473,320 Members | 1,902 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Problem with session variables?

Hi

I'm trying to use a function to set a session variable. I have three files:

The first file has:

<?php session_start(); // This connects to the existing session
?>
<html>
<head>
<title>Untitled Document</title>
</head>
<body>
<p> <a href="functions.php?FuncToExec=countrySelectUS">Ex ecute countrySelect
function</a></p>
</body>
</html>
I then have a functions.php file:

<?php session_start();
session_register ("country");
$HTTP_SESSION_VARS ["country"] = $country;
$country="UK"; //default
?>
<?php
if($FuncToExec == "countrySelectUS"){
countrySelectUS();
}?>
<html>
<head>
<meta http-equiv="refresh" content="12; URL=thiscountry.php">
<title>Untitled Document</title>
</head>
<body>
<?php
function countrySelectUS() {
$country="US";
echo "new country is: " . $country;
}
?>
</body>
</html>
And finally thiscountry.php:

<?php session_start(); ?>
<html>
<head>
<title>Untitled Document</title>
</head>

<body>
You are in
<?php echo $country ?>

</body>
</html>
However when i click on the link in the first page, the functions.php page
displays saying
'new country is: US'

but the final page gets displayed with:
'You are in UK'

The function is obvioulsy being run, but for some reason the change in value
for country isnt being 'stored' as part of the session, only the value
assigned when its created.

Thats not how I was understanding they should work

Can anyone explain what I have done wrong?

Many thanks for any help given

N
Oct 25 '05 #1
7 2012
Try

if($_GET['FuncToExec'] == "countrySelectUS"){

Oct 25 '05 #2
First reply seems to have got lost....

Use $_SESSION['country'] not $country in countrySelectUS()

$country in countrySelectUS() is local

Alternatively, use
global $country;

Oct 25 '05 #3
"the change in value for country isnt being 'stored' as part of the
session" because you are saving it in the local (to the function) var
$country which goes out of scope when the function ends

Either use

$_SESSION['country']

or use

"global $country"

The former is preferable for readability and still leaves you with
$country to use locally.

Ian

Oct 25 '05 #4
Hiya

I'm confused now as i thought

$HTTP_SESSION_VARS ["country"] = $country;

meant that i could refer to the session variable as $country ?

Also I get 'uk' from $country in the 'thiscountry.php' which i thought
suggested that $country was refering to the session variable?

However, I did what you suggested and changed functions so it now looks
like:

<?php session_start();
session_register ("country"); // Create a session variable called name
$HTTP_SESSION_VARS ["country"] = $country;
$country="UK";
?>
<?php
if($FuncToExec == "countrySelectUS"){
countrySelectUS();
}?>

<html>
<head>
<meta http-equiv="refresh" content="12; URL=thiscountry.php">
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<?php
function countrySelectUS() {
$_session['country']="US";
echo "new country is: " .$_session['country'];
}
?>
</body>
</html>

However, I still get the same problem, I click on the link, functions.php
displays showing 'new country is: US' and then I move automatically to
thiscountry.php where it says 'You are in UK'

which I dont understand :(

N

"Ian B" <ia********@gmail.com> wrote in message
news:11**********************@g14g2000cwa.googlegr oups.com...
"the change in value for country isnt being 'stored' as part of the
session" because you are saving it in the local (to the function) var
$country which goes out of scope when the function ends

Either use

$_SESSION['country']

or use

"global $country"

The former is preferable for readability and still leaves you with
$country to use locally.

Ian

Oct 25 '05 #5
> I'm confused now as i thought

$HTTP_SESSION_VARS ["country"] = $country;

meant that i could refer to the session variable as $country ?
Nope. It means that you store value of $country variable under "country"
name. You are also using here an old way of accessing session values
(you are using $HTTP_SESSION_VARS instead of $_SESSION).

What is making $country refer to session is session_register function
(which will NOT work if register_globals is turned off, which means
most PHP servers).

Also I get 'uk' from $country in the 'thiscountry.php' which i thought
suggested that $country was refering to the session variable?
It's a result of using session_register.

