| Will this set or get a SESSION variable? [message #180826] |
Wed, 20 March 2013 22:09  |
daveh
Messages: 18
Registered: March 2013
Karma: 0
|
Junior Member |
|
|
I have the following code snippet:
if(in_array($name, $this->m_names))
{
$this->m_rules[$name][] = $rule;
return $_SESSION[$name];
}
In the entire script there does not appear to be any assignment to the
$_SESSION super global
so would it be fair to say that "return $_SESSION[$name];" not only
creates a session variable but returns it also? And what is it set
to?? It appears to me that $_SESSION[$name] = " " or possibly
something else. There is a bunch of $_SESSION[$somevariable]'s in the
code I'm looking at. The only reason I care is I would like to not
have to use any super globals at all but until I can figure out what
the original author was doing I'm stuck. I have successfully updated
his code (written in 2001) to work with php 5.3 but its not production
ready as register_globals has to be on and that's not a good thing. I
have googled and have seen no example of this type of use of $_SESSION
or $GLOBALS either.
If you need to see more code please email me directly
Thanks
|
|
|
|
| Re: Will this set or get a SESSION variable? [message #180828 is a reply to message #180826] |
Wed, 20 March 2013 22:53  |
Christoph Becker
Messages: 91
Registered: June 2012
Karma: 0
|
Member |
|
|
David Heller wrote:
> I have the following code snippet:
>
> if(in_array($name, $this->m_names))
> {
> $this->m_rules[$name][] = $rule;
> return $_SESSION[$name];
>
> }
> In the entire script there does not appear to be any assignment to the
> $_SESSION super global
> so would it be fair to say that "return $_SESSION[$name];" not only
> creates a session variable but returns it also? And what is it set
> to?? It appears to me that $_SESSION[$name] = " " or possibly
> something else.
You may check it out for yourself:
if(in_array($name, $this->m_names))
{
$this->m_rules[$name][] = $rule;
var_dump($_SESSION[$name]);
return $_SESSION[$name];
}
If the session is not initialized or the session variable has not been
set before, it will print NULL.
You'll find comprehensive information about PHP sessions on
<http://www.php.net/manual/en/book.session.php>.
--
Christoph M. Becker
|
|
|
|
| Re: Will this set or get a SESSION variable? [message #180832 is a reply to message #180826] |
Wed, 20 March 2013 23:39 |
Robert Heller
Messages: 60
Registered: December 2010
Karma: 0
|
Member |
|
|
At Wed, 20 Mar 2013 15:09:07 -0700 (PDT) David Heller <daveh(at)allheller(dot)net> wrote:
>
>
> I have the following code snippet:
>
> if(in_array($name, $this->m_names))
> {
> $this->m_rules[$name][] = $rule;
> return $_SESSION[$name];
>
> }
> In the entire script there does not appear to be any assignment to the
> $_SESSION super global
> so would it be fair to say that "return $_SESSION[$name];" not only
> creates a session variable but returns it also? And what is it set
> to?? It appears to me that $_SESSION[$name] = " " or possibly
> something else. There is a bunch of $_SESSION[$somevariable]'s in the
> code I'm looking at. The only reason I care is I would like to not
> have to use any super globals at all but until I can figure out what
> the original author was doing I'm stuck. I have successfully updated
> his code (written in 2001) to work with php 5.3 but its not production
> ready as register_globals has to be on and that's not a good thing. I
> have googled and have seen no example of this type of use of $_SESSION
> or $GLOBALS either.
>
> If you need to see more code please email me directly
Presumably somewhere there is a call to session_start(), somewhere early
in the code. What happens is this:
When session_start() is called, a check is made for a certain cookie
(PHPSESSID I think, something like that). If this cookie does not
exist, then $_SESSION gets set to array(), like this pseudo code:
if (cookie_not_found('PHPSESSID')) {
$_SESSION = array();
}
Otherwise, the PHPSESSID contains an encoding of an array of values and
this array is assigned to $_SESSION in session_start().
So, the pseudo code for session_start() is something like:
function session_start() {
if (cookie_not_found('PHPSESSID')) {
$_SESSION = array();
} else {
$_SESSION = valueOfCookie('PHPSESSID');
}
}
At some point when PHP is ready to start sending headers (eg when the
PHP code calls header() or starts sending HTML or sends a !DOCTYPE
directive), it bundles up the array of values in $_SESSION into some
sort of serialized value and includes a Set-Cookie: header associating
this serialized value with the PHPSESSID cookie. This cookie is saved
by the browser on the client machine and is sent back by the browser at
the next page access, where session_start() unpacks it into $_SESSION.
