| Re: Will this set or get a SESSION variable? [message #180832 is a reply to message #180826] |
Wed, 20 March 2013 23:39   |
Robert Heller
Messages: 60
Registered: December 2010
Karma:
|
Member |
|
|
At Wed, 20 Mar 2013 15:09:07 -0700 (PDT) David Heller <daveh(at)allheller(dot)net> wrote:
>
>
> I have the following code snippet:
>
> if(in_array($name, $this->m_names))
> {
> $this->m_rules[$name][] = $rule;
> return $_SESSION[$name];
>
> }
> In the entire script there does not appear to be any assignment to the
> $_SESSION super global
> so would it be fair to say that "return $_SESSION[$name];" not only
> creates a session variable but returns it also? And what is it set
> to?? It appears to me that $_SESSION[$name] = " " or possibly
> something else. There is a bunch of $_SESSION[$somevariable]'s in the
> code I'm looking at. The only reason I care is I would like to not
> have to use any super globals at all but until I can figure out what
> the original author was doing I'm stuck. I have successfully updated
> his code (written in 2001) to work with php 5.3 but its not production
> ready as register_globals has to be on and that's not a good thing. I
> have googled and have seen no example of this type of use of $_SESSION
> or $GLOBALS either.
>
> If you need to see more code please email me directly
Presumably somewhere there is a call to session_start(), somewhere early
in the code. What happens is this:
When session_start() is called, a check is made for a certain cookie
(PHPSESSID I think, something like that). If this cookie does not
exist, then $_SESSION gets set to array(), like this pseudo code:
if (cookie_not_found('PHPSESSID')) {
$_SESSION = array();
}
Otherwise, the PHPSESSID contains an encoding of an array of values and
this array is assigned to $_SESSION in session_start().
So, the pseudo code for session_start() is something like:
function session_start() {
if (cookie_not_found('PHPSESSID')) {
$_SESSION = array();
} else {
$_SESSION = valueOfCookie('PHPSESSID');
}
}
At some point when PHP is ready to start sending headers (eg when the
PHP code calls header() or starts sending HTML or sends a !DOCTYPE
directive), it bundles up the array of values in $_SESSION into some
sort of serialized value and includes a Set-Cookie: header associating
this serialized value with the PHPSESSID cookie. This cookie is saved
by the browser on the client machine and is sent back by the browser at
the next page access, where session_start() unpacks it into $_SESSION.
Thus the super global $_SESSION is *persistent* across pages. At least
until the cookie epires and/or the PHP code explicitly destorys it.
Most often, the $_SESSION is initializes upon a successful 'login' and
is destroyed upon 'logout'. Between the 'login' event and the 'logout'
event, the $_SESSION contains the information needed to perserve the
session, that is the state of being logged in (or whatever sort of
persistent state that is needed to be perserved). Typically, this
would be something like the username, but could be other information
(like a shopping cart).
Try this as a google search string:
php session_start
You should get a link to a page on php.net for the function
session_start function. Read the documentation there. And/or read the
section of the book I mentioned in a previous reponse.
>
>
> Thanks
>
--
Robert Heller -- 978-544-6933 / heller(at)deepsoft(dot)com
Deepwoods Software -- http://www.deepsoft.com/
() ascii ribbon campaign -- against html e-mail
/\ www.asciiribbon.org -- against proprietary attachments
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]