473,545 Members | 527 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

why use $_POST when you have $_SESSION?

Is there any particular reason I should still use $_POST?

Also, I'm reading mixed things about sessions. php.net says you can
propagate session IDs either via cookies or session IDs:
http://www.php.net/manual/en/ref.ses...sion.idpassing

OK cool.

However, PHP in a nutshell makes no mention of this. Paul just says
hey, use session_start() and you're on your way:

http://hudzilla.org/phpwiki/index.ph...s_and_sessions

I tested it out, and it works either way.

Can someone please explain what the session ID does?

Thanks!

Jan 26 '07 #1
14 5786
The session ID is simply the key to a record which exists on the server, and
this record contains whatever session data you write to it. This means that
different PHP pages which provide the same session ID will connect to the
same session data on the server. This is the way that one web page passes is
state to another web page.

BTW, $_POST and $_SESSION are totally different, and it is not a case of
using one or the other. You will always use $_POST when sending data from
the client to the server, while the use of $_SESSION is totally optional and
invisible to the client.

--
Tony Marston
http://www.tonymarston.net
http://www.radicore.org

"Sandman" <en************ *@hotmail.comwr ote in message
news:11******** **************@ h3g2000cwc.goog legroups.com...
Is there any particular reason I should still use $_POST?

Also, I'm reading mixed things about sessions. php.net says you can
propagate session IDs either via cookies or session IDs:
http://www.php.net/manual/en/ref.ses...sion.idpassing

OK cool.

However, PHP in a nutshell makes no mention of this. Paul just says
hey, use session_start() and you're on your way:

http://hudzilla.org/phpwiki/index.ph...s_and_sessions

I tested it out, and it works either way.

Can someone please explain what the session ID does?

Thanks!

Jan 26 '07 #2
Tony Marston wrote:
You will always use $_POST when sending
data from the client to the server,
Except when you use $_GET or $_REQUEST
Jan 26 '07 #3
Rik
Paul Lautman <pa**********@b tinternet.comwr ote:
Tony Marston wrote:
> You will always use $_POST when sending
data from the client to the server,

Except when you use $_GET or $_REQUEST
GET's should only be used to retrieve data, $_REQUEST is usually just
sloppy code.
--
Rik Wasmus
Jan 26 '07 #4
Hi Tony,
I guess the part where I had a question was where it was absolutely
required to use session IDs. It seems like it is possible to fill a
value in $_SESSION['user'] in, say page1.php. Then you go to page2.php,
and that value is still there. So why try to remember SIDs?

I think I understand the difference between $_POST and $_SESSION,
thanks for clearing that up.

EL

On Jan 26, 2:18 am, "Tony Marston" <t...@NOSPAM.de mon.co.ukwrote:
The session ID is simply the key to a record which exists on the server, and
this record contains whatever session data you write to it. This means that
different PHP pages which provide the same session ID will connect to the
same session data on the server. This is the way that one web page passes is
state to another web page.

BTW, $_POST and $_SESSION are totally different, and it is not a case of
using one or the other. You will always use $_POST when sending data from
the client to the server, while the use of $_SESSION is totally optional and
invisible to the client.

--
Tony Marstonhttp://www.tonymarston .nethttp://www.radicore.or g

"Sandman" <enjoylife_95.. .@hotmail.comwr ote in messagenews:11* *************** ******@h3g2000c wc.googlegroups .com...
Is there any particular reason I should still use $_POST?
Also, I'm reading mixed things about sessions. php.net says you can
propagate session IDs either via cookies or session IDs:
http://www.php.net/manual/en/ref.ses...sion.idpassing
OK cool.
However, PHP in a nutshell makes no mention of this. Paul just says
hey, use session_start() and you're on your way:
http://hudzilla.org/phpwiki/index.ph...s_and_sessions
I tested it out, and it works either way.
Can someone please explain what the session ID does?
Thanks!
Jan 27 '07 #5
I guess the part where I had a question was where it was absolutely
>required to use session IDs. It seems like it is possible to fill a
value in $_SESSION['user'] in, say page1.php. Then you go to page2.php,
and that value is still there. So why try to remember SIDs?
That value is still there *BECAUSE* you've got SIDs to tell you the first
hit is in the same session as the second hit. It's a database key.
>I think I understand the difference between $_POST and $_SESSION,
thanks for clearing that up.

Jan 27 '07 #6
NC
On Jan 26, 2:02 am, "Sandman" <enjoylife_95.. .@hotmail.comwr ote:
>
Is there any particular reason I should still use $_POST?
Yes. Forms.
Also, I'm reading mixed things about sessions. php.net says you
can propagate session IDs either via cookies or session IDs:
http://www.php.net/manual/en/ref.ses...sion.idpassing
This is correct.
However, PHP in a nutshell makes no mention of this. Paul just says
hey, use session_start() and you're on your way:

http://hudzilla.org/phpwiki/index.ph...s_and_sessions
This is only partially correct. You can do this only if the client
accepts cookies.
I tested it out, and it works either way.
Disable cookies in your browser and try again. You will find that
session_start() doesn't do the trick anymore...
Can someone please explain what the session ID does?
It provides an alternative session propagation mechanism for clients
that don't accept cookies.

