Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION - cont.
On Tue, Aug 13, 2002 at 10:07:57AM -0700, Rasmus Lerdorf wrote: while ( list($Key, $Val) = each($_SESSION) ) { $$Key = $Val; } extract($_SESSION) is a better way to do that. Yeah. Old habits die hard! :) --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION - cont.
Rasmus OK, I think I understand the principle now, yet, when I implement id, my app still fails. I have register_golbals = on, BUT, I want to find a way to code that I know will always work, regardless of register_globals or cookies, so that I am only dependant on the trans-sid ( but If I could rule that out too, it would be even better) How do you write your apps so you know that they will work on most configurations? I have a bunch of older apps that will definately break if I upgrade the server and turn register_globals off, and I want to prevent it from happening with new apps I write now. With what you said below, can I assume that: 1) If I know all the variables that I will need to be session variables, I can session_register() them all on the first page, and then simply give them values during the normal flow of the app? I have tried to implement what you said below in my app as follow, basically the route is: Login form -- action page: action page links to another form page form page -- action page All these pages are supposed to be part of the session, but between the last two pages, the session disappears, and the form doesn't pass variables... I'm so utterly fed-up with myself for not being able to get this right. Can you see ANYTHING that might cause this? index.php ?php session_start(); ? form name=form1 method=post action=admin_select.php table border=0 cellspacing=0 cellpadding=0 tr bgcolor=#CFCFCF td colspan=2Admin Login /td /tr tr tdUsername: /td tdinput type=text name=user_name /td /tr tr tdPassword: /td tdinput type=text name=pass_word /td /tr tr td input type=submit name=Submit4 value=Submit /td /tr /table /form Then: admin_select.php ?php session_start(); if ((!$HTTP_SESSION_VARS[username]) (!$HTTP_SESSION_VARS[password])) { session_register(username,password); } if (($HTTP_POST_VARS[user_name]) ($HTTP_POST_VARS[pass_word])) { $username = $HTTP_POST_VARS[user_name]; $password = $HTTP_POST_VARS[pass_word]; } /* Not sure if my logic above works, trying to check if the person is coming back via a link or from the from for the first time; I'm not sure what could happen if you session_register a variable twice??? */ $link = mysql_connect(localhost,$username,$password) or die ('Could not connect!'); mysql_select_db(mafisa,$link); $sql = select * from project_table order by id; $result = mysql_query($sql); ? form action=admin_select_document.php method=POST enctype=multipart/form-data table border=1 tr td colspan=2 bgcolor=CFCFCFAdmin Interface/td /tr tr td colspan=2Please select Project to work with/td /tr tr td colspan =2 ?php if (mysql_num_rows($result)) { echo select name=\sess_id_project\; while ($myrow = mysql_fetch_assoc($result)) { $sess_project_name = $myrow[project_name]; $sess_project_id = $myrow[id]; echo 'option value='.$sess_project_id.''.$sess_project_name; } echo '/select'; echo '/td'; echo '/tr'; echo 'tr'; echo 'td colspan=2input type=submit name=submit value=Go!/td'; echo '/tr'; echo '/form'; } else { echo 'biThere are currently no Projects on the system,'; echo 'please use the section below to add one/i/b'; echo '/td'; echo '/tr'; echo '/form'; } echo 'trtd colspan=2 bgcolor=00/td/tr tr td colspan=2 bgcolor=CFCFCFa href=admin_add_project.phpAdd a new Project/a/td /tr /table'; ? This second page has two routes to go, either you select the document from the drop_down, or you can add a new project, It is with the second route that I pick up further problems: admin_add_project.php ?php session_start(); echo ' form action=admin_add_project_do.php method=POST enctype=multipart/form-data table tr td colspan=2 bgcolor=CFCFCFMafisa Admin Interface/td /tr tr tdNew Project Name/td tdinput type=text name=project_name_add/td /tr tr tdProject Descriptions/td tdtextarea name=project_description_add/textarea/td /tr tr td colspan=2input type=submit name=submit value=Save/td /tr /table /form '; ? Now, on this last page that is supposed to insert the form data into the db, there is simply no form data, or session variables! admin_add_project_do.php ?php session_start(); $date = date('Y-m-d'); $link = mysql_connect('localhost',$HTTP_SESSION_VARS[username],$HTTP_SESSION_VARS[password]) or die ('Could not connect!'); mysql_select_db('mafisa',$link); $project_name_db = addslashes($HTTP_POST_VARS[project_name_add]); $project_description_db =
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION - cont.
