Questions Regarding Sessions

Hi:

I have the following small php files, t1.php and
t2.php

t1.php contains the ff:
function func1()
{
global $HTTP_SESSION_VARS;
session_start();
$HTTP_SESSION_VARS["test"]="hello";
session_register($HTTP_SESSION_VARS["test"]);
}
?>

t2.php contains the ff:
include("t1.php");

func1();
session_start();
if
session_is_registered($HTTP_SESSION_VARS["test"]){
echo ("Session is registerd
");
$x = $HTTP_SESSION_VARS["test"];
echo ("value of session = $x");
session_destroy();
}
?>

The output I am getting when loading t2.php is the ff:
Session is registered
value of session =

Instead of:
Session if registered
value of session = hello

I've tried testing simple session scripts and it
works, but initializing and using sessions in a
function seems to be a problem for me.
The session is registed, but the value of the
session variable is missing. The session is created
when I look at the /tmp directory and the the file
ses.
How can I make the script above to work?

Some additional info:
version : php 4
important configuration = --enable-track-vars
--enable-trans-sid --with-apache=

Thank you very much,

ludwig.


__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com


---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faqs/FAQ.html

Re: Questions Regarding Sessions

Ludwig Lim wrote:
> I've tried testing simple session scripts and it
> works, but initializing and using sessions in a
> function seems to be a problem for me.

do session_start and session_register in global scope, then it seems to
work.
http://www.php.net/manual/en/function.session-start.php


> How can I make the script above to work?

I dont know if this is proper 'recommended' php way, but I have an
include called myPageStart.inc.php that I load on every page that needs
sessions:



-------/ START: t1.php /--------------
function func1()
{
global $HTTP_SESSION_VARS;
$HTTP_SESSION_VARS["test"]="hello";
}
?>
-------/ END: t1.php /--------------




-------/ START: t2.php /--------------
include ("myPageStart.inc.php");
include ("t1.php");
func1();
if (session_is_registered($HTTP_SESSION_VARS["test"])){
.....
?>
-------/ END: t1.php /--------------



-------/ START: myPageStart.inc.php /--------------
session_start();
session_register("test");
session_register($HTTP_SESSION_VARS["test"]);
?>
-------/ END: : mySessionStart.inc.php /--------------



another few notes (by quicly reading:
http://www.php.net/manual/en/ref.session.php )

using $HTTP_SESSION_VARS is deprecated, try using just $_SESSION
it was ok until PHP 4.0.6, since then use $_SESSION

when using $_SESSION, its always global, no need to ask for it to be
from global scope in a function. It already is.

using session_register is now not needed

dont use session_is_registered, there is no need, just use as if any
other var with isset, so your if should be just:
if (isset($_SESSION[$_SESSION["test"]])) {

which brings me to another point. you seem to confuse the idea of
session key with session value.
$_SESSION["test"]="hello";
here key = "test", value = "hello"
as if:
$key = "test";
$value = "hello";
$_SESSION[$key] = $value;
but then, when you register/check if registered, the key is different
$_SESSION["test"]="hello";
session_register($_SESSION["test"]);
is same as if:
$_SESSION["test"]="hello";
session_register("hello");
or if you prefer to see it through $key , $value then:
$key = "test";
$value = "hello";
$_SESSION[$key] = $value;
session_register($value);
Now, when you do this session_register you tell it that there is
another key within session, now we have two keys:
$_SESSION["test"]
$_SESSION["hello"]
I dont think this is what you want, I am including here what I think
you really wanted, with what should be up to newest php specs:



-------/ START: t1.php /--------------
function func1()
{
$_SESSION["test"]="hello";
}
?>
-------/ END: t1.php /--------------




-------/ START: t2.php /--------------
include ("myPageStart.inc.php");
include ("t1.php");
func1();
if (isset($_SESSION["test"])){
echo ("Session is registerd
");
$x = $_SESSION["test"];
echo ("value of session = $x");
session_destroy();
}
?>
-------/ END: t1.php /--------------



-------/ START: myPageStart.inc.php /--------------
session_start();
?>
-------/ END: : myPageStart.inc.php /--------------


You mgith want to question myPageStart.inc.php, I also use it, besides
starting session, start various counters which later I use to in
myPageEnd.inc.php to log what parts of my page took how long to
generate, so that I know what to look next to optimize.


hope this helps


/apz, The moving cursor writes, and having written, blinks on.


---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faqs/FAQ.html

Re: Questions Regarding Sessions

From the manual:

"If register_globals is disabled, only members of the global associative
array $_SESSION can be registered as session variables. The restored session
variables will only be available in the array $_SESSION.

