session variable is not forwarding between pages

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

stanfish
Forum Newbie
Posts: 9
Joined: Wed Apr 14, 2004 10:10 am

session variable is not forwarding between pages

Post by stanfish »

i have three simple files to test if my session works, it supposes to print "Yes" when entering the file session3.php, but it always print "No". Anyone has any idea? Is there anything that I can set to make it work?

session.php

Code: Select all

<form action=session2.php>
<input name=a>
<input type=submit name=submit value="111">
</form>

session2.php

Code: Select all

<?php
session_start();
header("Cache-control: private");
$_SESSION['name']=$a;
print $_SESSION['name'];
?>
<form action=session3.php>
<input type=submit name=submit value="111">
</form>

session3.php

Code: Select all

<?php
session_start();
header("Cache-control: private");
if ($_SESSION['name'])
	print 'Yes';
else
	print 'No';
?>
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

you might want to try changing this line in session2.php

Code: Select all

$_SESSION['name']=$a;
to..

Code: Select all

$_SESSION['name']=$_GET['a'];
Mark
magicrobotmonkey
Forum Regular
Posts: 888
Joined: Sun Mar 21, 2004 1:09 pm
Location: Cambridge, MA

Post by magicrobotmonkey »

What does session2 print for $_SESSION['name']? you should change $a to $_POST['a']
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

magicrobotmonkey wrote:What does session2 print for $_SESSION['name']? you should change $a to $_POST['a']
GET is the default method in forms where no method has been set

Mark
stanfish
Forum Newbie
Posts: 9
Joined: Wed Apr 14, 2004 10:10 am

Post by stanfish »

It still doesn't work.
I found that it may not be a problem in my code. It may be the problem with my setting of php.ini because when i run these code in some web hosting, it WORKS. This is the setting in my php.ini

php.ini

[Session]
session.save_handler = /temp/files ; handler used to store/retrieve data
session.save_path = /temp ; argument passed to save_handler
; in the case of files, this is the
; path where data files are stored
session.use_cookies = 1 ; whether to use cookies
session.name = PHPSESSID
; name of the session
; is used as cookie name
session.auto_start = 0 ; initialize session on request startup
session.cookie_lifetime = 0 ; lifetime in seconds of cookie
; or if 0, until browser is restarted
session.cookie_path = / ; the path the cookie is valid for
session.cookie_domain = ; the domain the cookie is valid for
session.serialize_handler = php ; handler used to serialize data
; php is the standard serializer of PHP
session.gc_probability = 1 ; percentual probability that the
; 'garbage collection' process is started
; on every session initialization
session.gc_maxlifetime = 1440 ; after this number of seconds, stored
; data will be seen as 'garbage' and
; cleaned up by the gc process
session.referer_check = ; check HTTP Referer to invalidate
; externally stored URLs containing ids
session.entropy_length = 0 ; how many bytes to read from the file
session.entropy_file = ; specified here to create the session id
; session.entropy_length = 16
; session.entropy_file = /dev/urandom
session.cache_limiter = private ; set to {nocache,private,public} to
; determine HTTP caching aspects
session.cache_expire = 180 ; document expires after n minutes
session.use_trans_sid = 1 ; use transient sid support if enabled
; by compiling with --enable-trans-sid
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

stanfish wrote:It still doesn't work.
I found that it may not be a problem in my code. It may be the problem with my setting of php.ini because when i run these code in some web hosting, it WORKS.
This may be becuase of this different with the setting register_globals in the php.ini.

What is yours set to?

Mark
stanfish
Forum Newbie
Posts: 9
Joined: Wed Apr 14, 2004 10:10 am

Post by stanfish »

I try to search for the word "register_globals" in my php.ini file, I found nothing.
How to set the register_globals?

Thanks!
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

search again, it is there in the "Data Handling" section

Mark
magicrobotmonkey
Forum Regular
Posts: 888
Joined: Sun Mar 21, 2004 1:09 pm
Location: Cambridge, MA

Post by magicrobotmonkey »

Oh yea good point, I didn't notice that. Is it generally better to use $_POST for form vars and $_GET for URL vars?
stanfish
Forum Newbie
Posts: 9
Joined: Wed Apr 14, 2004 10:10 am

Post by stanfish »

You are right. It is under data handling. Here is it:


;;;;;;;;;;;;;;;;;
; Data Handling ;
;;;;;;;;;;;;;;;;;
; Note - track_vars is ALWAYS enabled as of PHP 4.0.3
variables_order = "EGPCS" ; This directive describes the order in which PHP registers
; GET, POST, Cookie, Environment and Built-in variables (G, P,
; C, E & S respectively, often referred to as EGPCS or GPC).
; Registration is done from left to right, newer values override
; older values.
register_globals = On ; Whether or not to register the EGPCS variables as global
; variables. You may want to turn this off if you don't want
; to clutter your scripts' global scope with user data. This makes
; most sense when coupled with track_vars - in which case you can
; access all of the GPC variables through the $HTTP_*_VARS[],
; variables.
; You should do your best to write your scripts so that they do
; not require register_globals to be on; Using form variables
; as globals can easily lead to possible security problems, if
; the code is not very well thought of.
register_argc_argv = On ; This directive tells PHP whether to declare the argv&argc
; variables (that would contain the GET information). If you
; don't use these variables, you should turn it off for
; increased performance
post_max_size = 8M ; Maximum size of POST data that PHP will accept.
gpc_order = "GPC" ; This directive is deprecated. Use variables_order instead.

; Magic quotes
magic_quotes_gpc = On ; magic quotes for incoming GET/POST/Cookie data
magic_quotes_runtime= Off ; magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_sybase = Off ; Use Sybase-style magic quotes (escape ' with '' instead of '')

; automatically add files before or after any PHP document
auto_prepend_file =
auto_append_file =

; As of 4.0b4, PHP always outputs a character encoding by default in
; the Content-type: header. To disable sending of the charset, simply
; set it to be empty.
; PHP's built-in default is text/html
default_mimetype = "text/html"
;default_charset = "iso-8859-1"
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

magicrobotmonkey wrote:Oh yea good point, I didn't notice that. Is it generally better to use $_POST for form vars and $_GET for URL vars?
Depends on the situation.

Large amount of information or sensitive information use POST.

GET is good for say a product catalogue becuase if someone bookmarks a product that is called by a specific ID, they can bookmark that link with the query to return directly to that page.

I also you get for small amounts of insensitive data.

Mark
stanfish
Forum Newbie
Posts: 9
Joined: Wed Apr 14, 2004 10:10 am

Post by stanfish »

The register_globals is set to be On. Is it right?

Thanks!
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

You code should be okay if the globals are On, even though it is better to have them turned off.

in session3.php, try changing

Code: Select all

if ($_SESSION['name'])
to...

Code: Select all

if (!empty($_SESSION['name']))
stanfish
Forum Newbie
Posts: 9
Joined: Wed Apr 14, 2004 10:10 am

Post by stanfish »

I just try it, but it still doesn't work.

I am wondering why the code works in some web hosting, but not my computer.
I am thinking about the session folder. Is the "temp" folder located in the localhost folder?

Thanks!
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

session.save_handler = /temp/files should be just
session.save_handler = files
Post Reply