|----- Original Message -----
|From: "Logan McKinley" <[EMAIL PROTECTED]>
|To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
|Sent: Wednesday, June 18, 2003 12:51 PM
|Subject: [PHP] Strange roblems with sessions
|
|
|> what it is meant to do:
|> take a querystring set it to a session variable (outputs error if neither
|> querystring nor sesison exist) then reloads the page (to remove the
|> querystring)
|> what it (appears) to do:
|> it sets the querysting to the session, reloads the page and outputs an
|error
|> saying it doesn't have the session variable
|> if you reload the page with a querystring back in and it works as it is
|> meant to
|> <------ the code in question -------->
|> <?
|> session_start();
|> if(!isset($_SESSION['HID']) && !isset($_SERVER['QUERY_STRING']))
|> die("There was an error registering your product please call techinal
|> support at (111)-111-1111");
|> else if(!isset($_SESSION['HID']) && isset($_SERVER['QUERY_STRING']))
|> {
|> $_SESSION['HID'] = $_SERVER['QUERY_STRING'];
|> header("Location: http://localhost/PHP/registration_form.php";);
|> }
|> ?>
|> <--------------------------------->
|> I have attached the actual files if that would be of more help,
|> Thanks in advance for any help,
|> ~Logan
On Jun 18, 2003, "Kevin Stone" claimed that:
|
|
|
|Logan,
|
|When you're activating the script through the browser then
|$_SERVER['QUERY_STRING'] is always set. It is only empty or not empty. You
|should modify your conditional statements to reflect that..
|
|<?
|session_start();
|if(!isset($_SESSION['HID']) && empty($_SERVER['QUERY_STRING']))
|{
| die("There was an error registering your product please call techinal
|support at (111)-111-1111");
|}
|elseif(!isset($_SESSION['HID']) && !empty($_SERVER['QUERY_STRING']))
|{
| $_SESSION['HID'] = $_SERVER['QUERY_STRING'];
| header("Location: http://www.helpelf.com/test2.php";);
|}
|?>
|
|This is tested.
|
|HTH,
|Kevin
|
It seems to me, from this thread, and from other recently asked questions,
that people are trying to hide query strings. In this case, unless there
is a reason to do so, change the action to "POST" then you don't have to
worry about any redirecting.
<form method="POST" name="form" action="Register.php" onsubmit="return
validate(this);">
In other cases, where an <a href..> is followed, it can be turned into a
post as well:
<form name="myform" method="POST" action="validate.php">
<input type="hidden" name="secrethash"
value="Secret.HidingFromSourceCode">
<a href="javascript:void(document.myform.submit())">validate me</a></form>
Jeff
--
Registered Linux user #304026.
"lynx -source http://jharris.rallycentral.us/jharris.asc | gpg --import"
Key fingerprint = 52FC 20BD 025A 8C13 5FC6 68C6 9CF9 46C2 B089 0FED
Responses to this message should conform to RFC 1855.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
