Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION - cont.
On Tue, Aug 13, 2002 at 10:07:57AM -0700, Rasmus Lerdorf wrote:
> > while ( list($Key, $Val) = each($_SESSION) ) {
> > $$Key = $Val;
> > }
>
> extract($_SESSION) is a better way to do that.
Yeah. Old habits die hard! :)
--Dan
--
PHP classes that make web design easier
SQL Solution | Layout Solution | Form Solution
sqlsolution.info | layoutsolution.info | formsolution.info
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION - cont.
> while ( list($Key, $Val) = each($_SESSION) ) {
> $$Key = $Val;
> }
extract($_SESSION) is a better way to do that.
-Rasmus
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION - cont.
No real reason to start the session in index.php. You are not registering
any session vars, nor are you accessing any.
> index.php
>session_start();
> ?>
>
>
>
>
> Admin Login
>
>
>
> Username:
>
>
>
>
>
> Password:
>
>
>
>
>
>
>
>
>
>
>
Ok, now that we are in admin_select.php you can start the session, which
you do.
> Then:
> admin_select.php
>
> session_start();
> if ((!$HTTP_SESSION_VARS["username"]) &&
> (!$HTTP_SESSION_VARS["password"])) {
> session_register("username","password");
> }
> if (($HTTP_POST_VARS["user_name"]) && ($HTTP_POST_VARS["pass_word"])) {
>
> $username = $HTTP_POST_VARS["user_name"];
> $password = $HTTP_POST_VARS["pass_word"];
> }
Looks ok so far. Although I am not sure session_register() was able to
take multiple args in 4.0.3. But you don't need the check. Nothing bad
happens if you session_register() the same var twice.
> $link = @mysql_connect("localhost",$username,$password) or die
> ('Could not connect!');
> mysql_select_db("mafisa",$link);
> $sql = "select * from project_table order by id";
> $result = mysql_query($sql);
> ?>
> enctype="multipart/form-data">
>
>
> Admin Interface
>
>
> Please select Project to work with
>
>
>
> if (mysql_num_rows($result)) {
> echo "";
> while ($myrow = mysql_fetch_assoc($result)) {
> $sess_project_name = $myrow["project_name"];
> $sess_project_id = $myrow["id"];
> echo ' value="'.$sess_project_id.'">'.$sess_project_name;
> }
> echo '';
> echo '';
> echo '';
> echo '';
> echo ' value="Go!">';
> echo '';
> echo '';
> } else {
> echo 'There are currently no Projects on the system,';
> echo 'please use the section below to add one';
> echo '';
> echo '';
> echo '';
> }
>
>
> echo '
>
>
> Add
> a new Project
>
>
> ';
>
> ?>
ok
> This second page has two routes to go, either you select the document
> from the drop_down, or you can "add a new project", It is with the
> second route that I pick up further problems:
>
> admin_add_project.php
>
> session_start();
> echo '
> enctype="multipart/form-data">
>
>
> Mafisa Admin Interface
>
>
> New Project Name
>
>
>
> Project Descriptions
>
>
>
> value="Save">
>
>
>
> ';
> ?>
Again, you don't register nor do you use any session vars in
admin_add_project.php so there is no need to start the session.
> Now, on this last page that is supposed to insert the form data into the
> db, there is simply no form data, or session variables!
>
> admin_add_project_do.php
> session_start();
> $date = date('Y-m-d');
> $link =
>
>@mysql_connect('localhost',$HTTP_SESSION_VARS["username"],$HTTP_SESSION_VARS["password"])
> or die ('Could not connect!');
> mysql_select_db('mafisa',$link);
> $project_name_db =
> addslashes($HTTP_POST_VARS["project_name_add"]);
> $project_description_db =
> addslashes($HTTP_POST_VARS["project_description_add"]);
> $sql = "insert into project_table
> (project_name,project_description,date) values
> ('$project_name_db','$project_description_db','$date')";
> $result = mysql_query($sql);
> echo 'Thank you, new project ::
> '.$project_name_db.' was added to the system.
>Back';
> ?>
Looks ok. Is it only on 4.0.3 that this isn't working?
Why don't you do this instead at the top of each page where you want to
use the session vars:
if(!ini_get('register_globals')) {
extract($HTTP_SESSION_VARS);
}
Then just use plain $username and $password. See if that makes a
difference. But you really should get your provider to upgrade to
something a lot more recent than 4.0.3. Do you realize that 4.0.3 is
almost 2 years old now? That's an eternity on the Web.
-Rasmus
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION - cont.
