Обсуждение: Questions Regarding Sessions
Hi:
I have the following small php files, t1.php and
t2.php
t1.php contains the ff:
<?
function func1()
{
global $HTTP_SESSION_VARS;
session_start();
$HTTP_SESSION_VARS["test"]="hello";
session_register($HTTP_SESSION_VARS["test"]);
}
?>
t2.php contains the ff:
<?
include("t1.php");
func1();
session_start();
if
session_is_registered($HTTP_SESSION_VARS["test"]){
echo ("Session is registerd <br>");
$x = $HTTP_SESSION_VARS["test"];
echo ("value of session = $x");
session_destroy();
}
?>
The output I am getting when loading t2.php is the ff:
Session is registered
value of session =
Instead of:
Session if registered
value of session = hello
I've tried testing simple session scripts and it
works, but initializing and using sessions in a
function seems to be a problem for me.
The session is registed, but the value of the
session variable is missing. The session is created
when I look at the /tmp directory and the the file
ses<session id>.
How can I make the script above to work?
Some additional info:
version : php 4
important configuration = --enable-track-vars
--enable-trans-sid --with-apache=<directory>
Thank you very much,
ludwig.
__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com
Ludwig Lim wrote: > I've tried testing simple session scripts and it > works, but initializing and using sessions in a > function seems to be a problem for me. do session_start and session_register in global scope, then it seems to work. http://www.php.net/manual/en/function.session-start.php > How can I make the script above to work? I dont know if this is proper 'recommended' php way, but I have an include called myPageStart.inc.php that I load on every page that needs sessions: -------/ START: t1.php /-------------- <? function func1() { global $HTTP_SESSION_VARS; $HTTP_SESSION_VARS["test"]="hello"; } ?> -------/ END: t1.php /-------------- -------/ START: t2.php /-------------- <? include ("myPageStart.inc.php"); include ("t1.php"); func1(); if (session_is_registered($HTTP_SESSION_VARS["test"])){ ..... ?> -------/ END: t1.php /-------------- -------/ START: myPageStart.inc.php /-------------- <? session_start(); session_register("test"); session_register($HTTP_SESSION_VARS["test"]); ?> -------/ END: : mySessionStart.inc.php /-------------- another few notes (by quicly reading: http://www.php.net/manual/en/ref.session.php ) using $HTTP_SESSION_VARS is deprecated, try using just $_SESSION it was ok until PHP 4.0.6, since then use $_SESSION when using $_SESSION, its always global, no need to ask for it to be from global scope in a function. It already is. using session_register is now not needed dont use session_is_registered, there is no need, just use as if any other var with isset, so your if should be just: if (isset($_SESSION[$_SESSION["test"]])) { which brings me to another point. you seem to confuse the idea of session key with session value. $_SESSION["test"]="hello"; here key = "test", value = "hello" as if: $key = "test"; $value = "hello"; $_SESSION[$key] = $value; but then, when you register/check if registered, the key is different $_SESSION["test"]="hello"; session_register($_SESSION["test"]); is same as if: $_SESSION["test"]="hello"; session_register("hello"); or if you prefer to see it through $key , $value then: $key = "test"; $value = "hello"; $_SESSION[$key] = $value; session_register($value); Now, when you do this session_register you tell it that there is another key within session, now we have two keys: $_SESSION["test"] $_SESSION["hello"] I dont think this is what you want, I am including here what I think you really wanted, with what should be up to newest php specs: -------/ START: t1.php /-------------- <? function func1() { $_SESSION["test"]="hello"; } ?> -------/ END: t1.php /-------------- -------/ START: t2.php /-------------- <? include ("myPageStart.inc.php"); include ("t1.php"); func1(); if (isset($_SESSION["test"])){ echo ("Session is registerd <br>"); $x = $_SESSION["test"]; echo ("value of session = $x"); session_destroy(); } ?> -------/ END: t1.php /-------------- -------/ START: myPageStart.inc.php /-------------- <? session_start(); ?> -------/ END: : myPageStart.inc.php /-------------- You mgith want to question myPageStart.inc.php, I also use it, besides starting session, start various counters which later I use to in myPageEnd.inc.php to log what parts of my page took how long to generate, so that I know what to look next to optimize. hope this helps /apz, The moving cursor writes, and having written, blinks on.
From the manual:
"If register_globals is disabled, only members of the global associative
array $_SESSION can be registered as session variables. The restored session
variables will only be available in the array $_SESSION.
Use of $_SESSION (or $HTTP_SESSION_VARS with PHP 4.0.6 or less) is
recommended for improved security and code readablity. With $_SESSION, there
is no need to use the session_register(), session_unregister(),
session_is_registered() functions. Session variables are accessible like any
other variables. "
register_globals is disabled by default in the latest versions.
