Wrox Programmer Forums
| Search | Today's Posts | Mark Forums Read
BOOK: Beginning PHP, Apache, MySQL Web Development ISBN: 978-0-7645-5744-6
This is the forum to discuss the Wrox book Beginning PHP, Apache, MySQLWeb Development by Michael K. Glass, Yann Le Scouarnec, Elizabeth Naramore, Gary Mailer, Jeremy Stolz, Jason Gerner; ISBN: 9780764557446
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning PHP, Apache, MySQL Web Development ISBN: 978-0-7645-5744-6 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old June 17th, 2004, 10:29 PM
Friend of Wrox
 
Join Date: Jun 2004
Location: Fairfield, Iowa, USA.
Posts: 101
Thanks: 0
Thanked 0 Times in 0 Posts
Default A question about sessions!

Ok, I am on chapter 14 now. It has been quite a ride. So many thinks I hava learned and so many things I have to remember. The use of sessions is something I still have problems with. On chapter 14 you user sessios_id() beforese sessions_start(), on the explanation the reason is so that you keep the same session id. The problem I am having is that I thought that when you do session_start() I thought if you already had a session id it will keep the same, but after reading this it seems everytime yo do a session_start() the id of the sessions changes but I do not see how can that be, because if the Id changes all the time how can you store variables in the session on one page and then retrieve them on a different page. Can somebody pleaseeee help me out?

Also in this same chapter the page checkout2.php uses the funcion session_start() but never uses a $_Session['anything'], what is the point then to start a session?

Since we are talking about sessions, one last question. Why is it that previously in the book you pass the session id on the url? When do you pass on the url and when not?

Christian

Note: SOrry for all the question but I really want to understand this thing about sessions.
__________________
Christian
 
Old June 21st, 2004, 10:35 AM
Authorized User
 
Join Date: Apr 2004
Location: Cincinnati, OH, USA.
Posts: 27
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Christian:

To quote the php.net manual,
session_start() creates a session or resumes the current one based on the current session id that's being passed via a request, such as GET, POST, or a cookie.

session_id -- Get and/or set the current session id

So, the session_id function sets (or returns) the id for the session & the session_start gets all the info held in the current session. Does that make sense?

In our shopping cart example, we are only using the session id variable to store products in the temporary shopping cart, but you could use whatever you wanted and reference it accordingly, such as username, preferences (like language), browser used, etc.

As far as passing session id's through the URL, we chose not to do it in our cart example because if someone saved a page as a bookmark, with an old session ID in the URL, it would potentially screw up our temporary cart system. Likewise if you were storing personal information in your session, and you passed the session ID through the URL, that personal information could be compromised.

I hope that helps clear things up for you- you can read more about sessions at the php manual: www.php.net/manual


 
Old June 21st, 2004, 01:45 PM
Friend of Wrox
 
Join Date: Jun 2004
Location: Fairfield, Iowa, USA.
Posts: 101
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks for the reply Elizabeth. Could you give me an example of when would be a good id to pass the session id through the url?

Christian
 
Old June 25th, 2004, 08:41 AM
Authorized User
 
Join Date: Apr 2004
Location: Cincinnati, OH, USA.
Posts: 27
Thanks: 0
Thanked 0 Times in 0 Posts
Default

You could pass the session in a URL if you had, for example, a database of articles that your users were allowed to search. In this case, it wouldn't terribly matter if someone used a bookmarked URL (and thus bogus sessionid) because they're just searching through articles. This of course is assuming you're not storing any sensitive information in your session.







Similar Threads
Thread Thread Starter Forum Replies Last Post
help me in sessions bonnythalli SQL Server 2000 1 September 20th, 2006 08:06 AM
sessions p2ptolu Classic ASP Components 3 March 17th, 2005 06:31 AM
Sessions 2540EA BOOK: Beginning PHP, Apache, MySQL Web Development ISBN: 978-0-7645-5744-6 0 February 20th, 2005 05:42 AM
Mixing classic ASP sessions with ASP.NET sessions scorpion_king General .NET 2 August 4th, 2004 08:20 AM
need help on sessions. major dynamic123 Pro PHP 13 November 14th, 2003 09:55 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.