Thus the super global $_SESSION is *persistent* across pages. At least
until the cookie epires and/or the PHP code explicitly destorys it.
Most often, the $_SESSION is initializes upon a successful 'login' and
is destroyed upon 'logout'. Between the 'login' event and the 'logout'
event, the $_SESSION contains the information needed to perserve the
session, that is the state of being logged in (or whatever sort of
persistent state that is needed to be perserved). Typically, this
would be something like the username, but could be other information
(like a shopping cart).
Try this as a google search string:
php session_start
You should get a link to a page on php.net for the function
session_start function. Read the documentation there. And/or read the
section of the book I mentioned in a previous reponse.
>
>
> Thanks
>
--
Robert Heller -- 978-544-6933 / heller(at)deepsoft(dot)com
Deepwoods Software -- http://www.deepsoft.com/
() ascii ribbon campaign -- against html e-mail
/\ www.asciiribbon.org -- against proprietary attachments
|
|
|
|
| Re: Will this set or get a SESSION variable? [message #180834 is a reply to message #180828] |
Thu, 21 March 2013 00:14 |
daveh
Messages: 18
Registered: March 2013
Karma: 0
|
Junior Member |
|
|
On Mar 20, 6:53 pm, Christoph Becker <cmbecke...@gmx.de> wrote:
> David Heller wrote:
>> I have the following code snippet:
>
>> if(in_array($name, $this->m_names))
>> {
>> $this->m_rules[$name][] = $rule;
>> return $_SESSION[$name];
>
>> }
>> In the entire script there does not appear to be any assignment to the
>> $_SESSION super global
>> so would it be fair to say that "return $_SESSION[$name];" not only
>> creates a session variable but returns it also? And what is it set
>> to?? It appears to me that $_SESSION[$name] = " " or possibly
>> something else.
>
> You may check it out for yourself:
>
> if(in_array($name, $this->m_names))
> {
> $this->m_rules[$name][] = $rule;
> var_dump($_SESSION[$name]);
> return $_SESSION[$name];
>
> }
>
> If the session is not initialized or the session variable has not been
> set before, it will print NULL.
>
> You'll find comprehensive information about PHP sessions on
> <http://www.php.net/manual/en/book.session.php>.
>
> --
> Christoph M. Becker
I'm starting to think that it does not matter if its set to anything
because I think what the author is trying to do is just get what
$name contains for instance if the $name is equal to Robert and he has
something like "$anothername = Robert" and then does this:
$_SESSION[$anothername]
then the contents would be equal: $_SESSION[$name] ===
$_SESSION[$anothername] So what he is really doing is returning the
"key" to an associative array since
$name is a member of $m_names and its also a key for $m_rules. Very
clever and interesting technique of passing by value.
Dave
|
|
|
|
| Re: Will this set or get a SESSION variable? [message #180836 is a reply to message #180826] |
Thu, 21 March 2013 03:32 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 3/20/2013 6:09 PM, David Heller wrote:
>
> I have the following code snippet:
>
> if(in_array($name, $this->m_names))
> {
> $this->m_rules[$name][] = $rule;
> return $_SESSION[$name];
>
> }
> In the entire script there does not appear to be any assignment to the
> $_SESSION super global
> so would it be fair to say that "return $_SESSION[$name];" not only
> creates a session variable but returns it also? And what is it set
> to?? It appears to me that $_SESSION[$name] = " " or possibly
> something else. There is a bunch of $_SESSION[$somevariable]'s in the
> code I'm looking at. The only reason I care is I would like to not
> have to use any super globals at all but until I can figure out what
> the original author was doing I'm stuck. I have successfully updated
> his code (written in 2001) to work with php 5.3 but its not production
> ready as register_globals has to be on and that's not a good thing. I
> have googled and have seen no example of this type of use of $_SESSION
> or $GLOBALS either.
>
> If you need to see more code please email me directly
>
>
> Thanks
>
No, if the array element doesn't exist, you will get a E_NOTICE message.