Cheers,
NC

Jan 27 '07 #7
Is there any particular reason I should still use $_POST?
>
Also, I'm reading mixed things about sessions. php.net says you can
propagate session IDs either via cookies or session IDs:
http://www.php.net/manual/en/ref.ses...sion.idpassing
...
Can someone please explain what the session ID does?
Let me summarize and extend the answers a bit:
You use $_POST, $_GET, or $_REQUEST for communication with the client.
For instance, if a user provides a login and a password, they come in
through $_POST (I hope).

You use $_SESSION for everything that is client-related, but should
remain on the server. For instance, all database IDs. If you keep the
UserID after a successful login, store it in a (new!) session and do not
put it in a hidden field. A hidden field is easily altered, which means
that after a successful login, you could simply "log over" to any other
user!

The session ID is something like a ticket with a number you get when
using the wardrobe of a theater. You get a piece of the theater's
storage space to put your personal belongings in, without the wardrobe
people know who you are. The only link between you and this temporarily
assigned space is the number on your ticket. So a session ID is a way of
anonimizing personally assigned space on the server.

Best regards.
Jan 27 '07 #8

"Paul Lautman" <pa**********@b tinternet.comwr ote in message
news:51******** *****@mid.indiv idual.net...
Tony Marston wrote:
> You will always use $_POST when sending
data from the client to the server,

Except when you use $_GET or $_REQUEST
Wrong. $_GET is used to request data FROM the server, while $_POST is used
to send data TO the server.

--
Tony Marston

http://www.tonymarston.net
http://www.radicore.org

Jan 28 '07 #9
Tony Marston wrote:
"Paul Lautman" <pa**********@b tinternet.comwr ote in message
news:51******** *****@mid.indiv idual.net...
>Tony Marston wrote:
>> You will always use $_POST when sending
data from the client to the server,
Except when you use $_GET or $_REQUEST

Wrong. $_GET is used to request data FROM the server, while $_POST is used
to send data TO the server.
No, Tony. $_GET is used to fetch information from the query string.
This can be from several sources - including <form action=get...>. But
$_GET is always used on the server, and the data always comes from the
browser.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attgl obal.net
=============== ===
Jan 28 '07 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

15
3687
by: mammothman42 | last post by:
hi i've got a basic user register form, action="POST". in my php code (on the same page, i store the $_POST stuff to a $_SESSION if the user screws a field up so they don't have to reenter all their info. But i'm thinking, why should i use $_POST at all if i can just us the $_SESSION array? or maybe even vice versa? or am i doing this all...
9
6765
by: Quinonez | last post by:
if i set a $_SESSION=$_POST in every page of a multiple page form how then would i call it on a later page of the same session? and also how is distigushed between pages ? should it be set up differently on each page, ive read of $_SESSION=$_POST but i cant seem to figure out how to call it back at the end of the form
8
2203
by: Vic Spainhower | last post by:
Hello, I'm just getting starting in php and MySQL and I've got my application working correctly on my local windows XP computer. Now, when I publish to my ISP it's not going so well, which is also a Windows server. I'm using form variables to control navigating to different pages when a page is reloaded. As I said no problem on my machine...
1
6783
by: Infiliset | last post by:
Hi all! I'm trying to test some php script using the command line php.exe. Is there any way to pass the $_POST variables? I know how to pass the $_GET variables, but I don't know how to do this for the $_POST ones. Thank you all! Matthew
7
2477
by: Dynamo | last post by:
I am using values stored an $_POST array to display records from a table before asking the user if he is sure he wants to delete them. If the user confirms then the records are deleted. Without boring you with all of the code here is the rough idea. <?php $delete = '( id = ' . implode(' OR id = ', $_POST ) . ' ) '; if (!isset($_POST)) {...
5
7899
by: Mark Woodward | last post by:
Hi all, I'm trying to set up a 'control panel' consisting of a table of icons. The early stages: http://www.deepinit.com/controlcentre.php Each of these is set up like: <td> <input type="image" id="addnews" src="/Image/add24.png"
1
2557
by: Jankie | last post by:
I was reading one of the past thread supported by Pbmods.And as always contributing with excellence,he recommended this code for session management foreach($_POST as $key => $val) $_SESSION = $val; This translates all POST variables into the Session one.
2
3112
by: keeps21 | last post by:
I have a script that recieves an id number via the address bar when a link is clicked. ie . index.php?id=1 if the link was for the story whose ID is 1. My script checks if a user is logged in, if not they are redirected to the login page. If logged in they may edit the story. I assign $_GET to $id.
14
1563
by: Zorque | last post by:
Suppose I have an HTML form that sends data to a PHP script, "post" method. If this script generates a page with a link to another script, will the latter script get the former's $_POST data when the user clicks on the link? If not, is there a straightforward way (i.e.: no saving to files or cookies) to "post" the data to the latter...
0
7464
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
0
7805
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
1
7413
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
0
5968
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
1
5323
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
0
4943
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
0
3440
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
1874
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
0
700
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.