Wrox Home  
Search P2P Archive for: Go
Shopping CartView Cart  |  My Account  |  Support
Home Browse Titles

P2P Archives
 

Archive Index
Back to Active P2P Forum

 


Wrox Chapters on Demand - Download the chapters you need and take them on the go!
Wrox First - Instant Access online to new Wrox books

New Titles for ASP.NET

Cover image for product 0470391847
Jumping from ASP to ASP.NET
Cover image for product 0470286652
ASP.NET AJAX Control Development with Visual Studio 2008 and .NET 3.5 Framework
Wrox Blox
  Return to Index  

pro_php thread: Funky Session Problems

Message #1 by "Joel Wickard" <jwickard@l...> on Tue, 6 Nov 2001 11:15:09 -0800
With that in mind, I'd go so far as write PHP code on the receiving pages to
add only the specific things you'd expect to receive into the array instead
of doing a straight array copy.

I guess it's not a BIG deal, though.


-----Original Message-----
From: Adam Lang [mailto:aalang@r...]
Sent: Tuesday, November 06, 2001 11:46 AM
To: professional php
Subject: [pro_php] Re: Funky Session Problems


Here is a little bit more for a follow up.  Seems this behavior is intended
that way for security reasons.  This is pulled off the annotation from the
PHP site:

------------------
Editor's note: This is a security feature. You shall not trust data coming
from clients.

Remember that you CANNOT override a EXISTING session variable with a
FORM(post), e.g.:

First page:
<?
$something = "blah";
session_register("something");
?>
<form method="post">
<input type="text" name="something">
</post>

And let's say you typed "fla fla" in the something field.

Second page:
<?
SESSION_REGISTER("something");
$something = $something;
echo $something;
?>

The second page will return "blah". You cann't override an existing session
variable with a HTTP POST Variable.

Correct (second page):
<?
SESSION_REGISTER("something");
$something = $HTTP_POST_VARS["something"];
echo $something;
?>

This will return the value you inserted into the input field.
----------------

Adam Lang
Systems Engineer
Rutgers Casualty Insurance Company
http://www.rutgersinsurance.com
----- Original Message -----
From: "Joel Wickard" <jwickard@l...>
To: "professional php" <pro_php@p...>
Sent: Tuesday, November 06, 2001 4:26 PM
Subject: [pro_php] Re: Funky Session Problems


> It looks like that's what I'm going to have to do, but in my app design, a
> page calls itself to operate on the data that the user entered.  So if I
> have "pageX" sumbit to "pageY", I have to submit the action variables from
> pageX to pageY to tell pageY what to do.  The problem with the manual
> assignment idea, is that when pageY calls itself to insert it's data, the
> values sent from pageX are erased, so then I'd have to check if those two
> variables from pageX are set, and if not, just use the values they
currently
> have  I was just trying to create a cleaner interface for the pages.
> ----- Original Message -----
> From: "Nikolai Devereaux" <yomama@u...>
> To: "professional php" <pro_php@p...>
> Sent: Tuesday, November 06, 2001 11:20 AM
> Subject: [pro_php] Re: Funky Session Problems
>
>
> >
> > I think that what's happening is exactly what you'd expect, though..
> >
> > you're saying
> >
> > $x = whatever;
> >
> >  and then later, the session is saying
> >
> > $x = something else;
> >
> > which overwrites the previous value.  the fact that they're arrays seems
> to
> > make little difference to the engine... i think the way to go is to name
> the
> > variables in your form something else, maybe "postedActions", and
manually
> > copy/append them to your session var.
> >
> >
> > -----Original Message-----
> > From: Joel Wickard [mailto:jwickard@l...]
> > Sent: Tuesday, November 06, 2001 1:10 PM
> > To: professional php
> > Subject: [pro_php] Re: Funky Session Problems
> >
> >
> > In this example I wasn't trying to throw away anything.  I wanted to
> append
> > values from a form onto my array that was already stored in the session.
> > but it seems the session is just overwriting the variable sent through
> > HTTP_POST_VARS, instead of adding it to itself wich is the functionality
> > that I'd hoped to acheive.
> > ----- Original Message -----
> > From: "Adam Lang" <aalang@r...>
> > To: "professional php" <pro_php@p...>
> > Sent: Tuesday, November 06, 2001 11:01 AM
> > Subject: [pro_php] Re: Funky Session Problems
> >
> >
> > > I am a bit confused on which variables you are keeping and which don't
> > carry
> > > over.
> > >
> > > Adam Lang
> > > Systems Engineer
> > > Rutgers Casualty Insurance Company
> > > http://www.rutgersinsurance.com
> > > ----- Original Message -----
> > > From: "Joel Wickard" <jwickard@l...>
> > > To: "professional php" <pro_php@p...>
> > > Sent: Tuesday, November 06, 2001 2:15 PM
> > > Subject: [pro_php] Funky Session Problems
> > >
> > >
> > > > Good Morning All.
> > > >
> > > > I'm trying to control several pages in an intranet app with one
> central
> > > > array.
> > > >
> > > > On the first page I register the array name and give it a few
values:
> > > > <?php
> > > >     session_register("pageActions");
> > > >     $pageActions['repId'] = "JW-000001";
> > > > ?>
> > > >
> > > > Then let's say I load a second page, and on that page
> > > > I start the the session to read my repId from the $pageActions
array..
> > so
> > > > far so good.
> > > >
> > > > <?php
> > > >     session_start();
> > > >
> > > >     if($pageAction['repId'] == "JW-000001")
> > > >     {
> > > >             do something;
> > > >     }
> > > >
> > > > I do not perform any new assignments to the variable $pageActions.
> but
> > I
> > > do
> > > > need to call another page from this page, and that page needs to
know
> > what
> > > > to do based on a value of $pageActions  so I set up a little form to
> > send
> > > > some values to the next page.
> > > >
> > > > <form method="post" action="thirdPage.phtml">
> > > >     <input type="hidden" name="pageActions[pAction]" value="load">
> > > >     <input type="hidden" name="pageActions[dbAction]"
value="update">
> > > >     <input type="submit" value="edit">
> > > > </form>
> > > >
> > > > When the third page is loaded I start the session with
> session_start().
> > > > I try to use my session variables but  I get this problem:
> > > > If I cycle through HTTP_POST_VARS it containse one variable:
> > $pageActions,
> > > > with the values I sent.  Perfect.  This is what I want.  I want it
to
> > > > "append" to the session variable $pageActions.  That's why I sent it
> > > through
> > > > with the same name.  Doesn't seem to want to act like I want it to
> > though.
> > > > If I loop through the variable $pageActions after I have a
> > sessionVariable
> > > > named that and have values sent through HTTP_POST_VARS, all I get is
> > what
> > > > was in the session variable.
> > > >
> > > > I hope I made it clear enough.  Any help would be greatly
appreciated
> > > >
> > > >
> aalang@r...
> $subst('Email.Unsub')
> > > >
> > > >
> > >
> > >
> > >
> > >
> > >
> >
> >
> >
> >
> >
>
>
>
>

  Return to Index  
About Wrox  |  Contact Us  |  Subscribe to an RSS Feed of New Wrox Titles
Copyright © 2000-2004 by John Wiley & Sons, Inc. or related companies. All rights reserved. Please read our Privacy Policy