Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 8 of 8
  1. #1
    Regular Coder
    Join Date
    Jun 2002
    Posts
    552
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Sessions variables with register globals off

    This use of sessions generally (expressed simply) has worked for me:
    sess1.php:
    <?php
    session_start();

    session_register("auth");

    $auth = "true";
    echo "<a href=\"sess2.php\">here</a>";
    ?>
    sess2.php
    <?php
    session_start();

    if ($auth) .......

    ?>
    $auth will be set to true in the second script. However, if a server has register globals set to off, this will not work. Is there another way to set up a session variable that will work in an environment with register globals off? (I am trying to implement an authentication scheme?)
    G

  • #2
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,273
    Thanks
    4
    Thanked 83 Times in 82 Posts
    You would access those variables in the same manner that you would any other variable when register globals is set to off

    http://codingforums.com/showthread.p...threadid=12203
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster

  • #3
    Regular Coder
    Join Date
    Jun 2002
    Posts
    552
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thnx Spookster - I had looked at that, and tried the following, but nothing prints out, so it does not seem to work?

    sess1.php
    <?php

    $_SESSION['session_var']= $auth;

    $auth = "yes";
    echo "<a href=\"sess2.php\">here</a>";
    ?>

    sess2.php
    <?php

    echo $_SESSION["auth"];

    ?>

  • #4
    Mega-ultimate member
    Join Date
    Jun 2002
    Location
    Winona, MN - The land of 10,000 lakes
    Posts
    1,855
    Thanks
    1
    Thanked 45 Times in 42 Posts
    try
    $HTTP_SESSION_VARS['session_var'];

  • #5
    Senior Coder
    Join Date
    Jun 2002
    Location
    frankfurt, german banana republic
    Posts
    1,848
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You forgot session_start() in your code; without it you won't find anything in $_SESSION.

  • #6
    Regular Coder
    Join Date
    Jun 2002
    Posts
    552
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Mordred -
    Per the piece by Firepages which Spookseter linked - http://codingforums.com/showthread....&threadid=12203

    "//session_start() is not strictly required !//"

    But I tried it anyway, and same result. Did not yet try carl's suggestion

    G

  • #7
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    //session_start() is not strictly required !//
    ... actually depending on the php.ini configuration that may not be the case , sorry

    session_start() is not required if session.auto_start is 'on' in the php.ini , and it appears that the 4.3.0 default php.ini at least is set 'off' though most commercial hosts seem to have it set on.


    also you should be checking for echo $_SESSION['session_var']; or $HTTP_SESSION_VARS['session_var']; as bcarl suggests not 'auth' which ='yes'

    either way it will be empty

    $_SESSION['session_var']= $auth;
    $auth = "yes";

    should be

    $auth = "yes";
    $_SESSION['session_var']= $auth;

    etc
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #8
    Regular Coder
    Join Date
    Jun 2002
    Posts
    552
    Thanks
    0
    Thanked 0 Times in 0 Posts
    OK, thanks much!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •