Mainly what my problem is, is that when I turn Register_Globals = Off, then my scripts stop working. I can't even get past the page I showed you, the login page. No errors, it's just like I didn't enter any data.
Jake McHenry Nittany Travel MIS Coordinator http://www.nittanytravel.com > -----Original Message----- > From: Chris Hubbard [mailto:[EMAIL PROTECTED] > Sent: Tuesday, October 14, 2003 9:24 PM > To: [EMAIL PROTECTED] > Subject: RE: [PHP] Sessions Question > > > Jake, > it would be helpful if we could see your code. > > That said... > > first you need to identify what information you need to track > in the sessions, and whether you're going to use php sessions > (the $_SESSIONS > array) or build your own mysql based session tracker. > > to use php sessions: > you will need some place where you set up/create the > sessions. typically this is the login page. let's assume > you'll use the login page. The logic for the login page goes > something like this: 1. present a form for logging in > (usually username/password) 2. on post, clean the posted > data (remove html, special characters, etc) 3. check the > cleaned username/password against the data in the database 4. > if the username/password is valid, create your session and > assign variables to it like this: > session_start(); //create the session > $id = session_id(); // create a unique session id > session_register("id"); // register id as a session variable > session_register("name"); // register name as a > session variable > session_register("email"); // register email as a > session variable > $_SESSION["id"] = $id; // assign the unique session id > to session array > $_SESSION["name"] = $data["name"]; // assign the > username to session array > $_SESSION["email"] = $data["email"]; // assign > additional values (after regisering them) to session array > > 5. now either redirect to your main application page, or > create another page with links to that main applicaiton page. > In either case every page where you want to use sessions has > to start with: session_start(); > > for example: > <?php > session_start(); > the rest of your code. > > 6. I recommend that you add a check to your pages to make > sure that the session is still the right one and it's intact, > something like this: if (!$_SESSION["id"]) // if no session > id, return to the login page { > header ("Refresh: 0; url=login.php"); //or > // header ("location:http://www.mydomain.com/login.php";); > }else{ > // the body of your code goes here. > } > > 7. so with all that the pages you want to access session in > should have a structure similar to: <?php session_start(); if > (!$_SESSION["id"]) { > header ("Refresh: 0; url=login.php"); > }else{ > // do all kinds of nifty time card things here > } > ?> > > > Hope this is helpful. > > Chris > > -----Original Message----- > From: Jake McHenry [mailto:[EMAIL PROTECTED] > Sent: Tuesday, October 14, 2003 4:00 PM > To: [EMAIL PROTECTED] > Subject: [PHP] Sessions Question > > > Hi everyone, > > I've been trying to set up sessions, but have been having > problems. I created an online time clock for my company using > php and a mysql database. It's everything that my boss > wanted. The only problem is, he told me today that he is > planning on selling it to our partners. The actual software > and database will reside on my server, but I will give them > their own database. > > I started designing it about 2 years ago, and the machine > that I was working on at the time had register_globals=on, so > I built my scripting around that. I didn't know much about > php at the time, but have learned an immense amount since then. > > Since a people are now going to be accessing the time clock > from outside my company, I need to turn register_globals off, > and turn sessions on. My problem is that all my variables are > declared locally in the individual files, and are being > passed by forms to $PHP_SELF, and all of the variables and > their values can be seen in the address bar. > > This never concerned me while being inside my firewall, since > it was only my employees and I. I knew what was going on. > > I've read a lot of documents on the net concerning sessions, > but still can't get it to work right. Whenever I try to go to > another page, or submit a time, it either doesn't work at > all, or it works, but the value that's in the variable is > stuck there, and I can't change it without closing the > browser and starting over. > > Can someone point me in the right direction here? > > Thanks, > Jake McHenry > Nittany Travel MIS Coordinator > http://www.nittanytravel.com > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
