Date: Wed, 1 May 2002 15:21:12 -0700 From: Nathan Kinkade <nkinkade@dsl-only.com> To: Michel Weenink <michel@weenink.com> Cc: questions@freebsd.org Subject: Re: PHP Stuff again... Message-ID: <20020501152112.28b8724a.nkinkade@dsl-only.com> In-Reply-To: <3CD063DD.60706@weenink.com> References: <009701c1f16f$740da640$0301a8c0@uminafamily.com> <3CD063DD.60706@weenink.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 01 May 2002 23:53:33 +0200 Michel Weenink <michel@weenink.com> wrote: > Christopher J. Umina wrote: > > > Thanks guys, that worked great, but there's only one problem. When I > > have --enable-track-vars on the server never picks up variable that are > > passed along in the querystring. for instance: > > > > http://216.164.225.145:81/~uminac/equipment/ > > > > In that I have a thing that describes my servers, but when I click a link > > that links to > > > > http://216.164.225.145:81/~uminac/equipment/server.php?system=sysname > > > > there is no value for $system when it's run. The whole reason I > > did --enable-track-vars is so I can run sessions, but do I have to make a > > session out of every page for this to work? If so, that's kind of stupid > > eh? Is there another way to enable sessions? > > > > You probably ran into the 'new', more secure settings. See the Release > Announcemnt for 4.1.0: http://www.php.net/release_4_1_0.php. > > You probably need $_POST or $_GET, or you can alter your php.ini to do > it the way you were used to. after you start a session with session_start(), try assigning variables to the builtin global session array $_SESSION rather than using the session_register() function. apparently this is more secure than using session_register. but be aware that in any document on which you wish to access session variables you must call session_start(), if a session doesn't exist it will create a new one, but if one is already present it will register any existing session varibles into $_SESSION. from the php manual: Use of $_SESSION (or $HTTP_SESSION_VARS with PHP 4.0.6 or less) is recommended for security and code readablity. With $_SESSION or $HTTP_SESSION_VARS, there is no need to use session_register()/session_unregister()/session_is_registered() functions. Users can access session variable like a normal variable. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020501152112.28b8724a.nkinkade>