I'm going to bump this up; I think 24 hours is acceptable. If not my apologies. The issue has sort of morphed from my original problem, so there is a temptation to start a new thread, but I'm inclined to think that would be rude. So let me restate the issue as it now stands.
I have this utility script which is called by several other scripts to alter the session variables which determine the current month and year being viewed. There is a "last permissable" month and year which apply only to some users, in which case a session variable, $_SESSION['DispStat'], also needs to be set to control the status of the records which will be displayed. Nothing very sophisticated, and here is the script in its entirety.
creset.php
Code: Select all
// Routine for bumping a standard session period June 5, 2004
// added the $_SESSION['DispStat'] routine for displaying records Apr 29, 2009
session_cache_limiter("private,must-revalidate");
session_start();
if (isset($_POST['Plus_x'])) // wants to advance a month
{ $_SESSION['Cmth']++;
if ($_SESSION['Cmth'] > 12) // bumped to next year
{ $_SESSION['Cmth'] = 1; // January
$_SESSION['Cyr']++; // of next year
}
}
else if (isset($_POST['Minus_x'])) // wants to back up a month
{ $_SESSION['Cmth']--;
if ($_SESSION['Cmth'] == 0) // bumped to last year
{ $_SESSION['Cmth'] = 12; // December
$_SESSION['Cyr']--; // of last year
}
}
else // only use the dropdowns
{ $_SESSION['Cmth'] = $_POST['Mth']; // when the +/- buttons are
$_SESSION['Cyr'] = $_POST['Yr']; // neither one clicked
}
if (isset($_SESSION['DispStat']))
{ if ($_SESSION['Cyr'] < $_SESSION['Lyr'] || ($_SESSION['Cyr'] == $_SESSION['Lyr'] && $_SESSION['Cmth'] <= $_SESSION['Lmth']))
$_SESSION['DispStat'] = 4;
else $_SESSION['DispStat'] = 5; // the status to display ("if Stat > $_SESSION['DispStat']")
}
$S = "Location:" . $_SERVER['HTTP_REFERER']; // allows use of cal_head() function when conditional date change is required
header($S);
I realize that using $_SERVER['HTTP_REFERER'] is a little risky, but it has presented no problems so far. If it ever does the structure of my code makes it fairly easy to replace it with a session variable taken from $_SERVER['PHP_SELF'] which is more reliable. Anyway, this script works perfectly when called from all of the scripts which call it, except a small glitch when called from one script.
The following script is a menu for users. The user logs in and the login script verifies password and username against the database. It sets the session variables and then sends it to this menu with the $_GET['Owner'] set to the user's number. Just that $_GET is not enough to successfully run the script, the session variables must also be set for security, but the $_GET['Owner'] tells the script that this is the first iteration of the script. The administrator may also come to this menu, in which case the $_GET['Owner'] is also set.
Here's the menu with the relevant code and markup. I left out the styling stuff for clarity.
n_brchmenu.php
Code: Select all
session_cache_limiter("private,must-revalidate");
session_start();
if (isset($_GET['Owner']))
{ $_SESSION['ListFor'] = 0 + $_GET['Owner'];
$_SESSION['DispStat'] = 4; // (this will display reports)
} // set here to permit entry from Admin menu
?>
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01//EN' 'http://www.w3.org/TR/html4/strict.dtd'>
<html lang='en'>
<head><title>Company of San Diego</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8'>
</head>
<form method=post action='incl/creset.php'>
<input type=image src='../../cimage/c_plus.gif' name='Plus'>
<select name='Mth' onchange='this.form.submit();'>
<option value=1>Jan</option>
<!--and the rest of the options, current month selected -->
</select>
<select name='Yr' onchange='this.form.submit();'>
<option value=2005>2005</option>
<!--and the rest of the options, current year selected -->
</select>
<input type=image src='../../cimage/c_minus.gif' name='Minus'>
</form>
That $_SESSION['DispStat'] does not appear anywhere in this script, other than in the $_GET['Owner'] condition.
If creset.php is invoked on the initial iteration of this script,
including if it is invoked multiple times, $_SESSION['DispStat'] does not get changed. The current month and year do change, but $_SESSION['DispStat'] does not. If the user makes a menu selection, invoking a different script, and then returns to this one, then invoking creset.php changes $_SESSION['DispStat'] as expected.
Why would multiple invocations of creset.php not cause the $_SESSION['DispStat'] to begin changing? I realize that creset.php does not involve an http request, but returning to n_brchmenu.php from that script should do so? Or does the server know not to repeat a request from the same script somehow? Grasping at straws, because what would an http request have to do with it?
If I change the $_GET['Owner'] conditional to this
Code: Select all
if (isset($_GET['Owner']))
{ $_SESSION['ListFor'] = 0 + $_GET['Owner'];
$_SESSION['DispStat'] = 4; // (this will display reports)
header("Location:n_brchmenu.php");
exit();
} // set here to permit entry from Admin menu
Then invoking creset.php changes the $_SESSION['DispStat'] properly, seemingly because the menu script has been reiterated. But with the exit() function there, only the very first part has been, so the only real difference is that the script has been iterated without the $_GET variable set. But how can that make any difference?
The header() in the above condition clears the problem but, given that the date can be changed repeatedly in the initial menu iteration without $_SESSION['DispStat'] changing, the header() call in creset.php apparently does not clear the problem?
I did a var-dump (print_r($_SESSION) thing) in creset.php, and of course it then gave me a header error, but it did display a value for $_SESSION['DispStat']. It just didn't change it. The month, year and Lmth/Lyr vars were correct as well.
As my grandfather would have said, Was gibst?