Use of $_SESSION (or $HTTP_SESSION_VARS with PHP 4.0.6 or less) is
recommended for improved security and code readablity. With $_SESSION, there
is no need to use the session_register(), session_unregister(),
session_is_registered() functions. Session variables are accessible like any
other variables. "

register_globals is disabled by default in the latest versions.

Here is what I do:

In login.php:
session_name("SESSION");
session_start();
$_SESSION["valid_session"] = 1;
$_SESSION["other_session_variable_1"]=$other_session_variabl e_1;
$_SESSION["other_session_variable_2"]=$other_session_variabl e_2;
// ....
$_SESSION["other_session_variable_n"]=$other_session_variabl e_n;
header("Location: ./menu.php");

In menu.php and every other page controlled by the session, at the top:
session_name("SESSION");
session_start();
if (!$_SESSION["valid_session"]){
header("Location: ./error.php");
exit();
}

In logout.php:
session_name("SESSION");
session_start();
session_destroy();

That's it, no $HTTP_SESSION_VARS and no session_is_registered(), etc.

Adrian Tineo

> Ludwig Lim wrote:
> > I've tried testing simple session scripts and it
> > works, but initializing and using sessions in a
> > function seems to be a problem for me.
>
> do session_start and session_register in global scope, then it seems to
> work.
> http://www.php.net/manual/en/function.session-start.php
>
>
> > How can I make the script above to work?
>
> I dont know if this is proper 'recommended' php way, but I have an
> include called myPageStart.inc.php that I load on every page that needs
> sessions:
>
>
>
> -------/ START: t1.php /--------------
> > function func1()
> {
> global $HTTP_SESSION_VARS;
> $HTTP_SESSION_VARS["test"]="hello";
> }
> ?>
> -------/ END: t1.php /--------------
>
>
>
>
> -------/ START: t2.php /--------------
> > include ("myPageStart.inc.php");
> include ("t1.php");
> func1();
> if (session_is_registered($HTTP_SESSION_VARS["test"])){
> .....
> ?>
> -------/ END: t1.php /--------------
>
>
>
> -------/ START: myPageStart.inc.php /--------------
> > session_start();
> session_register("test");
> session_register($HTTP_SESSION_VARS["test"]);
> ?>
> -------/ END: : mySessionStart.inc.php /--------------
>
>
>
> another few notes (by quicly reading:
> http://www.php.net/manual/en/ref.session.php )
>
> using $HTTP_SESSION_VARS is deprecated, try using just $_SESSION
> it was ok until PHP 4.0.6, since then use $_SESSION
>
> when using $_SESSION, its always global, no need to ask for it to be
> from global scope in a function. It already is.
>
> using session_register is now not needed
>
> dont use session_is_registered, there is no need, just use as if any
> other var with isset, so your if should be just:
> if (isset($_SESSION[$_SESSION["test"]])) {
>
> which brings me to another point. you seem to confuse the idea of
> session key with session value.
> $_SESSION["test"]="hello";
> here key = "test", value = "hello"
> as if:
> $key = "test";
> $value = "hello";
> $_SESSION[$key] = $value;
> but then, when you register/check if registered, the key is different
> $_SESSION["test"]="hello";
> session_register($_SESSION["test"]);
> is same as if:
> $_SESSION["test"]="hello";
> session_register("hello");
> or if you prefer to see it through $key , $value then:
> $key = "test";
> $value = "hello";
> $_SESSION[$key] = $value;
> session_register($value);
> Now, when you do this session_register you tell it that there is
> another key within session, now we have two keys:
> $_SESSION["test"]
> $_SESSION["hello"]
> I dont think this is what you want, I am including here what I think
> you really wanted, with what should be up to newest php specs:
>
>
>
> -------/ START: t1.php /--------------
> > function func1()
> {
> $_SESSION["test"]="hello";
> }
> ?>
> -------/ END: t1.php /--------------
>
>
>
>
> -------/ START: t2.php /--------------
> > include ("myPageStart.inc.php");
> include ("t1.php");
> func1();
> if (isset($_SESSION["test"])){
> echo ("Session is registerd
");
> $x = $_SESSION["test"];
> echo ("value of session = $x");
> session_destroy();
> }
> ?>
> -------/ END: t1.php /--------------
>
>
>
> -------/ START: myPageStart.inc.php /--------------
> > session_start();
> ?>
> -------/ END: : myPageStart.inc.php /--------------
>
>
> You mgith want to question myPageStart.inc.php, I also use it, besides
> starting session, start various counters which later I use to in
> myPageEnd.inc.php to log what parts of my page took how long to
> generate, so that I know what to look next to optimize.
>
>
> hope this helps
>
>
> /apz, The moving cursor writes, and having written, blinks on.
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/docs/faqs/FAQ.html


---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org