Jump to content

Global variables

bPHP

By bPHP
in PHP Coding Help

 Share

Recommended Posts

bPHP Member

bPHP

Posted
Posted

Hi everyone! First post from many that I'm sure will come :)

 

I'm having an issue with global variables... I don't know what is the best way to do this, but I need to get certain data from the db and then store it in a variable that can be accessed by other php files until I decide to clear it... The problem is that I don't want to use $_SESSION, because I don't want it to be erased if the user clears his private data. How can I do this? I tried using $GLOBALS but with no success, for some reason if i do $GLOBALS['value'] = 'testing'; the value is only visible in the php file that wrote it, but is not visible in the other ones...

 

Thanks very much for any ideas!

Link to comment
Share on other sites
JAY6390 Newbie

JAY6390

Posted
Posted

Create a variable outside of any class and function, for instance

$var = 0;

Then when you want to set it, simply use

$GLOBALS['var'] = 'value here';

Once you've done that, you can call that variable anywhere you like using $GLOBALS['var']

If you mean you want this variable to be passed from page to page then I'm afraid the only method to do this is with sessions/cookies although as you pointed out this is not a guaranteed way of doing this

Link to comment
Share on other sites
KevinM1 Advanced Member

KevinM1

Posted
Posted

It sounds like you've designed yourself into a corner.  Some questions:

 

What is the likelihood that a user would break a session?

 

If they DID break the session, would that constitute a critical/unrecoverable error?

 

Why can't you retrieve/replace this value on demand within the other files?

Link to comment
Share on other sites
bPHP Member

bPHP

Posted
  • Author
Posted

Hi! Thanks for your answers!

 

Hmmm I don't really know what is the likelihood of someone destroying the session, but it would be a critical error if they did... The thing is that I want to avoid going to the db too much... I want to retrieve the id of the user that I have assigned to each IP:

 

I have something like:

$userIPAddress = $_SERVER['REMOTE_ADDR'];

and then "SELECT id FROM users WHERE ip = '$userIPAddress';

 

I would like to save the id in a global variable, so that I dont have to make that select every time, and I can optimize... I just had an idea though, I could use the sessions as you say, and only if the session does not exist anymore I can go again to the db... Since the likelihood might be small... I think that is what I'm going to do, would that be a good approach? Or is it a bit hacky? You saying the word 'likelihood' helped me :P

 

Thanks!

Link to comment
Share on other sites
DWilliams Member

DWilliams

Posted
Posted

Hi! Thanks for your answers!

 

Hmmm I don't really know what is the likelihood of someone destroying the session, but it would be a critical error if they did... The thing is that I want to avoid going to the db too much... I want to retrieve the id of the user that I have assigned to each IP:

 

I have something like:

$userIPAddress = $_SERVER['REMOTE_ADDR'];

and then "SELECT id FROM users WHERE ip = '$userIPAddress';

 

I would like to save the id in a global variable, so that I dont have to make that select every time, and I can optimize... I just had an idea though, I could use the sessions as you say, and only if the session does not exist anymore I can go again to the db... Since the likelihood might be small... I think that is what I'm going to do, would that be a good approach? Or is it a bit hacky? You saying the word 'likelihood' helped me :P

 

Thanks!

 

The alternative you mentioned is more of a standard way of doing things. As far as I know, there is no way to assign a server-side variable from a script that persists between executions. Even if there was a way, it would be bad design.

Link to comment
Share on other sites
bPHP Member

bPHP

Posted
  • Author
Posted 

$userIPAddress = $_SERVER['REMOTE_ADDR'];
and then "SELECT id FROM users WHERE ip = '$userIPAddress';

You realize IPs change?

 

hmmm the average user time would be half an hour... I don't think this should be an issue, if he gets a new IP he will have the new one in his next session. I'm not saving users, only while they use one part of the website.

 

The alternative you mentioned is more of a standard way of doing things. As far as I know, there is no way to assign a server-side variable from a script that persists between executions. Even if there was a way, it would be bad design.

 

Are sessions secure? Are they stored in the server or can the user make modifications in his cookies/private browser data that could pose a security risk to my site?

 

Thanks again!

Link to comment
Share on other sites
KevinM1 Advanced Member

KevinM1

Posted
Posted 

$userIPAddress = $_SERVER['REMOTE_ADDR'];
and then "SELECT id FROM users WHERE ip = '$userIPAddress';

You realize IPs change?

 

hmmm the average user time would be half an hour... I don't think this should be an issue, if he gets a new IP he will have the new one in his next session. I'm not saving users, only while they use one part of the website.

 

The alternative you mentioned is more of a standard way of doing things. As far as I know, there is no way to assign a server-side variable from a script that persists between executions. Even if there was a way, it would be bad design.

 

Are sessions secure? Are they stored in the server or can the user make modifications in his cookies/private browser data that could pose a security risk to my site?

 

Thanks again!

 

Session data is stored on the server.  The only bit that's saved on the client is a cookie with the session id.  You can change/refresh that id to prevent session fixation (session_regenerate_id).

Link to comment
Share on other sites
bPHP Member

bPHP

Posted
  • Author
Posted

Session data is stored on the server.  The only bit that's saved on the client is a cookie with the session id.  You can change/refresh that id to prevent session fixation (session_regenerate_id).

 

I guess I'll use sessions then... Sounds like a good deal.

 

IPs are also shared.  Hard-linking a user to an IP address is never a good idea.

 

How would you do it? I have an area in the website where I need to link users to something... I need to identify each user somehow because he is sending/receiving private information, even though he is not logged in or anything.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.