Petre: On Tue, Aug 13, 2002 at 03:18:42PM +0200, Petre Agenbag wrote: I have register_golbals = on, BUT, I want to find a way to code that I know will always work, regardless of register_globals or cookies, so that I am only dependant on the trans-sid ( but If I could rule that out too, it would be even better) This example assumes the machine is running PHP = 4.1.0 allowing use of $_SESSION rather than $HTTP_SESSION_VARS. Adjust as needed. session_start(); if ( !isset($SessionID) ) { # This likely means that register globals is off. # So, loop through the session vars and create regular vars. while ( list($Key, $Val) = each($_SESSION) ) { $$Key = $Val; } } Enjoy, --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION - cont.
No real reason to start the session in index.php. You are not registering any session vars, nor are you accessing any. index.php ?php session_start(); ? form name=form1 method=post action=admin_select.php table border=0 cellspacing=0 cellpadding=0 tr bgcolor=#CFCFCF td colspan=2Admin Login /td /tr tr tdUsername: /td tdinput type=text name=user_name /td /tr tr tdPassword: /td tdinput type=text name=pass_word /td /tr tr td input type=submit name=Submit4 value=Submit /td /tr /table /form Ok, now that we are in admin_select.php you can start the session, which you do. Then: admin_select.php ?php session_start(); if ((!$HTTP_SESSION_VARS[username]) (!$HTTP_SESSION_VARS[password])) { session_register(username,password); } if (($HTTP_POST_VARS[user_name]) ($HTTP_POST_VARS[pass_word])) { $username = $HTTP_POST_VARS[user_name]; $password = $HTTP_POST_VARS[pass_word]; } Looks ok so far. Although I am not sure session_register() was able to take multiple args in 4.0.3. But you don't need the check. Nothing bad happens if you session_register() the same var twice. $link = mysql_connect(localhost,$username,$password) or die ('Could not connect!'); mysql_select_db(mafisa,$link); $sql = select * from project_table order by id; $result = mysql_query($sql); ? form action=admin_select_document.php method=POST enctype=multipart/form-data table border=1 tr td colspan=2 bgcolor=CFCFCFAdmin Interface/td /tr tr td colspan=2Please select Project to work with/td /tr tr td colspan =2 ?php if (mysql_num_rows($result)) { echo select name=\sess_id_project\; while ($myrow = mysql_fetch_assoc($result)) { $sess_project_name = $myrow[project_name]; $sess_project_id = $myrow[id]; echo 'option value='.$sess_project_id.''.$sess_project_name; } echo '/select'; echo '/td'; echo '/tr'; echo 'tr'; echo 'td colspan=2input type=submit name=submit value=Go!/td'; echo '/tr'; echo '/form'; } else { echo 'biThere are currently no Projects on the system,'; echo 'please use the section below to add one/i/b'; echo '/td'; echo '/tr'; echo '/form'; } echo 'trtd colspan=2 bgcolor=00/td/tr tr td colspan=2 bgcolor=CFCFCFa href=admin_add_project.phpAdd a new Project/a/td /tr /table'; ? ok This second page has two routes to go, either you select the document from the drop_down, or you can add a new project, It is with the second route that I pick up further problems: admin_add_project.php ?php session_start(); echo ' form action=admin_add_project_do.php method=POST enctype=multipart/form-data table tr td colspan=2 bgcolor=CFCFCFMafisa Admin Interface/td /tr tr tdNew Project Name/td tdinput type=text name=project_name_add/td /tr tr tdProject Descriptions/td tdtextarea name=project_description_add/textarea/td /tr tr td colspan=2input type=submit name=submit value=Save/td /tr /table /form '; ? Again, you don't register nor do you use any session vars in admin_add_project.php so there is no need to start the session. Now, on this last page that is supposed to insert the form data into the db, there is simply no form data, or session variables! admin_add_project_do.php ?php session_start(); $date = date('Y-m-d'); $link = mysql_connect('localhost',$HTTP_SESSION_VARS[username],$HTTP_SESSION_VARS[password]) or die ('Could not connect!'); mysql_select_db('mafisa',$link); $project_name_db = addslashes($HTTP_POST_VARS[project_name_add]); $project_description_db = addslashes($HTTP_POST_VARS[project_description_add]); $sql = insert into project_table (project_name,project_description,date) values ('$project_name_db','$project_description_db','$date'); $result = mysql_query($sql); echo 'Thank you, new project :: bi'.