Hi everyone. I'm just wondering if it's considered bad practice to
have a class read from and write to the $_SESSION super global. I was
just learning a little about object serialization, and I've come to
the conclusion that storing potentially large serialized objects in a
database is perhaps a bad idea. The data could also be stored in a
file, but in that case, I may as well use $_SESSION. If I'm going to
go down that road, why not store object states in the $_SESSION super
global?
I can see that this could cause problems with regards to ambiguous
names on larger projects, but will I be struck by lightening if I have
objects instantiate from the $_SESSION super global, and manipulate
is? Obviously, my object would check to see if there is a session
first, but $_SESSION can then be used by other classes and which can
do the same, and manipulate it also.
Also, perhaps security is an issue in the sense that variables could
be removed by other classes, which could lead to problems, but it's no
more dangerous than using $_GLOBALS IMHO.
What concerns me is that I've never actually heard of objects using
the $_SESSION super global like this which leads me to believe I might
be missing something.
I'd be interested to hear anyone's thoughts on the matter.
4  2137 
Daz wrote:
Hi everyone. I'm just wondering if it's considered bad practice to
have a class read from and write to the $_SESSION super global. I was
just learning a little about object serialization, and I've come to
the conclusion that storing potentially large serialized objects in a
database is perhaps a bad idea. The data could also be stored in a
file, but in that case, I may as well use $_SESSION. If I'm going to
go down that road, why not store object states in the $_SESSION super
global?
No, it's not necessarily bad for a class to use the $_SESSION
superglobal. But it's generally not a good idea to store any large
amount of data in the $_SESSION, a file or a database. It will slow
down the system and could take a lot of disk space. But it depends. If
the data comes from a database in the first place, I'll just store an ID
and refetch the data. It has the additional advantage of getting fresh
data (in case it was changed by someone else).
I can see that this could cause problems with regards to ambiguous
names on larger projects, but will I be struck by lightening if I have
objects instantiate from the $_SESSION super global, and manipulate
is? Obviously, my object would check to see if there is a session
first, but $_SESSION can then be used by other classes and which can
do the same, and manipulate it also.
When I do use the $_SESSION variable from a class, I normally prefix the
data with the class name. Multiple values I use an array, i.e.
$_SESSION['class_myclass']['x'] = $x;
Also, perhaps security is an issue in the sense that variables could
be removed by other classes, which could lead to problems, but it's no
more dangerous than using $_GLOBALS IMHO.
That's why I use the classname as a prefix.
What concerns me is that I've never actually heard of objects using
the $_SESSION super global like this which leads me to believe I might
be missing something.
I'd be interested to hear anyone's thoughts on the matter.
Not at all. Not necessarily all that common - but that's because a lot
of people aren't using objects.
--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attgl obal.net
=============== ===
Interesting Topic/Post
I, just out of the blue last week decided to use the
$_SESSION['class_myclass']['x'] = $x; with an application I writing.
I feel $_SESSION is rather secure. Now I'm wondering how much data is
too much data? My problem is, information is going into the database
mostly rather than out. Issue I have with an old application(whi ch
this one is replacing) is null records and fields. I'm eliminating
that by a better designed database and storing filtered data in
$_SESSION. Users don't like to click "cancel". The only problem I can
think of that I'll run into is if a user decides to upload a file, but
I don't have that in design, either text or a point(url) to the data.
On Jul 28, 4:46*pm, Daz <cutenfu...@gma il.comwrote:
Hi everyone. I'm just wondering if it's considered bad practice to
have a class read from and write to the $_SESSION super global. I was
just learning a little about object serialization, and I've come to
the conclusion that storing potentially large serialized objects in a
database is perhaps a bad idea. The data could also be stored in a
file, but in that case, I may as well use $_SESSION. If I'm going to
go down that road, why not store object states in the $_SESSION super
global?
I can see that this could cause problems with regards to ambiguous
names on larger projects, but will I be struck by lightening if I have
objects instantiate from the $_SESSION super global, and manipulate
is? Obviously, my object would check to see if there is a session
first, but $_SESSION can then be used by other classes and which can
do the same, and manipulate it also.
Also, perhaps security is an issue in the sense that variables could
be removed by other classes, which could lead to problems, but it's no
more dangerous than using $_GLOBALS IMHO.
What concerns me is that I've never actually heard of objects using
the $_SESSION super global like this which leads me to believe I might
be missing something.
I'd be interested to hear anyone's thoughts on the matter.