Here is what I do:
In login.php:
session_name("SESSION");
session_start();
$_SESSION["valid_session"] = 1;
$_SESSION["other_session_variable_1"]=$other_session_variable_1;
$_SESSION["other_session_variable_2"]=$other_session_variable_2;
// ....
$_SESSION["other_session_variable_n"]=$other_session_variable_n;
header("Location: ./menu.php");
In menu.php and every other page controlled by the session, at the top:
session_name("SESSION");
session_start();
if (!$_SESSION["valid_session"]){
header("Location: ./error.php");
exit();
}
In logout.php:
session_name("SESSION");
session_start();
session_destroy();
That's it, no $HTTP_SESSION_VARS and no session_is_registered(), etc.
Adrian Tineo
> Ludwig Lim wrote:
> > I've tried testing simple session scripts and it
> > works, but initializing and using sessions in a
> > function seems to be a problem for me.
>
> do session_start and session_register in global scope, then it seems to
> work.
> http://www.php.net/manual/en/function.session-start.php
>
>
> > How can I make the script above to work?
>
> I dont know if this is proper 'recommended' php way, but I have an
> include called myPageStart.inc.php that I load on every page that needs
> sessions:
>
>
>
> -------/ START: t1.php /--------------
> <?
> function func1()
> {
> global $HTTP_SESSION_VARS;
> $HTTP_SESSION_VARS["test"]="hello";
> }
> ?>
> -------/ END: t1.php /--------------
>
>
>
>
> -------/ START: t2.php /--------------
> <?
> include ("myPageStart.inc.php");
> include ("t1.php");
> func1();
> if (session_is_registered($HTTP_SESSION_VARS["test"])){
> .....
> ?>
> -------/ END: t1.php /--------------
>
>
>
> -------/ START: myPageStart.inc.php /--------------
> <?
> session_start();
> session_register("test");
> session_register($HTTP_SESSION_VARS["test"]);
> ?>
> -------/ END: : mySessionStart.inc.php /--------------
>
>
>
> another few notes (by quicly reading:
> http://www.php.net/manual/en/ref.session.php )
>
> using $HTTP_SESSION_VARS is deprecated, try using just $_SESSION
> it was ok until PHP 4.0.6, since then use $_SESSION
>
> when using $_SESSION, its always global, no need to ask for it to be
> from global scope in a function. It already is.
>
> using session_register is now not needed
>
> dont use session_is_registered, there is no need, just use as if any
> other var with isset, so your if should be just:
> if (isset($_SESSION[$_SESSION["test"]])) {
>
> which brings me to another point. you seem to confuse the idea of
> session key with session value.
> $_SESSION["test"]="hello";
> here key = "test", value = "hello"
> as if:
> $key = "test";
> $value = "hello";
> $_SESSION[$key] = $value;
> but then, when you register/check if registered, the key is different
> $_SESSION["test"]="hello";
> session_register($_SESSION["test"]);
> is same as if:
> $_SESSION["test"]="hello";
> session_register("hello");
> or if you prefer to see it through $key , $value then:
> $key = "test";
> $value = "hello";
> $_SESSION[$key] = $value;
> session_register($value);
> Now, when you do this session_register you tell it that there is
> another key within session, now we have two keys:
> $_SESSION["test"]
> $_SESSION["hello"]
> I dont think this is what you want, I am including here what I think
> you really wanted, with what should be up to newest php specs:
>
>
>
> -------/ START: t1.php /--------------
> <?
> function func1()
> {
> $_SESSION["test"]="hello";
> }
> ?>
> -------/ END: t1.php /--------------
>
>
>
>
> -------/ START: t2.php /--------------
> <?
> include ("myPageStart.inc.php");
> include ("t1.php");
> func1();
> if (isset($_SESSION["test"])){
> echo ("Session is registerd <br>");
> $x = $_SESSION["test"];
> echo ("value of session = $x");
> session_destroy();
> }
> ?>
> -------/ END: t1.php /--------------
>
>
>
> -------/ START: myPageStart.inc.php /--------------
> <?
> session_start();
> ?>
> -------/ END: : myPageStart.inc.php /--------------
>
>
> You mgith want to question myPageStart.inc.php, I also use it, besides
> starting session, start various counters which later I use to in
> myPageEnd.inc.php to log what parts of my page took how long to
> generate, so that I know what to look next to optimize.
>
>
> hope this helps
>
>
> /apz, The moving cursor writes, and having written, blinks on.
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/docs/faqs/FAQ.html