However, I did what you suggested and changed functions so it now looks
like:

<?php session_start();
session_register ("country"); // Create a session variable called name
$HTTP_SESSION_VARS ["country"] = $country;
$country="UK";
?>
<?php
if($FuncToExec == "countrySelectUS"){
countrySelectUS();
}?>

<html>
<head>
<meta http-equiv="refresh" content="12; URL=thiscountry.php">
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<?php
function countrySelectUS() {
$_session['country']="US";
This should be $_SESSION, not $_session. Variable names are case sensitive
in PHP.

echo "new country is: " .$_session['country'];
}
?>
</body>
</html>

However, I still get the same problem, I click on the link, functions.php
displays showing 'new country is: US' and then I move automatically to
thiscountry.php where it says 'You are in UK'

which I dont understand :(


It's because you used $_session variable, which is not the one you
should.

In general you should not use session_register but use $_SESSION array:
<?php
session_start();
if (!isset($_SESSION['country'])
{
$_SESSION['country'] = 'UK';
}

if ($FuncToExec == 'countrySelectUS')
{
countrySelectUS();
}
?>
<html>
<head>
<meta http-equiv="refresh" content="12; URL=thiscountry.php">
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?php
function countrySelectUS()
{
$_SESSION['country'] = 'US';
echo 'new country is: ' .$_SESSION['country'];
}
?>
</body>
</html>

I also do not understand why do you use such a complicated way of selecting
countries. I would use something like this (one single file, where
first part could be an include file included in every page):

<?php
error_reporting( E_ALL );
session_start();
$countries = array( 'US', 'UK', 'PL' );
if (isset( $_GET['country'] ) && in_array( $_GET['country'], $countries ))
{
$_SESSION['country'] = $_GET['country'];
}
else if (!isset($_SESSION['country'])
{
$_SESSION['country'] = 'UK';
}
?>
<html>
<head>
<title>Untitled Document</title>
</head>

<body>
You are in
<?php
echo htmlspecialchars( $_SESSION['country'] );
?>.<br />
<br />
Select country:
<?php
$link = $_SERVER['PHP_SELF'] . '?country=';
$output = array();
foreach( $country in $countries )
{
if ($country == $_SESSION['country'])
{
$output[] = '<b>' . htmlspecialchars( $country ) . '</b>';
}
else
{
$output[] = '<a href="' . htmlspecialchars( $link . $country ) . '">'
. htmlspecialchars( $country )
. '</a>';
}
}
echo implode( ', ', $output );
?>
</body>
</html>
Hilarion
Oct 25 '05 #6
Hi Nicole,

Yep you would get the same result because $_session is different from
$_SESSION

PHP variables are case sensitive

As Hilarion said, you are using the old way of accessing variables.

It is better to use the format $_SESSION['country'] for a number of
reasons:

* Having started a session with session_start(), you don't need to
register any variable
* It is independent of "register_globals" - whatever this setting is,
you can always access $_SESSION['country']
* register_globals = On is dangerous because it can mask or be masked
by other variable
* register_globals = On is dangerous because users can add variables
to the query string and override stuff you thought was safe

Think of it like this:

* The first time a browser window calls session_start(), PHP goes off
to find the session variables, finds none and gives you an empty
$_SESSION array.

* You can amend $_SESSION vars by assigning values to them. If they
don't exist, they will be created.

* PHP makes sure that these values are always saved

* The next time that the same browser window calls session_start(), PHP
creates the $_SESSION array and loads the existing values, so you have
them back again.

$_SESSION vars are available from within functions

Nice and simple if you leave it at that.

