Re: [PHP] Another Session Question

Mon, 09 Jun 2003 13:27:10 -0700 

So does your code work? Here's a tip: Try a simple example, like what's in
the manual, and see which method works for you. If they both work, which one
do you understand? Use that one...

---John Holmes...

----- Original Message ----- 
From: "Pushpinder Singh Garcha" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, June 09, 2003 4:23 PM
Subject: [PHP] Another Session Question


Hello all,


I have php ver 4.1.1 running with register_globals() ON on my site.  I
am trying to use sessions to maintain state during a visit to the site.
I have read thru the manual, but my mind is still cluttered with
doubts. I understand that use of the $_SESSION global array will
greatly add to the security of the site and will prevent variable
poisoning.

How do I register a session?
The manual (http://www.php.net/manual/en/print/ref.session.php) says
that there are 2 methods:

Example 1. Registering a variable with $_SESSION.
<?php
session_start();
// Use $HTTP_SESSION_VARS with PHP 4.0.6 or less
if (!isset($_SESSION['count'])) {
     $_SESSION['count'] = 0;
} else {
     $_SESSION['count']++;
}
?>

-----------------------------------------------------------------------


Example 4. Registering a variable with register_globals enabled
<?php
if (!session_is_registered('count')) {
     session_register("count");
     $count = 0;
}
else {
     $count++;
}
?>

---------------------------------------------------------

This is a snippet of the code that I am testing:
<? session_start();
require_once('../Connections/MasterStream.php');

if ( $_POST['validuser'] && ($_POST['password']) ) {
mysql_select_db($database_MasterStream, $MasterStream);
$query_Recordset1 = "SELECT * FROM `admin` WHERE `admin`.username =
"$_POST['validuser']" AND `admin`.password = "$_POST['password']"";
$Recordset1 = mysql_query($query_Recordset1, $MasterStream) or
die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);

if ($totalRows_Recordset1)
{
echo "Success!<br>";
   if(!isset($_SESSION['validuser']))
       $_SESSION['validuser'] = 0;
  else $_SESSION['validuser']++;

}

else{
echo "Please try again later<br>";
}
}
?>

Thanks in advance,
Pushpinder


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to