Hi everyone,
>> 
>> I've been experimenting with sessions.  I can make
>> them work just fine in a normal PHP page.  But when
I
>> create a class and try to define a session variable
>> within a method in the class it won't work.  I've
>> tried setting the session variable directly
>> ($_SESSION['name']='somevalue') but that didn't
work. 
>> The normal way of setting it -
>> session_start();
>> session_register('name'); 
>> $name='somevalue';
>
>You might want to read
>  http://php.net/session
>
>You are most likley running into a register_globals
>issue.
>
>A couple things to note:
>
>  . You must not mix $_SESSION[] access with
>session_register()
>  anywhere in your script.
>
>  . When you issue session_register('name') inside
>your class it is
>  declaring the global var $name as a session var,
not >the $name in
> your script.
>
>
>
>Curt

__
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session Variables in a Class

[Curt Zirzow]

* Thus wrote Curt Zirzow ([EMAIL PROTECTED]):
> * Thus wrote micro brew ([EMAIL PROTECTED]):
> > Hi everyone,
> > 
> > I've been experimenting with sessions.  I can make
> > them work just fine in a normal PHP page.  But when I
> > create a class and try to define a session variable
> > within a method in the class it won't work.  I've
> > tried setting the session variable directly
> > ($_SESSION['name']='somevalue') but that didn't work. 
> > The normal way of setting it -
> > session_start();
> > session_register('name'); 
> > $name='somevalue';
> 
> You might want to read
>   http://php.net/session
> 
> You are most likley running into a register_globals issue.
> 
> A couple things to note:
> 
>   . You must not mix $_SESSION[] access with session_register()
>   anywhere in your script.
> 
>   . When you issue session_register('name') inside your class it is
>   declaring the global var $name as a session var, not the $name in
>   your script.
 ^^

should be 'function'

Curt
-- 
"I used to think I was indecisive, but now I'm not so sure."

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session Variables in a Class

[Curt Zirzow]

* Thus wrote micro brew ([EMAIL PROTECTED]):
> Hi everyone,
> 
> I've been experimenting with sessions.  I can make
> them work just fine in a normal PHP page.  But when I
> create a class and try to define a session variable
> within a method in the class it won't work.  I've
> tried setting the session variable directly
> ($_SESSION['name']='somevalue') but that didn't work. 
> The normal way of setting it -
> session_start();
> session_register('name'); 
> $name='somevalue';

You might want to read
  http://php.net/session

You are most likley running into a register_globals issue.

A couple things to note:

  . You must not mix $_SESSION[] access with session_register()
  anywhere in your script.

  . When you issue session_register('name') inside your class it is
  declaring the global var $name as a session var, not the $name in
  your script.



Curt
-- 
"I used to think I was indecisive, but now I'm not so sure."

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session Variables in a Class

[micro brew]

Here's my class.  I start the session in the
constructor and in later methods attempt to register
session variables.  You can see I've tried a couple
different methods but none of them maintain the
session variable values.  Any suggestions?

Mike

http://www.somedomain.com/somepage.php';
var
$exitPage='http://www.somedomain.com/somepage.html';
var $loggedIn;
var $access;
var $accesslevel;

 function login($loggedIn, $access, $accesslevel) {   

  session_start();
  if ($loggedIn=='1') {
   $this->checkLogin();
  }
  if ($access=='1') {
   $this->checkAccess();
  }
  if ($access=='0' && $loggedIn=='0') {
   $this->authenticateLogin();
  }
 }
 
function checkLogin() { 
  
  if (session_is_registered('user')!='True') {
   session_register('unauthorizedaccess');
   $unauthorizedaccess="http://"; .
$_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'];
   header("location: $this->loginPage");
   exit();
  }
 }
 
 function checkAccess() { 
   
   if (session_is_registered('permission')=='True') {
if
($HTTP_SESSION_VARS['permission']<$this->accesslevel)
{
 session_destroy();
 header("location: $this->exitPage");
 exit();
}
   }
   else {
session_register('unauthorizedaccess');
$unauthorizedaccess="http://"; .
$_SERVER["SERVER_NAME"] . $_SERVER["SCRIPT_NAME"];
header("location: $this->loginPage");
exit();
   }
 }

 function authenticateLogin() { 

  if ((!$HTTP_POST_VARS['un']) ||
(!$HTTP_POST_VARS['pw'])) {
   session_register('loginError');
   header("Location: $this->loginPage");
   exit();
  }

  else {

   include("includes/db_connect.inc");

   //call db_connect function from db_connect.inc
   db_connect() or trigger_error("MySQL error #" .
mysql_errno() . ":" . mysql_error());

   $query="select * from users where username=\"" .
addslashes($HTTP_POST_VARS['un']) ."\" and
password=\"" . addslashes($HTTP_POST_VARS['pw']) .
"\"";

   $result=mysql_query($query) or trigger_error("MySQL
error #" . mysql_errno() . ":" . mysql_error());

   $foundCount = mysql_num_rows($result);

   if ($foundCount==1) {
session_register('user');
session_register('permission');
session_register('company');
session_unregister('loginError');
for ($i=0; $i < $foundCount; $i++) {
 $row=mysql_fetch_array($result); 
 $_SESSION['user']=$row['userID'];  
 $_SESSION['permission']=$row['permissionLevel']; 

 $_SESSION['company']=$row['companyID'];
}
if
(session_is_registered('unauthorizedaccess')=='True')
{

$location=$HTTP_SESSION_VARS['unauthorizedaccess'];
 session_unregister('unauthorizedaccess');
 header("Location: $location");
 exit();
}
   }
   else {
session_register('loginError');
header("Location: $this->loginPage");
exit();
   }
  }
 }


//closes class
}

?>

--- "CPT John W. Holmes" <[EMAIL PROTECTED]>
wrote:
> From: "micro brew" <[EMAIL PROTECTED]>
> > I've been experimenting with sessions.  I can make
> > them work just fine in a normal PHP page.  But
> when I
> > create a class and try to define a session
> variable
> > within a method in the class it won't work.  I've
> > tried setting the session variable directly
> > ($_SESSION['name']='somevalue') but that didn't
> work.
> > The normal way of setting it -
> > session_start();
> > session_register('name');
> > $name='somevalue';
> >
> > - didn't work either (within the class).
> 
> "didn't work" isn't very helpful to us. How useful
> would it be for me to
> just answer you with "it worked" for me.
> 
> Show us some code examples (short ones) as to how
> this doesn't work, please.
> 
> ---John Holmes...
> 


__
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Session Variables in a Class

[CPT John W. Holmes]

From: "micro brew" <[EMAIL PROTECTED]>
> I've been experimenting with sessions.  I can make
> them work just fine in a normal PHP page.  But when I
> create a class and try to define a session variable
> within a method in the class it won't work.  I've
> tried setting the session variable directly
> ($_SESSION['name']='somevalue') but that didn't work.
> The normal way of setting it -
> session_start();
> session_register('name');
> $name='somevalue';
>
> - didn't work either (within the class).

"didn't work" isn't very helpful to us. How useful would it be for me to
just answer you with "it worked" for me.

Show us some code examples (short ones) as to how this doesn't work, please.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php