LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Programming (https://www.linuxquestions.org/questions/programming-9/)
-   -   Question on register_globals in PHP (https://www.linuxquestions.org/questions/programming-9/question-on-register_globals-in-php-257860/)

vharishankar 11-22-2004 02:28 AM
Question on register_globals in PHP
 
Does this setting needs to be on or off in PHP.ini? I heard that there are a lot of security issues if register_globals is on but then I need to use variables across multiple PHP files for a session. How do I achieve this without having register_globals on?

I read the PHP manual but the $_SESSION doesn't appear to work across multiple files. Any clues or ideas as to how to overcome this problem?

Cedrik 11-22-2004 05:55 AM
You have to put :
session_start()

at the top of each php scripts that use session, so $_SESSION become available. Make sure
you correctly set your session variables too...
PHP Code:
session_start();
session_register("username");
$_SESSION["username"] = "bill"
and on another page for example
PHP Code:
session_start();
echo $_SESSION["username"]; 

vharishankar 11-22-2004 07:41 AM
Well, I used session_start () on the top of the page:

Listing of firstpage.php
PHP Code:
<?php session_start (); ?>
<HTML>
<BODY>
<FORM METHOD="POST" ACTION="secondpage.php?<?php print SID ?>">
<INPUT TYPE="text" NAME="username">
<INPUT TYPE="text" NAME="age">
<INPUT TYPE="submit" VALUE="GO!">
</BODY>
</HTML>
Listing of secondpage.php
PHP Code:
<?php
session_start ();
// ...
// ...
if (isset ($_SESSION['username'])
   print "User name is " $_SESSION['username'];
if (isset ($_SESSION['age'])
   print "User age is " $_SESSION['age'];
?>
The above code does not work. I pass the session ID as a query string when I link to the other page so this code is supposed to work, but I get only a blank output.

The PHP manual says that session_register () functions are deprecated or outdated and I'm asked to use only $_SESSION for accessing session state variables. How do I get around this problem?

Cedrik 11-22-2004 10:37 AM
I don't see the code where you assign value in $_SESSION['username'], try to change the
second script to something like :
PHP Code:
<?php
session_start ();
// ...
// ...

// assign the value from the field username
if(isset($_POST["username"])) {
   $_SESSION['username'] = trim($_POST["username"]);
} else {
    $_SESSION['username'] = "not set";
}
?>
<a href="thirdpage.php">click here</a>
and thirdpage.php :
PHP Code:
session_start (); 
echo $_SESSION['username']; 
[EDIT]
After went to www.php.net, I decided to not use session_register no more ;)

vharishankar 11-22-2004 08:23 PM
Hey thanks. $_POST works fine. Never thought of that though. So to use form fields, I use the $_POST superglobal and then assign it to a session variable.

Don't know how I missed that...


All times are GMT -5. The time now is 03:52 PM.