$project_name_db.'/i/b was added to the system. br a href=admin_select.phpBack/abr'; ? Looks ok. Is it only on 4.0.3 that this isn't working? Why don't you do this instead at the top of each page where you want to use the session vars: if(!ini_get('register_globals')) { extract($HTTP_SESSION_VARS); } Then just use plain $username and $password. See if that makes a difference. But you really should get your provider to upgrade to something a lot more recent than 4.0.3. Do you realize that 4.0.3 is almost 2 years old now? That's an eternity on the Web. -Rasmus -- PHP General Mailing List
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION - cont.
while ( list($Key, $Val) = each($_SESSION) ) { $$Key = $Val; } extract($_SESSION) is a better way to do that. -Rasmus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION
If register_globals is known to be on, why are you worrying about the $HTTP_* arrays? On 12 Aug 2002, Petre Agenbag wrote: Hi Me again Still having problems with forms not sending variables, and session variables dissapearing. I have 2 systems, one older 4.0.3 PHP which is my main webserver, so all scripts must comply with it... And the other my development server with the latest 4.1.2 So, I'm trying to write scripts that will happily work on both, and I understand that I must use HTTP_POST_VARS and HTTP_SESSION_VARS in order to comply with 4.0.3. register_globals and track_vars as well as trans_sid are enabled on both. Now, take a look at the example below: index.php form action=page2.php method=POST input type=text name=testinput type=submit name=submit /form page2.php ?php session_start(); echo ' HTTP_POST_VARS :'.$HTTP_POST_VARS[test].'br'; echo ' POST_VARS: '.$_POST[test].'br'; echo ' normal test :'.$test.'br'; echo 'Session Value (only for re-entry):'.$HTTP_SESSION_VARS[testing].'br'; if ($HTTP_POST_VARS[test]) { $HTTP_SESSION_VARS[testing] = $HTTP_POST_VARS[test]; } echo 'a href=page3.phpClick/a'; ? page3.php ?php session_start(); echo 'Session Variable:'.$HTTP_SESSION_VARS[testing].'br'; echo 'a href=page4.phpForward to test sess var further/abr'; echo 'a href=page2.phpBack to test sess var/abr'; ? page4.php ?php session_start(); echo 'Session Variable:'.$HTTP_SESSION_VARS[testing].'br'; echo 'a href=page3.phpBack to page 3 to test sess var further/abr'; echo 'a href=page2.phpBack to page 2 to test sess var/abr'; ? This small test works 100% on my newer system, and I was under the impression that I coded it to be backwards compatible with my older system, BUT, look here: http://www.linuxhelp.co.za/session_test to see what it does on my working server. The scripts are identical. Please can you point out my mistakes in reasoning? Also, I want these scripts to work regardless of cookies, so if you see something that might cause problems when ppl disable cookies, plz advise. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION
You lost me there... Are you saying I don't need to access those variable in that way? Can I simply use $variable in successive pages then? Surely I MUST use that notation to assign values then right?, specially to the session vars, right? But, just out of curiosity, why does it work fine on my newer system? Thanks On Mon, 2002-08-12 at 21:17, Rasmus Lerdorf wrote: If register_globals is known to be on, why are you worrying about the $HTTP_* arrays? On 12 Aug 2002, Petre Agenbag wrote: Hi Me again Still having problems with forms not sending variables, and session variables dissapearing. I have 2 systems, one older 4.0.3 PHP which is my main webserver, so all scripts must comply with it... And the other my development server with the latest 4.1.2 So, I'm trying to write scripts that will happily work on both, and I understand that I must use HTTP_POST_VARS and HTTP_SESSION_VARS in order to comply with 4.0.3. register_globals and track_vars as well as trans_sid are enabled on both. Now, take a look at the example below: index.php form action=page2.php method=POST input type=text name=testinput type=submit name=submit /form page2.php ?php session_start(); echo ' HTTP_POST_VARS :'.