PHP Sessions ... Arrrgh!!!!???



  •  I'm writing this "thing" that retrieves text from a database and displays it to logged in users.

    The first part's okay , but PHP's session management system is very confusing ... so could

    someone explain it to me?

     

    My code has a class , "Page" . A page object loads an HTML template on construction.

    Then , consequent $page->addContent("%%ID%%","whatevertext"); calls replace text in the template.

     A final call to $page->generate(); outputs the page.

     

    index.php is the login page where the login box is displayed. login.php queries the database to find out

    whether that user exists. At this point , the problem starts. I'm calling session_start(); @ the beginning of login.php and index.php

    and also session_register("thisUser"); and later assigning to it ($thisUser) and checking it ... however it isn't working.

    Help Appreciated.

    -DG



  • Turn on error reporting.

    error_reporting(E_ALL);



  • Doesn't help...
    Just to clarify , I know 100% that it isn't a problem with retreiving the username and password hash from the database (from tests)
    but a problem with the session management code.

    session_start(); is right @ the top of each page with session_register("thisUser");



  • I wasn't trying to say that it would help. But if something is going wrong, error reporting will help you see it.

    Now without the code I can't determine what the problem with the code is.  The session management code of PHP isn't the problem here. Milions of people use it (including me).

    try this at the top of your file.


    [code]session_start();

    echo $_SESSION['test'];

    $_SESSION['test'] = 'test';

    die();[/code]

    First time you should see a notice, second time you should see test.

    If this does not happen then I would like to ask you to post the code into pastbin or something and show it to us. Because you are not explaining yourself clearly enough to make any kind of guess as to what the problem might be.

     

    -edit-

    Thinking about it, are you perhaps testing in IE and does the domain have a underscore in it? If that is the case IE will not allow you to set cookies resulting in not being able to sustain a session.



  • "The problem is fixed. The WTF in problem. WTF do developer. Developer is in aviraldg. Bad is aviraldg."

    Augh. Turns out this was a RTFM problem. I was looking at a book , specifically "PHP PRogramming" and it had no mention of the fact that PHP_REGISTER_GLOBALS (or something similar) had to be enabled. Also , I was registering the variable before using it and I wasn't getting any errors since I was using isset()... but thanks anyway...



  • DO NOT USE REGISTER GLOBALS.

    It is absolutely not necessary for using PHP sessions and is a huge security catastrophe. It does not exist in PHP 6 for this reason, and PHP 5.3 will throw notices at you if you try to use it.



  • @snover said:

    DO NOT USE REGISTER GLOBALS.

    It is absolutely not necessary for using PHP sessions and is a huge security catastrophe. It does not exist in PHP 6 for this reason, and PHP 5.3 will throw notices at you if you try to use it.

     

    QFT.



  • Also, to elaborate further, the problem is that whatever book you are reading is absolute shit that seems to have been written back when PHP3 was hot stuff. You don’t register session variables using session_register, and haven’t done so since PHP4. If you will actually head over to the PHP manual page for session_register, you will notice 4 yellow and red boxes telling you DO NOT USE THIS, IT IS DEPRECATED. To use session variables you access and set members of the $_SESSION superglobal array.

    <?php
    session_start();
    if(isset($_SESSION['count']))
    {
      $_SESSION['count'] += 1;
    }
    else
    {
      $_SESSION['count'] = 0;
    }

    echo "You have visited this page {$_SESSION['count']} time(s) before.";

    Run that and you will see the count displayed increase every time you reload the page.



  • Thanks for being so... erm... helpful. As I said , the problem has been solved , prior to my discovery of The Official PHP5 Manual. Now only if they could provide that in 96pt bold text , I'd be apalled.



  • Enabling register_globals isn’t the solution to the problem, which is what you insinuated you were doing before.


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.