Not a good way to program. Rather, you should be using isset() to
ensure the array element exists before trying to use it.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Will this set or get a SESSION variable? [message #180837 is a reply to message #180832] |
Thu, 21 March 2013 03:35 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 3/20/2013 7:39 PM, Robert Heller wrote:
> At Wed, 20 Mar 2013 15:09:07 -0700 (PDT) David Heller <daveh(at)allheller(dot)net> wrote:
>
>>
>>
>> I have the following code snippet:
>>
>> if(in_array($name, $this->m_names))
>> {
>> $this->m_rules[$name][] = $rule;
>> return $_SESSION[$name];
>>
>> }
>> In the entire script there does not appear to be any assignment to the
>> $_SESSION super global
>> so would it be fair to say that "return $_SESSION[$name];" not only
>> creates a session variable but returns it also? And what is it set
>> to?? It appears to me that $_SESSION[$name] = " " or possibly
>> something else. There is a bunch of $_SESSION[$somevariable]'s in the
>> code I'm looking at. The only reason I care is I would like to not
>> have to use any super globals at all but until I can figure out what
>> the original author was doing I'm stuck. I have successfully updated
>> his code (written in 2001) to work with php 5.3 but its not production
>> ready as register_globals has to be on and that's not a good thing. I
>> have googled and have seen no example of this type of use of $_SESSION
>> or $GLOBALS either.
>>
>> If you need to see more code please email me directly
>
> Presumably somewhere there is a call to session_start(), somewhere early
> in the code. What happens is this:
>
> When session_start() is called, a check is made for a certain cookie
> (PHPSESSID I think, something like that). If this cookie does not
> exist, then $_SESSION gets set to array(), like this pseudo code:
>
> if (cookie_not_found('PHPSESSID')) {
> $_SESSION = array();
> }
>
> Otherwise, the PHPSESSID contains an encoding of an array of values and
> this array is assigned to $_SESSION in session_start().
>
> So, the pseudo code for session_start() is something like:
>
> function session_start() {
> if (cookie_not_found('PHPSESSID')) {
> $_SESSION = array();
> } else {
> $_SESSION = valueOfCookie('PHPSESSID');
> }
> }
>
> At some point when PHP is ready to start sending headers (eg when the
> PHP code calls header() or starts sending HTML or sends a !DOCTYPE
> directive), it bundles up the array of values in $_SESSION into some
> sort of serialized value and includes a Set-Cookie: header associating
> this serialized value with the PHPSESSID cookie. This cookie is saved
> by the browser on the client machine and is sent back by the browser at
> the next page access, where session_start() unpacks it into $_SESSION.
> Thus the super global $_SESSION is *persistent* across pages. At least
> until the cookie epires and/or the PHP code explicitly destorys it.
> Most often, the $_SESSION is initializes upon a successful 'login' and
> is destroyed upon 'logout'. Between the 'login' event and the 'logout'
> event, the $_SESSION contains the information needed to perserve the
> session, that is the state of being logged in (or whatever sort of
> persistent state that is needed to be perserved). Typically, this
> would be something like the username, but could be other information
> (like a shopping cart).
>
> Try this as a google search string:
>
> php session_start
>
> You should get a link to a page on php.net for the function
> session_start function. Read the documentation there. And/or read the
> section of the book I mentioned in a previous reponse.
>
>>
>>
>> Thanks
>>
>
In correct. The session does set a cookie - but session values are set
on the server, and are independent of the client (other than the cookie
value).
It is perfectly valid to set session values AFTER the headers are sent.
What is NOT VALID is calling session_start() after the headers are
sent. The latter sends a cookie to the client - which is a header command.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Will this set or get a SESSION variable? [message #180868 is a reply to message #180834] |
Fri, 22 March 2013 14:41 |
Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma: 0
|
Senior Member |
|
|
David Heller wrote:
> On Mar 20, 6:53 pm, Christoph Becker <cmbecke...@gmx.de> wrote:
>> David Heller wrote:
>>> I have the following code snippet:
>>
>>> if(in_array($name, $this->m_names))
>>> {
>>> $this->m_rules[$name][] = $rule;
>>> return $_SESSION[$name];
>>
>>> }
>>> In the entire script there does not appear to be any assignment to the
>>> $_SESSION super global
But most certainly in at least one other PHP script on the website.
>>> so would it be fair to say that "return $_SESSION[$name];" not only
>>> creates a session variable but returns it also?
No, it would be utter nonsense to say that.
>>> And what is it set to??
That depends on what has been stored in it previously.
>>> It appears to me that $_SESSION[$name] = " " or
>>> possibly something else.
>>
>> You may check it out for yourself:
>>
>> if(in_array($name, $this->m_names))
>> {
>> $this->m_rules[$name][] = $rule;
>> var_dump($_SESSION[$name]);
>> return $_SESSION[$name];
>>
>> }
>>
>> If the session is not initialized or the session variable has not been
>> set before, it will print NULL.
