RE: [PHP] Sessions: I don't get it!!
To view the terms under which this email is distributed, please go to http://disclaimer.leedsmet.ac.uk/email.htm On 15 November 2004 06:13, [EMAIL PROTECTED] wrote: Looks like you're making it way more complicated than it needs to be. PHP will automatically tack on the Session ID tag to your local url's, but only if it needs to. There is no need to append the SID to url's manually. Not to most URLs, no, but if the SID is being passed in the URL you *must* append it to any header(Location: ...) URL. Fortunately, this, too, is easy, and the OP was making it way more complicated than it needs to be! ;) The constant SID only contains the session name and id *when it needs to* -- otherwise it's defined as the empty string. So you can unconditionally append it to URLs and get the right result: header('Location: simple2.php?'.SID); The only tidying-up you might want to do, if you're really obsessional about neatness, is suppress the '?' if SID is empty, so: header('Location: simple2.php'.SID?('?'.SID):''); I can't see any benefit in applying strip_tags() to SID, unless you're terminally paranoid -- as it's generated internally by PHP, there shouldn't be any way it can contain anything that strip_tags() would defend against. Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning Information Services, JG125, James Graham Building, Leeds Metropolitan University, Headingley Campus, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sessions: I don't get it!!
I'd like to do something with sessions that should be easy. But I'm new to this, and obviously I'm missing something somewhere... I want to use cookies if the visitor allows, but tack the session info (SID) get style on the URL of a linked page *only if* the visitor blocks cookies. I've tried a lot of variations, but nothing really works. I either get the entire SID value in the URL (even if cookies are accepted), or the SID doesn't show up in the URL, which means it works only with visitors who accept cookies. Below is my most recent attempt. simple.php detects whether the visitor accepts cookies by forcing a page reload (my thanks to Chris Shiflett), then attempts a redirection, based on whether cookies are accepted. Doesn't work. Anyone got any ideas? TIA. - ? # simple.php ini_set('session.use_trans_sid', 0); ini_set('session.use_cookies', 1); ini_set('register_globals', 0); session_start(); if (! isset($_GET['cac'])) { header('Set-Cookie: accept_cookies=yes'); header('Location: ' . $_SERVER['PHP_SELF'] . '?cac=1'); } $_SESSION['accepts_cookies'] = isset($_COOKIE['accept_cookies']); $_SESSION['session_num'] = session_id(); if ($_SESSION['accepts_cookies']) { header('location: simple2.php'); } else { header('location: simple2.php?'. strip_tags(SID)); } die; ? -- ? # simple2.php //ini_set('session.use_trans_sid', 0); //ini_set('session.use_cookies', 1); //ini_set('session.use_only_cookies', 1); //ini_set('register_globals', 0); session_start(); ? html head titleProcessing Error/title meta http-equiv=Content-Type content=text/html; charset=iso-8859-1 /head body ? echo Old Session ID: . $_SESSION['session_num'] . br; echo This Session ID: . session_id() . br; echo SID: . SID . br; ? blockquote ? echo ? /blockquote /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions: I don't get it!!
Looks like you're making it way more complicated than it needs to be. PHP will automatically tack on the Session ID tag to your local url's, but only if it needs to. There is no need to append the SID to url's manually. Nate -Original Message- From: Don [mailto:[EMAIL PROTECTED] Sent: Sunday, November 14, 2004 9:54 PM To: [EMAIL PROTECTED] Subject: [PHP] Sessions: I don't get it!! I'd like to do something with sessions that should be easy. But I'm new to this, and obviously I'm missing something somewhere... I want to use cookies if the visitor allows, but tack the session info (SID) get style on the URL of a linked page *only if* the visitor blocks cookies. I've tried a lot of variations, but nothing really works. I either get the entire SID value in the URL (even if cookies are accepted), or the SID doesn't show up in the URL, which means it works only with visitors who accept cookies. Below is my most recent attempt. simple.php detects whether the visitor accepts cookies by forcing a page reload (my thanks to Chris Shiflett), then attempts a redirection, based on whether cookies are accepted. Doesn't work. Anyone got any ideas? TIA. - ? # simple.php ini_set('session.use_trans_sid', 0); ini_set('session.use_cookies', 1); ini_set('register_globals', 0); session_start(); if (! isset($_GET['cac'])) { header('Set-Cookie: accept_cookies=yes'); header('Location: ' . $_SERVER['PHP_SELF'] . '?cac=1'); } $_SESSION['accepts_cookies'] = isset($_COOKIE['accept_cookies']); $_SESSION['session_num'] = session_id(); if ($_SESSION['accepts_cookies']) { header('location: simple2.php'); } else { header('location: simple2.php?'. strip_tags(SID)); } die; ? -- ? # simple2.php //ini_set('session.use_trans_sid', 0); //ini_set('session.use_cookies', 1); //ini_set('session.use_only_cookies', 1); //ini_set('register_globals', 0); session_start(); ? html head titleProcessing Error/title meta http-equiv=Content-Type content=text/html; charset=iso-8859-1 /head body ? echo Old Session ID: . $_SESSION['session_num'] . br; echo This Session ID: . session_id() . br; echo SID: . SID . br; ? blockquote ? echo ? /blockquote /body /html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php