Jump to content


Photo

session_is_registered()


  • Please log in to reply
8 replies to this topic

#1 johnnyk

johnnyk
  • Members
  • PipPipPip
  • Advanced Member
  • 126 posts

Posted 06 July 2006 - 03:09 PM

How reliable would you say session_is_registered() is? Are there any times when it will not work as expected? What if the browser disables cookies, would it still work?

Also, is it better practice to do:
if(!session_is_registered('session') && isset($_POST['a']) && isset($_POST['b'])){
   echo "<p class=\"left\">
   echo "Invalid submission";
   echo "</p>";
}elseif(session_is_registered('session') && isset($_POST['a']) && isset($_POST['b'])){
//process
}else{
//display form
}

or is using something like the following fine (same thing without first if):
if(session_is_registered('session') && isset($_POST['a']) && isset($_POST['b'])){
//process
}else{
//display form
}

Other than the fact that they're not gonna get the "Invalid submission" echo, is there anything wrong or unsecure about doing it the second way?
Rediscover the Web:
<a href="http://www.spreadfir...;t=219"></a><br />

#2 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 06 July 2006 - 03:15 PM

if your elseif is the exact opposite of your if statement, then your else will never execute, because making your elseif statement the exact opposite is the same as simply doing 'else'.  Now, your first if, and your elseif aren't the same exact conditions, but it depends on your script and what you are wanting it to do, whether you should use all 3. Do you want it to do 3 different things here? that is, do you want it to do method 'a' if there is not a registered session, but there is a post 'a' and post 'b', and if that's not true, then do method 'b' if there is a registered session and posta and postb, and if that's not true either, then do method 'c' ?
Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#3 johnnyk

johnnyk
  • Members
  • PipPipPip
  • Advanced Member
  • 126 posts

Posted 06 July 2006 - 03:24 PM

Yeah that's what I'm doing. The else should execute if a or b or both are not posted, regardless of the session.
Rediscover the Web:
<a href="http://www.spreadfir...;t=219"></a><br />

#4 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 06 July 2006 - 03:28 PM

okay then you'd want to structure it like this:

if($_POST) {
  if(sessionstuff) { }
} else {
  echo form
}

Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#5 johnnyk

johnnyk
  • Members
  • PipPipPip
  • Advanced Member
  • 126 posts

Posted 06 July 2006 - 04:32 PM

What's wrong with the way I had it?

Also, back to my first question, how reliable is session_is_register() and does it depend on cookie settings?
Rediscover the Web:
<a href="http://www.spreadfir...;t=219"></a><br />

#6 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 06 July 2006 - 04:46 PM

No. session_is_register checks whether the session name has been set within the session file. However the session itself does depend cookies, but if cookies are disabled PHP will attempt to place the SESSID in the url instead.

Also session_is_register is becoming a depreciated function. Instead you can use something like the following:
if(isset($_SESSION['sess_name']))
{
    //do something
}


#7 johnnyk

johnnyk
  • Members
  • PipPipPip
  • Advanced Member
  • 126 posts

Posted 06 July 2006 - 05:35 PM

So if I set .htaccess to only use cookies on PHP sessions, and a use has disabled cookies, it won't work?
Without that line in .htaccess, it always puts it in the URL. How would I set .htaccess to try cookies first then try URL?
Rediscover the Web:
<a href="http://www.spreadfir...;t=219"></a><br />

#8 smith.james0

smith.james0
  • Members
  • PipPipPip
  • Advanced Member
  • 122 posts

Posted 07 July 2006 - 04:46 PM

So if I set .htaccess to only use cookies on PHP sessions, and a use has disabled cookies, it won't work?
Without that line in .htaccess, it always puts it in the URL. How would I set .htaccess to try cookies first then try URL?


I am interested in the use of .htaccess with sessions. What you code would you use to do this?

James

#9 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 07 July 2006 - 06:03 PM

The gernal syntax to change a PHP setting would be this:
php_flag [setting_name] [value]
For example if you want to turn off register_globals you can use this:
php_flag register_globals Off





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users