FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Will this set or get a SESSION variable?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Will this set or get a SESSION variable? [message #180837 is a reply to message #180832] Thu, 21 March 2013 03:35 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 3/20/2013 7:39 PM, Robert Heller wrote:
> At Wed, 20 Mar 2013 15:09:07 -0700 (PDT) David Heller <daveh(at)allheller(dot)net> wrote:
>
>>
>>
>> I have the following code snippet:
>>
>> if(in_array($name, $this->m_names))
>> {
>> $this->m_rules[$name][] = $rule;
>> return $_SESSION[$name];
>>
>> }
>> In the entire script there does not appear to be any assignment to the
>> $_SESSION super global
>> so would it be fair to say that "return $_SESSION[$name];" not only
>> creates a session variable but returns it also? And what is it set
>> to?? It appears to me that $_SESSION[$name] = " " or possibly
>> something else. There is a bunch of $_SESSION[$somevariable]'s in the
>> code I'm looking at. The only reason I care is I would like to not
>> have to use any super globals at all but until I can figure out what
>> the original author was doing I'm stuck. I have successfully updated
>> his code (written in 2001) to work with php 5.3 but its not production
>> ready as register_globals has to be on and that's not a good thing. I
>> have googled and have seen no example of this type of use of $_SESSION
>> or $GLOBALS either.
>>
>> If you need to see more code please email me directly
>
> Presumably somewhere there is a call to session_start(), somewhere early
> in the code. What happens is this:
>
> When session_start() is called, a check is made for a certain cookie
> (PHPSESSID I think, something like that). If this cookie does not
> exist, then $_SESSION gets set to array(), like this pseudo code:
>
> if (cookie_not_found('PHPSESSID')) {
> $_SESSION = array();
> }
>
> Otherwise, the PHPSESSID contains an encoding of an array of values and
> this array is assigned to $_SESSION in session_start().
>
> So, the pseudo code for session_start() is something like:
>
> function session_start() {
> if (cookie_not_found('PHPSESSID')) {
> $_SESSION = array();
> } else {
> $_SESSION = valueOfCookie('PHPSESSID');
> }
> }
>
> At some point when PHP is ready to start sending headers (eg when the
> PHP code calls header() or starts sending HTML or sends a !DOCTYPE
> directive), it bundles up the array of values in $_SESSION into some
> sort of serialized value and includes a Set-Cookie: header associating
> this serialized value with the PHPSESSID cookie. This cookie is saved
> by the browser on the client machine and is sent back by the browser at
> the next page access, where session_start() unpacks it into $_SESSION.
> Thus the super global $_SESSION is *persistent* across pages. At least
> until the cookie epires and/or the PHP code explicitly destorys it.
> Most often, the $_SESSION is initializes upon a successful 'login' and
> is destroyed upon 'logout'. Between the 'login' event and the 'logout'
> event, the $_SESSION contains the information needed to perserve the
> session, that is the state of being logged in (or whatever sort of
> persistent state that is needed to be perserved). Typically, this
> would be something like the username, but could be other information
> (like a shopping cart).
>
> Try this as a google search string:
>
> php session_start
>
> You should get a link to a page on php.net for the function
> session_start function. Read the documentation there. And/or read the
> section of the book I mentioned in a previous reponse.
>
>>
>>
>> Thanks
>>
>

In correct. The session does set a cookie - but session values are set
on the server, and are independent of the client (other than the cookie
value).

It is perfectly valid to set session values AFTER the headers are sent.
What is NOT VALID is calling session_start() after the headers are
sent. The latter sends a cookie to the client - which is a header command.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: APC issues: locking up all processes and lack of PHP 5.4 support
Next Topic: question about class getters
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Tue Nov 26 06:33:09 GMT 2024

Total time taken to generate the page: 0.05958 seconds