Re: [PHP] Any conflict with $_POST when 2 users concurrently submitting the same form using POST method?
Craige, Marc, Nitsan,Bastien, Thanks for your reply! This is my understanding and comment from your replies: (1) If the web server do have assign anonymous request ID to each HTTP request from client browser, and assign $_POST to each request ID and works within request ID scope, this is fine with session or without session. (2) If the above is not the case, then session is required. However web server still need to provide each session ID a $_POST array and works within this scope. (3) If the web server does not work in case(1) neither case(2), then include user ID into $_POST is appropriate, e.g. $_POST[userID][input_submitted_name][input_submitted_value] instead of just $_POST][input_submitted_name][input_submitted_value]. So, which of the 3 cases above is appropriate? Thanks! "Craige Leeder" wrote in message news:4a2e85b3@gmail.com... While yes $_POST is a supergloabal, even a superglobal has it's own scope. The scope of $_POST is to the call of the user to the web server. Therefor, no User A's information will not be overwritten by User B's information. Hope this helps. Let me know if you want any further clarification. This was just a very simplified answer. Keith wrote: Let's say user A and user B submitting purchase order form with "order.php" at the same time, with method=post action='confirmation.php'. (1) Will $_POST['order'] submitted by user A replaced by $_POST['order'] submitted by user B, and the both user A & B getting the same order, which is made by user B? Why? (2)Since $_POST['xxx'] is superglobal array, will $_POST['order'] read by users other than A & B? In shared hosting server environment, are all domains hosted within that server using the same $_POST array? Can $_POST array accessible by all domains even if not from the originating domain? Thx for clarification! Keith -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Any conflict with $_POST when 2 users concurrently submitting the same form using POST method?
-Original Message- From: Craige Leeder [mailto:clee...@gmail.com] Sent: Tuesday, June 09, 2009 11:54 AM To: Keith; PHP-General List Subject: Re: [PHP] Any conflict with $_POST when 2 users concurrently submitting the same form using POST method? While yes $_POST is a supergloabal, even a superglobal has it's own scope. The scope of $_POST is to the call of the user to the web server. Therefor, no User A's information will not be overwritten by User B's information. Hope this helps. Let me know if you want any further clarification. This was just a very simplified answer. Keith wrote: > Let's say user A and user B submitting purchase order form with > "order.php" at the same time, with method=post action='confirmation.php'. > > (1) Will $_POST['order'] submitted by user A replaced by > $_POST['order'] submitted by user B, and the both user A & B getting > the same order, which is made by user B? Why? > > (2)Since $_POST['xxx'] is superglobal array, will $_POST['order'] > read by users other than A & B? In shared hosting server environment, > are all domains hosted within that server using the same $_POST array? > Can $_POST array accessible by all domains even if not from the > originating domain? > > Thx for clarification! > > Keith > Wow what a major security risk and headache this would be -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php __ Information from ESET Smart Security, version of virus signature database 4141 (20090609) __ The message was checked by ESET Smart Security. http://www.eset.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Any conflict with $_POST when 2 users concurrently submitting the same form using POST method?
While yes $_POST is a supergloabal, even a superglobal has it's own scope. The scope of $_POST is to the call of the user to the web server. Therefor, no User A's information will not be overwritten by User B's information. Hope this helps. Let me know if you want any further clarification. This was just a very simplified answer. Keith wrote: Let's say user A and user B submitting purchase order form with "order.php" at the same time, with method=post action='confirmation.php'. (1) Will $_POST['order'] submitted by user A replaced by $_POST['order'] submitted by user B, and the both user A & B getting the same order, which is made by user B? Why? (2)Since $_POST['xxx'] is superglobal array, will $_POST['order'] read by users other than A & B? In shared hosting server environment, are all domains hosted within that server using the same $_POST array? Can $_POST array accessible by all domains even if not from the originating domain? Thx for clarification! Keith -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Any conflict with $_POST when 2 users concurrently submitting the same form using POST method?
On Tue, Jun 9, 2009 at 11:51 AM, Nitsan Bin-Nun wrote: > Hell no! > > Why would they be overwritten? > > An HTTP request is sent from user A, the interpreter is "compiling" > the PHP script with the received HTTP request variables and send back > the HTTP response to user A, during this time the same thing happens > with user B. > > I can't think of any possible reason in which the $_POST variables > will be overwritten during paralell requests. > > Regards, > Nitsan > > On Tue, Jun 9, 2009 at 9:27 AM, Keith wrote: >> Let's say user A and user B submitting purchase order form with "order.php" >> at the same time, with method=post action='confirmation.php'. >> >> (1) Will $_POST['order'] submitted by user A replaced by $_POST['order'] >> submitted by user B, and the both user A & B getting the same order, which >> is made by user B? Why? >> >> (2) Since $_POST['xxx'] is superglobal array, will $_POST['order'] read >> by users other than A & B? In shared hosting server environment, are all >> domains hosted within that server using the same $_POST array? Can $_POST >> array accessible by all domains even if not from the originating domain? >> >> Thx for clarification! >> >> Keith >> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > You can also use sessions to keep thing separate -- Bastien Cat, the other other white meat -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Any conflict with $_POST when 2 users concurrently submitting the same form using POST method?
Hell no! Why would they be overwritten? An HTTP request is sent from user A, the interpreter is "compiling" the PHP script with the received HTTP request variables and send back the HTTP response to user A, during this time the same thing happens with user B. I can't think of any possible reason in which the $_POST variables will be overwritten during paralell requests. Regards, Nitsan On Tue, Jun 9, 2009 at 9:27 AM, Keith wrote: > Let's say user A and user B submitting purchase order form with "order.php" > at the same time, with method=post action='confirmation.php'. > > (1) Will $_POST['order'] submitted by user A replaced by $_POST['order'] > submitted by user B, and the both user A & B getting the same order, which > is made by user B? Why? > > (2) Since $_POST['xxx'] is superglobal array, will $_POST['order'] read > by users other than A & B? In shared hosting server environment, are all > domains hosted within that server using the same $_POST array? Can $_POST > array accessible by all domains even if not from the originating domain? > > Thx for clarification! > > Keith > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php