With register_globals = On, PHP creates an $var for every
$_SESSION['var']. These are not available within function unless you
use "global $var", so "$var m= 27;" within a function will create a
local $var which will mask your session $var

Setting $HTTP_SESSION_VARS ["country"] = $country; means that anything
you do to $country will be done to $HTTP_SESSION_VARS ["country"] since
they are now one and the same (I think)

BUT...$country still has the same scope that any other $var has, so if
you do $HTTP_SESSION_VARS ["country"] = $country; within a function,
$country disappears when the function ends ($HTTP_SESSION_VARS
["country"] remains, though)
Simple answer: Stick with $_SESSION['country'] - it's simpler, obvious,
and a lot safer

Ian

Oct 25 '05 #7
> * register_globals = On is dangerous because it can mask or be masked
by other variable
I'm not sure if I understand you. If you are about variables scope,
then it has not much to do with register_globals. Regardless of it
being on or off all variables have same scope. register_globals only
makes some variables automatically set to values from environment
($_ENV, $_SERVER) and from request ($_REQUEST or rather directly
$_GET, $_POST and $_COOKIE).

* register_globals = On is dangerous because users can add variables
to the query string and override stuff you thought was safe
Yes. Having that in mind it's also possible to write scripts that are
safe even when register_globals is on, but if it's off then still
writing unsecure scripts is possible (for example register_globals
does not affect most SQL injection attacks).

With register_globals = On, PHP creates an $var for every
$_SESSION['var'].
As far as I know it does not. It does it (by reference) when calling
session_register.

These are not available within function unless you
use "global $var", so "$var m= 27;" within a function will create a
local $var which will mask your session $var
Yes, because it's a global variable and all scope rules apply.

Setting $HTTP_SESSION_VARS ["country"] = $country; means that anything
you do to $country will be done to $HTTP_SESSION_VARS ["country"] since
they are now one and the same (I think)
Nope. This only assigns value of $country variable to the session
values array. It does not bind the variable as a session variable.
session_register does the bind. Additionaly $HTTP_SESSION_VARS is
only a global variable (scope rules apply), not a superglobal
as $_SESSION (available in all scopes).

BUT...$country still has the same scope that any other $var has, so if
you do $HTTP_SESSION_VARS ["country"] = $country; within a function,
$country disappears when the function ends ($HTTP_SESSION_VARS
["country"] remains, though)
As above. This assignment does nothing to global variables including
session values because $HTTP_SESSION_VARS and $country variables
are local to the function.

Simple answer: Stick with $_SESSION['country'] - it's simpler, obvious,
and a lot safer


I agree.
Hilarion
Oct 25 '05 #8

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

18
by: ZoombyWoof | last post by:
Hi. Im very new to php, and I have a problem here that I cant find the solution for. I have problems with session variables, I want some variables to maintain their value between different php...
13
by: Mimi | last post by:
Hello, I am having trouble using the session vars in PHP 4.3.9 OS: Win XP Prof Web Server IIS (is local and there are no links to other servers from the web pages I work on) Browser: IE 6.0 ...
1
by: Jonathan Chong | last post by:
I have problem with AOL browser (IE and Netscape are OK) accessing my Web site after putting up a load balancer that will go to W1 or W2. The problem does not happen when there is only Web server...
3
by: Gary | last post by:
I am having a strange problem that I cannot solve. I have an asp page that I use for a user to login and gain access to other pages. When the user logs in I set a couple of session variables like...
7
by: Adam Short | last post by:
I'm having all sorts of problems with Sessions, I've been using them for years with out a hitch, all of a sudden the last 6 - 12 months since getting our new Win2003 server it's all gone shakey!!!...
5
by: Newton | last post by:
Hi, I got here the following problem. I am programming web application for examing students. After student will log on I need to keep his ID, Privileges, Login, Password for manipulating with...
6
by: Scott Zabolotzky | last post by:
I'm trying to pass a custom object back and forth between forms. This custom object is pulled into the app using an external reference to an assembly DLL that was given to me by a co-worker. A...
8
by: Ashish | last post by:
Incase the problem got bogged down reposting... Hi Gregory, I think I didnt make myself much clear. The problem is: 1. I have one ASP.NET application (no classic asp) and it has a main page...
0
by: Alexander Widera | last post by:
hello all, i have a problem ... like I already discussed in the thread "session empty" I have the following problem: I created a completely new web... i added 2 files: sessiontest1.aspx:
3
by: stclaus | last post by:
Hi, I'm currently experiencing a problem using sessions under php 4.4.2. I store variables and objects inside session variables, and all works well under php 5.x, but when I upload those pages to...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.