I would say it is bad practice to have your classes alter or read any
$_SESSION variables. Instead, its best to pass these variables to the
method/class, and then return them and have your controller assign
them to sessions or whatever else.
On Jul 28, 10:46 pm, Daz <cutenfu...@gma il.comwrote:
Hi everyone. I'm just wondering if it's considered bad practice to
have a class read from and write to the $_SESSION super global. I was
just learning a little about object serialization, and I've come to
the conclusion that storing potentially large serialized objects in a
database is perhaps a bad idea. The data could also be stored in a
file, but in that case, I may as well use $_SESSION. If I'm going to
go down that road, why not store object states in the $_SESSION super
global?
I can see that this could cause problems with regards to ambiguous
names on larger projects, but will I be struck by lightening if I have
objects instantiate from the $_SESSION super global, and manipulate
is? Obviously, my object would check to see if there is a session
first, but $_SESSION can then be used by other classes and which can
do the same, and manipulate it also.
Also, perhaps security is an issue in the sense that variables could
be removed by other classes, which could lead to problems, but it's no
more dangerous than using $_GLOBALS IMHO.
What concerns me is that I've never actually heard of objects using
the $_SESSION super global like this which leads me to believe I might
be missing something.
I'd be interested to hear anyone's thoughts on the matter.
It sort of depends on your version of 'large', and whether you really
need all the data/objects for every page invocation.
One caveat is to think about what will happen if the user opens a
second (or third or...) window using the same session but trying to
interact with a different subset of data.
C. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Yoyoma_2 |
last post by:
Hello, i'me having a wierd problems with sessions.
PHP 4.3.3, Register globals is on, and the sessions module is installed.
if i have a page like this:
<?
session_start();
$_SESSION="blue";
?>
On the next page i can see that $_SESSION is actually equal to
|
by: Golf Nut |
last post by:
hello all!
I would like to create a session class which would transparently handle
sessions as well as serialize, encode and compute an md5 hash of all
$_REQUEST information. This would essentially intercept all $_GET strings
and $_POST data.
I would envision upon session creation (in the session class constructor)
that a random string secret would be created that would be saved to
$_SESSION for example. I would take all the $_REQUEST...
|
by: xu |
last post by:
Hi, i'm quite new with PHP.
I was wondering if i get a reference or a copy back when i try to
retrieve it at page2.php $foobar = $_SESSION;
// page1.php
....
$myobject = new MyObject();
$_SESSION = $myobject;
|
by: A |
last post by:
Hi,
I have always been taught to use an inialization list for initialising data
members of a class. I realize that initialsizing primitives and pointers use
an inialization list is exactly the same as an assignment, but for class
types it has a different effect - it calls the copy constructor.
My question is when to not use an initalisation list for initialising data
members of a class?
|
by: cgough |
last post by:
My true programming language is C++. I am at best a VB6 hacker that is
just getting into VB.NET. I have a quick question about when to new and
when not to new.
Consider the following 2 classes. In the first I new an integer and
assign it to i, in the second one I don't bother. In both cases, an
integer is created and I can use it.
If I try to use a Collection object without New, I get a NULL reference
exception.
| | |
by: Jon |
last post by:
All,
I'm currently building a custom Content Management system for a site we're
working on, and am stuck. Currently, I am using a couple of classes to run
most of the queries throughout the application. Well, I'm pretty stuck now.
What I need to do is use a variable throughout my classes that is a Session
variable. I really can't find another solution. The syntax I was using for
this variable before (I actually hard coded it during my...
|
by: Bruno Alexandre |
last post by:
Hi guys,
I'm using a session to save an ArrayList, so I do not read Database
everytime user reload the page or enter the site (the Data is consistent for
all entire session time when the user is on the site).
I'm using a Class called ProductBoxes and inside I have a public property
of Object type and I call from the PageLoad event
dim boxes as new ProductBoxes
|
by: dischdennis |
last post by:
Hello List,
I would like to make a singleton class in python 2.4.3, I found this
pattern in the web:
class Singleton:
__single = None
def __init__( self ):
if Singleton.__single:
raise Singleton.__single
|
by: Patient Guy |
last post by:
I am a newcomer to using PHP but not to programming (C, C++, Javascript).
I am playing around with classes and wanted to make a function that has a
method simply for producing either plain text or HTML output in a tabular
way a listing of the global variables in the = keyValue two-column
format. That's what the method listGlobals does.
I am stumped by the following error message:
PHP Catchable fatal error: Object of class phpEnv...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
