advice on best solution to use

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
amir
Forum Contributor
Posts: 287
Joined: Sat Oct 07, 2006 4:28 pm

advice on best solution to use

Post by amir »

some background information:

i have a PHP page, that when viewed, is customised to the user viewing it. how i detect which user is viewing the page is by using an Java applet that i built to POST the username that windows stores after you login to our network. in my PHP page i get that username like:

Code: Select all

$username = trim($_GET['username']);
the issue im facing and needing advice on is this:

when i get the username, i query MS SQL to get the users details stored in our system and i register a session. (after i register my session, i can then customise the PHP page for that user)

now if the username is blank - i want to redirect to an error page as either the user has tired to edit the username in URL or the username didnt get posted correctly to the PHP page from the Java Applet (HTML page).

now i also want to check if the session is set or not (empty). if its already set, skip the process of setting the session the second time around if user refreshes the PHP page. if the session isnt set, the obviously set the session and show the PHP page customised to that user.

But regardless of whether the session is set or not, my users are always redirected to error page...

my current code:

Code: Select all

<?php
session_start();

$username = trim($_GET['username']);

if(!isset( $_SESSION['user_info']))
{
     $_SESSION['user_info'] = array();

     // DB connection string here
     // DB query string that uses $username and the result string of that query here

     while ($row = mssql_fetch_array($results))
     {
          $_SESSION['user_info']['persid'] = trim($row['PersID']);
          $_SESSION['user_info']['surname'] = trim($row['Surname']);
          $_SESSION['user_info']['firstname'] = trim($row['Firstname']);
     }
          
     // Close DB connection here
}

// Rest of HTML tags here that is used to customise the page for the user
?>
wyrmmage
Forum Commoner
Posts: 56
Joined: Sat Oct 28, 2006 12:43 pm
Location: boise, ID

Post by wyrmmage »

you don't actually have to have

Code: Select all

if(!isset( $_SESSION['user_info']))
you can just have

Code: Select all

if($_SESION[user_info])
if you just want to check and make sure that the variable exists and has been initialized.
-wyrmmage
amir
Forum Contributor
Posts: 287
Joined: Sat Oct 07, 2006 4:28 pm

Post by amir »

Thanks for your help!
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

wyrmmage wrote:you don't actually have to have

Code: Select all

if(!isset( $_SESSION['user_info']))
you can just have

Code: Select all

if($_SESION[user_info])
if you just want to check and make sure that the variable exists and has been initialized.
-wyrmmage
This is not very good practice, in terms of readability and functionality. For instance, that if statement will return false if the value is false. isset() will return true if the value is false. It is also much clearer when writting code to use such functions.
wyrmmage
Forum Commoner
Posts: 56
Joined: Sat Oct 28, 2006 12:43 pm
Location: boise, ID

Post by wyrmmage »

ah, ok...sorry for the misleading information.
-wyrmmage
Post Reply