As with any other PHP array when you use a non-existing key. There is
nothing special about $_SESSION here, other than it could have been
initialized, and the key-value pair could have been added, from session data
set previously, elsewhere.
>> You'll find comprehensive information about PHP sessions on
>> <http://www.php.net/manual/en/book.session.php>.
>
> I'm starting to think that it does not matter if its set to anything
> because I think what the author is trying to do is just get what
> $name contains for instance if the $name is equal to Robert and he has
> something like "$anothername = Robert" and then does this:
> $_SESSION[$anothername]
> then the contents would be equal: $_SESSION[$name] ===
> $_SESSION[$anothername]
That is trivially true and does not appear to be relevant here.
> So what he is really doing is returning the
> "key" to an associative array
Most certainly not.
> since $name is a member of $m_names
Arrays do not have members, they have elements with a key and a
corresponding value. Classes, maybe even object, have members. Arrays are
not classes or objects, in PHP.
> and its also a key for $m_rules. Very clever and interesting technique of
> passing by value.
I do not follow. What does this have to do with pass-by-value?
What this code does is:
1. Search the array $this->m_names for the element whose *value* is the
value of the variable $name. (Trivially, a name.)
2. If that value is found,
a. an element is being added to the array $this>m_rules[$name] with the
value of $rule.
b. var_dump(…); (optional)
c. The value of the element in the $_SESSION array that has the key that
is the value of $name is returned. One can assume that the $_SESSION
array at that point may contain people-specific data that has been
stored previously, and restored with start_session(). It could be an
approach at caching in a database-powered application across several
document resources. BTDT.
Thus, if the value of $name is not found in $this->m_names, none of above
will happen. Something else might happen instead in the code that follows.
Please do not quote signatures unless you explicitly refer to them.
PointedEars
--
realism: HTML 4.01 Strict
evangelism: XHTML 1.0 Strict
madness: XHTML 1.1 as application/xhtml+xml
-- Bjoern Hoehrmann
|
|
|
|
| Re: Will this set or get a SESSION variable? [message #180869 is a reply to message #180868] |
Fri, 22 March 2013 16:34 |
Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma: 0
|
Senior Member |
|
|
Thomas 'PointedEars' Lahn wrote:
> David Heller wrote:
>>>> It appears to me that $_SESSION[$name] = " " or
>>>> possibly something else.
>>>
>>> You may check it out for yourself:
>>>
>>> if(in_array($name, $this->m_names))
>>> {
>>> $this->m_rules[$name][] = $rule;
>>> var_dump($_SESSION[$name]);
>>> return $_SESSION[$name];
>>>
>>> }
>>>
>>> If the session is not initialized or the session variable has not been
>>> set before, it will print NULL.
>
> As with any other PHP array when you use a non-existing key. There is
> nothing special about $_SESSION here, other than it could have been
> initialized, and the key-value pair could have been added, from session
> data set previously, elsewhere.
Another difference is that apparently the $_SESSION superglobal is *created*
by session_start():
$ php -r 'var_dump($_SESSION["foo"]);'
PHP Notice: Undefined variable: _SESSION in Command line code on line 1
PHP Stack trace:
PHP 1. {main}() Command line code:0
NULL
$ php -r 'session_start(); var_dump($_SESSION["foo"]);'
PHP Notice: Undefined index: foo in Command line code on line 1
PHP Stack trace:
PHP 1. {main}() Command line code:0
NULL
$ php -r 'var_dump($a["foo"]);'
PHP Notice: Undefined variable: a in Command line code on line 1
PHP Stack trace:
PHP 1. {main}() Command line code:0
NULL
$ php -r '$a = array(); var_dump($a["foo"]);'
PHP Notice: Undefined index: foo in Command line code on line 1
PHP Stack trace:
PHP 1. {main}() Command line code:0
NULL
$ php -r '$a = array("foo" => "bar"); var_dump($a["foo"]);'
string(3) "bar"
$ php -v
PHP 5.3.3-7+squeeze15 with Suhosin-Patch (cli) (built: Mar 4 2013 14:05:25)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
with XCache v1.3.0, Copyright (c) 2005-2009, by mOo
with Xdebug v2.1.0, Copyright (c) 2002-2010, by Derick Rethans
with Suhosin v0.9.32.1, Copyright (c) 2007-2010, by SektionEins GmbH
PointedEars
--
Danny Goodman's books are out of date and teach practices that are
positively harmful for cross-browser scripting.
-- Richard Cornford, cljs, <cife6q$253$1$8300dec7(at)news(dot)demon(dot)co(dot)uk> (2004)
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]