Petre:
On Tue, Aug 13, 2002 at 03:18:42PM +0200, Petre Agenbag wrote:
>
> I have register_golbals = on, BUT, I want to find a way to code that I
> know will always work, regardless of register_globals or cookies, so
> that I am only dependant on the trans-sid ( but If I could rule that out
> too, it would be even better)
This example assumes the machine is running PHP >= 4.1.0 allowing use of
$_SESSION rather than $HTTP_SESSION_VARS. Adjust as needed.
session_start();
if ( !isset($SessionID) ) {
# This likely means that register globals is off.
# So, loop through the session vars and create regular vars.
while ( list($Key, $Val) = each($_SESSION) ) {
$$Key = $Val;
}
}
Enjoy,
--Dan
--
PHP classes that make web design easier
SQL Solution | Layout Solution | Form Solution
sqlsolution.info | layoutsolution.info | formsolution.info
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] $HTTP_SESSION_VARS vs $_SESSION - cont.
Rasmus
OK, I think I understand the principle now, yet, when I implement id, my
app still fails.
I have register_golbals = on, BUT, I want to find a way to code that I
know will always work, regardless of register_globals or cookies, so
that I am only dependant on the trans-sid ( but If I could rule that out
too, it would be even better)
How do you write your apps so you know that they will work on most
configurations? I have a bunch of older apps that will definately break
if I upgrade the server and turn register_globals off, and I want to
prevent it from happening with new apps I write now.
With what you said below, can I assume that:
1) If I know all the variables that I will need to be session variables,
I can session_register() them all on the first page, and then simply
give them values during the normal flow of the app?
I have tried to implement what you said below in my app as follow,
basically the route is:
Login form --> action page:
action page links to another form page
form page --> action page
All these pages are supposed to be part of the session, but between the
last two pages, the session disappears, and the form doesn't pass
variables...
I'm so utterly fed-up with myself for not being able to get this right.
Can you see ANYTHING that might cause this?
index.php
Admin Login
Username:
Password:
Then:
admin_select.php
Admin Interface
Please select Project to work with
";
while ($myrow = mysql_fetch_assoc($result)) {
$sess_project_name = $myrow["project_name"];
$sess_project_id = $myrow["id"];
echo ''.$sess_project_name;
}
echo '';
echo '';
echo '';
echo '';
echo '';
echo '';
echo '';
} else {
echo 'There are currently no Projects on the system,';
echo 'please use the section below to add one';
echo '';
echo '';
echo '';
}
echo '
Add
a new Project
';
?>
This second page has two routes to go, either you select the document
from the drop_down, or you can "add a new project", It is with the
second route that I pick up further problems:
admin_add_project.php
Mafisa Admin Interface
New Project Name
Project Descriptions
';
?>
Now, on this last page that is supposed to insert the form data into the
db, there is simply no form data, or session variables!
admin_add_project_do.php
'.$project_name_db.' was added to the system.
Back';
?>
I really appreciate your time, and thanks in advance for your help.
On Mon, 2002-08-12 at 22:44, Rasmus Lerdorf wrote:
> No, you don't need to use HTTP_SESSION_VARS for anything if
> register_globals is on. Sessions are very simple. You start a session,
> and you register variables to be part of that session. Like this:
>
> session_start();
> session_register('a');
> session_register('b');
>
> If you have that at the top of the first page, then whatever values $a and
> $b have by the time the script finishes is what will be written to the
> session backend.
>
> So, on a subsequent page you just do:
>
> session_start();
>
> This will see the session ID that the browser passed to it either via a
> cookie or in the URL and it will go and restore the variables from the
> session backend. That means that at this point you can just do:
>
> echo $a;
> echo $b;
>
> At no point is there any need for $HTTP_SESSION_VARS nor $_SESSION if you
> are sure that register_globals will always be on.
>
> Now, if you want it to work with register_globals off, you still don't
> need to use $HTTP_SESSION_VARS when setting the variables, you only need
> to use it when retrieving them. So, instead of echo $a and echo $b you
> would have:
>
> echo $HTTP_SESSION_VARS['a'];
> echo $HTTP_SESSION_VARS['b'];
>
> Or, of course in newer PHP's you can use $_SESSION['a'].
>
> Your stuff probably didn't work because you were setting the session vars
> via the $HTTP_SESSION_VARS array. That works now, but it probably didn't
> use to as it is a bit of a weird way to do it.
>
> -Rasmus
>
> On 12 Aug 2002, Petre Agenbag wrote:
>
> > You lost me there...
> > Are you saying I don't need to access those variable in that way?
> > Can I simply use $variable in successive pages then?
> > Surely I MUST use that notation to assign values then right?, specially
> > to the session vars, right?
> >
> > But, just out of curiosity, why does it work fine on my newer system?
> >
> > Thanks
> >
> > On Mon, 2002-08-12 at 21:17, Rasmus Lerdorf wrote:
> > > If register_globals is known to be on, why are you worrying about
> > > the $HTTP_* arrays?
> > >
> > > On 12 Aug 2002, Petre Agenbag wrote:
> > >
> > > > Hi
>
