johnnyk Posted July 6, 2006 Share Posted July 6, 2006 How reliable would you say session_is_registered() is? Are there any times when it will not work as expected? What if the browser disables cookies, would it still work?Also, is it better practice to do:[code]if(!session_is_registered('session') && isset($_POST['a']) && isset($_POST['b'])){ echo "<p class=\"left\"> echo "Invalid submission"; echo "</p>";}elseif(session_is_registered('session') && isset($_POST['a']) && isset($_POST['b'])){//process}else{//display form}[/code]or is using something like the following fine (same thing without first if):[code]if(session_is_registered('session') && isset($_POST['a']) && isset($_POST['b'])){//process}else{//display form}[/code]Other than the fact that they're not gonna get the "Invalid submission" echo, is there anything wrong or unsecure about doing it the second way? Link to comment https://forums.phpfreaks.com/topic/13851-session_is_registered/ Share on other sites More sharing options...
.josh Posted July 6, 2006 Share Posted July 6, 2006 if your elseif is the exact opposite of your if statement, then your else will never execute, because making your elseif statement the exact opposite is the same as simply doing 'else'. Now, your first if, and your elseif aren't the same exact conditions, but it depends on your script and what you are wanting it to do, whether you should use all 3. Do you want it to do 3 different things here? that is, do you want it to do method 'a' if there is not a registered session, but there is a post 'a' and post 'b', and if that's not true, then do method 'b' if there [b]is[/b] a registered session and posta and postb, and if that's not true either, then do method 'c' ? Link to comment https://forums.phpfreaks.com/topic/13851-session_is_registered/#findComment-53904 Share on other sites More sharing options...
johnnyk Posted July 6, 2006 Author Share Posted July 6, 2006 Yeah that's what I'm doing. The else should execute if a or b or both are not posted, regardless of the session. Link to comment https://forums.phpfreaks.com/topic/13851-session_is_registered/#findComment-53912 Share on other sites More sharing options...
.josh Posted July 6, 2006 Share Posted July 6, 2006 okay then you'd want to structure it like this:if($_POST) { if(sessionstuff) { }} else { echo form} Link to comment https://forums.phpfreaks.com/topic/13851-session_is_registered/#findComment-53914 Share on other sites More sharing options...
johnnyk Posted July 6, 2006 Author Share Posted July 6, 2006 What's wrong with the way I had it?Also, back to my first question, how reliable is session_is_register() and does it depend on cookie settings? Link to comment https://forums.phpfreaks.com/topic/13851-session_is_registered/#findComment-53970 Share on other sites More sharing options...
wildteen88 Posted July 6, 2006 Share Posted July 6, 2006 No. session_is_register checks whether the session name has been set within the session file. However the session itself does depend cookies, but if cookies are disabled PHP will attempt to place the SESSID in the url instead.Also session_is_register is becoming a depreciated function. Instead you can use something like the following:[code=php:0]if(isset($_SESSION['sess_name'])){ //do something}[/code] Link to comment https://forums.phpfreaks.com/topic/13851-session_is_registered/#findComment-53986 Share on other sites More sharing options...
johnnyk Posted July 6, 2006 Author Share Posted July 6, 2006 So if I set .htaccess to only use cookies on PHP sessions, and a use has disabled cookies, it won't work?Without that line in .htaccess, it always puts it in the URL. How would I set .htaccess to try cookies first then try URL? Link to comment https://forums.phpfreaks.com/topic/13851-session_is_registered/#findComment-54019 Share on other sites More sharing options...
smith.james0 Posted July 7, 2006 Share Posted July 7, 2006 [quote author=johnnyk link=topic=99664.msg392688#msg392688 date=1152207333]So if I set .htaccess to only use cookies on PHP sessions, and a use has disabled cookies, it won't work?Without that line in .htaccess, it always puts it in the URL. How would I set .htaccess to try cookies first then try URL?[/quote]I am interested in the use of .htaccess with sessions. What you code would you use to do this?James Link to comment https://forums.phpfreaks.com/topic/13851-session_is_registered/#findComment-54448 Share on other sites More sharing options...
wildteen88 Posted July 7, 2006 Share Posted July 7, 2006 The gernal syntax to change a PHP setting would be this:[code]php_flag [setting_name] [value][/code]For example if you want to turn off register_globals you can use this:[code]php_flag register_globals Off[/code] Link to comment https://forums.phpfreaks.com/topic/13851-session_is_registered/#findComment-54483 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.