$HTTP_POST_VARS[test].'br'; echo ' POST_VARS: '.$_POST[test].'br'; echo ' normal test :'.$test.'br'; echo 'Session Value (only for re-entry):'.$HTTP_SESSION_VARS[testing].'br'; if ($HTTP_POST_VARS[test]) { $HTTP_SESSION_VARS[testing] = $HTTP_POST_VARS[test]; } echo 'a href=page3.phpClick/a'; ? page3.php ?php session_start(); echo 'Session Variable:'.$HTTP_SESSION_VARS[testing].'br'; echo 'a href=page4.phpForward to test sess var further/abr'; echo 'a href=page2.phpBack to test sess var/abr'; ? page4.php ?php session_start(); echo 'Session Variable:'.$HTTP_SESSION_VARS[testing].'br'; echo 'a href=page3.phpBack to page 3 to test sess var further/abr'; echo 'a href=page2.phpBack to page 2 to test sess var/abr'; ? This small test works 100% on my newer system, and I was under the impression that I coded it to be backwards compatible with my older system, BUT, look here: http://www.linuxhelp.co.za/session_test to see what it does on my working server. The scripts are identical. Please can you point out my mistakes in reasoning? Also, I want these scripts to work regardless of cookies, so if you see something that might cause problems when ppl disable cookies, plz advise. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION
Oh, almost forgot, I *think* the reason why I'm still worrying about the $HTTP_* arrays are because I *think* that it is the correct way to work with the vars once register_globals is turned off ( which is where things are moving to right?), and I don't want to re-code my scripts... Am I making sense? On Mon, 2002-08-12 at 21:17, Rasmus Lerdorf wrote: If register_globals is known to be on, why are you worrying about the $HTTP_* arrays? On 12 Aug 2002, Petre Agenbag wrote: Hi Me again Still having problems with forms not sending variables, and session variables dissapearing. I have 2 systems, one older 4.0.3 PHP which is my main webserver, so all scripts must comply with it... And the other my development server with the latest 4.1.2 So, I'm trying to write scripts that will happily work on both, and I understand that I must use HTTP_POST_VARS and HTTP_SESSION_VARS in order to comply with 4.0.3. register_globals and track_vars as well as trans_sid are enabled on both. Now, take a look at the example below: index.php form action=page2.php method=POST input type=text name=testinput type=submit name=submit /form page2.php ?php session_start(); echo ' HTTP_POST_VARS :'.$HTTP_POST_VARS[test].'br'; echo ' POST_VARS: '.$_POST[test].'br'; echo ' normal test :'.$test.'br'; echo 'Session Value (only for re-entry):'.$HTTP_SESSION_VARS[testing].'br'; if ($HTTP_POST_VARS[test]) { $HTTP_SESSION_VARS[testing] = $HTTP_POST_VARS[test]; } echo 'a href=page3.phpClick/a'; ? page3.php ?php session_start(); echo 'Session Variable:'.$HTTP_SESSION_VARS[testing].'br'; echo 'a href=page4.phpForward to test sess var further/abr'; echo 'a href=page2.phpBack to test sess var/abr'; ? page4.php ?php session_start(); echo 'Session Variable:'.$HTTP_SESSION_VARS[testing].'br'; echo 'a href=page3.phpBack to page 3 to test sess var further/abr'; echo 'a href=page2.phpBack to page 2 to test sess var/abr'; ? This small test works 100% on my newer system, and I was under the impression that I coded it to be backwards compatible with my older system, BUT, look here: http://www.linuxhelp.co.za/session_test to see what it does on my working server. The scripts are identical. Please can you point out my mistakes in reasoning? Also, I want these scripts to work regardless of cookies, so if you see something that might cause problems when ppl disable cookies, plz advise. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION
