question about session variables

Sudhakar

i have a registration page called register.php if the data entered is
validated correctly i call a file called thankyou.php or else
validate.php

presently a user after seeing the url website.com/thankyou.php if they
enter the url directly in the browser as website.com/thankyou.php they
can access the file, if a user accesses the file this way i would like
to redirect to a page saying "Direct acess to this file is not
allowed"

previously i used sessions in register.php and also in thakyou.php and
validate.php and it worked fine for some reason now it is not working
the way it is supposed to i might have made some changes which i do
not know

previously my code in register.php was, the first few lines of
register.php file
=============== =============== =============== =============== =========
<?php
ob_start();
session_start() ;
if(!session_is_ registered("dir ectaccess"))
{
session_registe r("directaccess ");
}
// rest of the html and php code
ob_end_flush();
?>
=============== =============== =============== =============== =========
code in thankyou.php, the first few lines of register.php file
=============== =============== =============== =============== =========
<?php
session_start() ;
if(!session_is_ registered("dir ectaccess"))
{
header("Locatio n: http://website.com/directaccess.ht ml");
exit;
}
// rest of the html and php code
ob_end_flush();
?>
=============== =============== =============== =============== =========
NOTE = in thankyou.php i display a thank you message by retrieving the
first name from register page and displaying in thankyou.php using
session variables in the following way

in register.php, the first few lines of register.php file
=============== =============== =============== =============== =========
if(!session_is_ registered("fir stname"))
{
session_registe r("firstname ");
}
$_SESSION[firstname] = $ firstname;
=============== =============== =============== =============== =========

in thankyou.php, the first few lines of register.php file
=============== =============== =============== =============== =========
if(session_is_r egistered("firs tname "))
{
echo $_SESSION[firstname];
session_unregis ter("firstname ");
}
=============== =============== =============== =============== =========

please advice how i should rewrite the php code in both the
files(register. php and thankyou.php) so that if a user enters the url
directly in the browser i can redirect to directaccess.ht ml file

thanks.

Jun 27 '08 #1

Subscribe Reply

1390

Jerry Stuckle

Sudhakar wrote:

i have a registration page called register.php if the data entered is
validated correctly i call a file called thankyou.php or else
validate.php

presently a user after seeing the url website.com/thankyou.php if they
enter the url directly in the browser as website.com/thankyou.php they
can access the file, if a user accesses the file this way i would like
to redirect to a page saying "Direct acess to this file is not
allowed"

previously i used sessions in register.php and also in thakyou.php and
validate.php and it worked fine for some reason now it is not working
the way it is supposed to i might have made some changes which i do
not know

previously my code in register.php was, the first few lines of
register.php file
=============== =============== =============== =============== =========
<?php
ob_start();
session_start() ;
if(!session_is_ registered("dir ectaccess"))
{
session_registe r("directaccess ");
}
// rest of the html and php code
ob_end_flush();
?>
=============== =============== =============== =============== =========
code in thankyou.php, the first few lines of register.php file
=============== =============== =============== =============== =========
<?php
session_start() ;
if(!session_is_ registered("dir ectaccess"))
{
header("Locatio n: http://website.com/directaccess.ht ml");
exit;
}
// rest of the html and php code
ob_end_flush();
?>
=============== =============== =============== =============== =========
NOTE = in thankyou.php i display a thank you message by retrieving the
first name from register page and displaying in thankyou.php using
session variables in the following way

in register.php, the first few lines of register.php file
=============== =============== =============== =============== =========
if(!session_is_ registered("fir stname"))
{
session_registe r("firstname ");
}
$_SESSION[firstname] = $ firstname;
=============== =============== =============== =============== =========

in thankyou.php, the first few lines of register.php file
=============== =============== =============== =============== =========
if(session_is_r egistered("firs tname "))
{
echo $_SESSION[firstname];
session_unregis ter("firstname ");
}
=============== =============== =============== =============== =========

please advice how i should rewrite the php code in both the
files(register. php and thankyou.php) so that if a user enters the url
directly in the browser i can redirect to directaccess.ht ml file

thanks.

Several comments.

First of all, don't use ob_start() and ob_end_flush(). They aren't
needed and can hide problems. Rather, just don't send anything (even
whitespace) before calling session_start() .

