Jump to content

session_is_registered()


johnnyk

Recommended Posts

How reliable would you say session_is_registered() is? Are there any times when it will not work as expected? What if the browser disables cookies, would it still work?

Also, is it better practice to do:
[code]
if(!session_is_registered('session') && isset($_POST['a']) && isset($_POST['b'])){
  echo "<p class=\"left\">
  echo "Invalid submission";
  echo "</p>";
}elseif(session_is_registered('session') && isset($_POST['a']) && isset($_POST['b'])){
//process
}else{
//display form
}
[/code]

or is using something like the following fine (same thing without first if):
[code]
if(session_is_registered('session') && isset($_POST['a']) && isset($_POST['b'])){
//process
}else{
//display form
}
[/code]

Other than the fact that they're not gonna get the "Invalid submission" echo, is there anything wrong or unsecure about doing it the second way?
Link to comment
Share on other sites

if your elseif is the exact opposite of your if statement, then your else will never execute, because making your elseif statement the exact opposite is the same as simply doing 'else'.  Now, your first if, and your elseif aren't the same exact conditions, but it depends on your script and what you are wanting it to do, whether you should use all 3. Do you want it to do 3 different things here? that is, do you want it to do method 'a' if there is not a registered session, but there is a post 'a' and post 'b', and if that's not true, then do method 'b' if there [b]is[/b] a registered session and posta and postb, and if that's not true either, then do method 'c' ?
Link to comment
Share on other sites

No. session_is_register checks whether the session name has been set within the session file. However the session itself does depend cookies, but if cookies are disabled PHP will attempt to place the SESSID in the url instead.

Also session_is_register is becoming a depreciated function. Instead you can use something like the following:
[code=php:0]if(isset($_SESSION['sess_name']))
{
    //do something
}[/code]
Link to comment
Share on other sites

So if I set .htaccess to only use cookies on PHP sessions, and a use has disabled cookies, it won't work?
Without that line in .htaccess, it always puts it in the URL. How would I set .htaccess to try cookies first then try URL?
Link to comment
Share on other sites

[quote author=johnnyk link=topic=99664.msg392688#msg392688 date=1152207333]
So if I set .htaccess to only use cookies on PHP sessions, and a use has disabled cookies, it won't work?
Without that line in .htaccess, it always puts it in the URL. How would I set .htaccess to try cookies first then try URL?
[/quote]

I am interested in the use of .htaccess with sessions. What you code would you use to do this?

James
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.