No, you don't need to use HTTP_SESSION_VARS for anything if register_globals is on. Sessions are very simple. You start a session, and you register variables to be part of that session. Like this: session_start(); session_register('a'); session_register('b'); If you have that at the top of the first page, then whatever values $a and $b have by the time the script finishes is what will be written to the session backend. So, on a subsequent page you just do: session_start(); This will see the session ID that the browser passed to it either via a cookie or in the URL and it will go and restore the variables from the session backend. That means that at this point you can just do: echo $a; echo $b; At no point is there any need for $HTTP_SESSION_VARS nor $_SESSION if you are sure that register_globals will always be on. Now, if you want it to work with register_globals off, you still don't need to use $HTTP_SESSION_VARS when setting the variables, you only need to use it when retrieving them. So, instead of echo $a and echo $b you would have: echo $HTTP_SESSION_VARS['a']; echo $HTTP_SESSION_VARS['b']; Or, of course in newer PHP's you can use $_SESSION['a']. Your stuff probably didn't work because you were setting the session vars via the $HTTP_SESSION_VARS array. That works now, but it probably didn't use to as it is a bit of a weird way to do it. -Rasmus On 12 Aug 2002, Petre Agenbag wrote: You lost me there... Are you saying I don't need to access those variable in that way? Can I simply use $variable in successive pages then? Surely I MUST use that notation to assign values then right?, specially to the session vars, right? But, just out of curiosity, why does it work fine on my newer system? Thanks On Mon, 2002-08-12 at 21:17, Rasmus Lerdorf wrote: If register_globals is known to be on, why are you worrying about the $HTTP_* arrays? On 12 Aug 2002, Petre Agenbag wrote: Hi Me again Still having problems with forms not sending variables, and session variables dissapearing. I have 2 systems, one older 4.0.3 PHP which is my main webserver, so all scripts must comply with it... And the other my development server with the latest 4.1.2 So, I'm trying to write scripts that will happily work on both, and I understand that I must use HTTP_POST_VARS and HTTP_SESSION_VARS in order to comply with 4.0.3. register_globals and track_vars as well as trans_sid are enabled on both. Now, take a look at the example below: index.php form action=page2.php method=POST input type=text name=testinput type=submit name=submit /form page2.php ?php session_start(); echo ' HTTP_POST_VARS :'.$HTTP_POST_VARS[test].'br'; echo ' POST_VARS: '.$_POST[test].'br'; echo ' normal test :'.$test.'br'; echo 'Session Value (only for re-entry):'.$HTTP_SESSION_VARS[testing].'br'; if ($HTTP_POST_VARS[test]) { $HTTP_SESSION_VARS[testing] = $HTTP_POST_VARS[test]; } echo 'a href=page3.phpClick/a'; ? page3.php ?php session_start(); echo 'Session Variable:'.$HTTP_SESSION_VARS[testing].'br'; echo 'a href=page4.phpForward to test sess var further/abr'; echo 'a href=page2.phpBack to test sess var/abr'; ? page4.php ?php session_start(); echo 'Session Variable:'.$HTTP_SESSION_VARS[testing].'br'; echo 'a href=page3.phpBack to page 3 to test sess var further/abr'; echo 'a href=page2.phpBack to page 2 to test sess var/abr'; ? This small test works 100% on my newer system, and I was under the impression that I coded it to be backwards compatible with my older system, BUT, look here: http://www.linuxhelp.co.za/session_test to see what it does on my working server. The scripts are identical. Please can you point out my mistakes in reasoning? Also, I want these scripts to work regardless of cookies, so if you see something that might cause problems when ppl disable cookies, plz advise. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php