Also, session_registe r() and session_is_regi stered() are deprecated (and
depend on register_global s being set in your php.ini, which is a big
no-no. Rather, use the $_SESSION variable. Something like:

=============== =============== =============== =============== =========
<?php
session_start() ;

// When you want to set 'directaccess' in the session, use:

$_SESSION['directaccess'] = (some value here)
?>
=============== =============== =============== =============== =========
code in thankyou.php, the first few lines of register.php file
=============== =============== =============== =============== =========
<?php
session_start() ;
if (!isset($_SESSI ON['directaccess') ) {
header("Locatio n: http://website.com/directaccess.ht ml");
exit;
}
// rest of the html and php code
?>
=============== =============== =============== =============== =========
NOTE = in thankyou.php i display a thank you message by retrieving the
first name from register page and displaying in thankyou.php using
session variables in the following way

in register.php, the first few lines of register.php file
=============== =============== =============== =============== =========

$_SESSION[firstname] = $firstname;
// The rest isn't needed

=============== =============== =============== =============== =========

in thankyou.php, the first few lines of register.php file
=============== =============== =============== =============== =========
if(isset($_SESS ION['firstname'))
{
echo $_SESSION[firstname];
}

// Also, you had a space after "firstname " here - which is incorrect
=============== =============== =============== =============== =========

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attgl obal.net
=============== ===

Jun 27 '08 #2

Similar topics

2990

Another Session Question - Overlaps?

by: Xizor | last post by:

Let's say I run a server. I have two people using the server. Bill and Joe. Bill is at address.com/bill and Joe is at address.com/joe. Let's say Joe and Bill are both using PHP with sessions on their web pages. Let's say they both create the session variable $_SESSION. Each uses yo for a different purpose. Now we have a user accessing address.com. He goes to Bill's site and his session his started with the $_SESSION created.

PHP

3693

QUESTION ON SESSION VARIABLES

by: Karen | last post by:

Hi there.... i got a quick one for you guys. i've this session variable that is updated by calling a server method (i set this value when the user hits a submit button in my form. The server method is called when i load all my asp forms.). I'd like to be able to update this session variable, without being forced to submit my form or refresh my form (something that will call my server method each 2 min lets say, without refreshing my page...

ASP / Active Server Pages

1654

Question: Difference between strMyVar and Session("strMyVar")

by: VB Programmer | last post by:

If I have a variable I want to share in my application what is the difference between just declaring a variable (Dim strMyVar as String) and using a session variable (Session("strMyVar"))? When should I use a session variable and when should I just declare it like normal? Thanks in advance!

ASP.NET

3429

asp question about post vars

by: glenn | last post by:

I am use to programming in php and the way session and post vars are past from fields on one page through to the post page automatically where I can get to their values easily to write to a database or continue to process on to the next page. I am now trying to learn ASP to see if we can replace some of our applications that were written in php with an ASP alternative. However, after doing many searches on google and reading a couple...

ASP.NET

3211

Question on Control.Unload event

by: Gauthier Segay | last post by:

Hello, I've an application where all my pages implement a PAGE_CODE string property, this property is stored in HttpContext.Current.Items. In some page, I must persist data in session while the user perform operation on this page (postback navigation based). I also need to clean up the session data when the user leave the page (by a anyway). My question is about the Unload event, is it safe to use the unload

ASP.NET

2192

Question about Session variables and Redirects

by: Coleen | last post by:

Hi All :-) We have an APSX application using VB.net as the code behind, which uses one or two session variables per page. These Session variables are passed to the final page and calculations and summaries are done there. In order for all of the values to appear on the last page, the user has to view each page that has a session variable to be passed to the last page. The only way I can think of to bypass the necessity of the user...

Visual Basic .NET

1312

Question re Event Firing Sequence

by: Phillip N Rounds | last post by:

In diagnosing a problem, I noted that a button_click event gets run only after the page Page_Load event of the post back. (VS 2003, ASPNET 1.1, C#) Can this be correct? I'm trying to set session variables in a Button_Click event which determines how the page is supposed to appear in the PostBack, so of course it fails. Where should I put my code so that the session variables are re-set before the PostBack?

ASP.NET

1759

Session Variables Question

by: Michaelk | last post by:

Can somebody tell me how many Session variables would be considered exessive, and when they start really affect the server speed. For example on 20-30 asp pages I need to use about 200-300 session variables and 5 arrays by 1000 elements 50 characters long each. Let say having 300 users using those pages at the same time. Server is not the fastest one, just CPU 2.40GHz. So question is as a user am I going to feel a difference in speed...

ASP / Active Server Pages

1459

(Hopefully) Quick Question about Session Variables

by: DLN | last post by:

Hello all, I apologize for the naivety of this question, but I'm wondering whether session variables can ever be modified (somehow) by a client without having to go through code that I write. If I read in user input from a web form, sanitize the input to make sure there isn't any injected data, and then store the sanitized input in a session variable, is there any way for that session variable to be modified by the client afterwards? I...

ASP.NET

1300

question about Sessionsate

by: Britt | last post by:

Hi, I read that SessionState is on by default. I also read that if it's not required, it must be better off (because of resources) My question is: i don't use session variables (like e.g. Session("mysessionvar")). Is that the only way to use session state, or there are other ways?

ASP.NET

9314

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

9074

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...

Windows Server

9015

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...

General

7953

AI Job Threat for Devs

by: agi2029 | last post by:

Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...

Career Advice

6634

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...

Microsoft Access / VBA

5947

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...

C# / C Sharp

4725

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

3158

transfer the data from one system to another through ip address

by: 6302768590 | last post by:

Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

C# / C Sharp

2520

How to add payments to a PHP MySQL app.

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.

PHP