Jump to content

Recommended Posts

Hi everyone! First post from many that I'm sure will come :)

 

I'm having an issue with global variables... I don't know what is the best way to do this, but I need to get certain data from the db and then store it in a variable that can be accessed by other php files until I decide to clear it... The problem is that I don't want to use $_SESSION, because I don't want it to be erased if the user clears his private data. How can I do this? I tried using $GLOBALS but with no success, for some reason if i do $GLOBALS['value'] = 'testing'; the value is only visible in the php file that wrote it, but is not visible in the other ones...

 

Thanks very much for any ideas!

Link to comment
https://forums.phpfreaks.com/topic/190734-global-variables/
Share on other sites

Create a variable outside of any class and function, for instance

$var = 0;

Then when you want to set it, simply use

$GLOBALS['var'] = 'value here';

Once you've done that, you can call that variable anywhere you like using $GLOBALS['var']

If you mean you want this variable to be passed from page to page then I'm afraid the only method to do this is with sessions/cookies although as you pointed out this is not a guaranteed way of doing this

Link to comment
https://forums.phpfreaks.com/topic/190734-global-variables/#findComment-1005858
Share on other sites

It sounds like you've designed yourself into a corner.  Some questions:

 

What is the likelihood that a user would break a session?

 

If they DID break the session, would that constitute a critical/unrecoverable error?

 

Why can't you retrieve/replace this value on demand within the other files?

Link to comment
https://forums.phpfreaks.com/topic/190734-global-variables/#findComment-1005908
Share on other sites

Hi! Thanks for your answers!

 

Hmmm I don't really know what is the likelihood of someone destroying the session, but it would be a critical error if they did... The thing is that I want to avoid going to the db too much... I want to retrieve the id of the user that I have assigned to each IP:

 

I have something like:

$userIPAddress = $_SERVER['REMOTE_ADDR'];

and then "SELECT id FROM users WHERE ip = '$userIPAddress';

 

I would like to save the id in a global variable, so that I dont have to make that select every time, and I can optimize... I just had an idea though, I could use the sessions as you say, and only if the session does not exist anymore I can go again to the db... Since the likelihood might be small... I think that is what I'm going to do, would that be a good approach? Or is it a bit hacky? You saying the word 'likelihood' helped me :P

 

Thanks!

Link to comment
https://forums.phpfreaks.com/topic/190734-global-variables/#findComment-1006538
Share on other sites

Hi! Thanks for your answers!

 

Hmmm I don't really know what is the likelihood of someone destroying the session, but it would be a critical error if they did... The thing is that I want to avoid going to the db too much... I want to retrieve the id of the user that I have assigned to each IP:

 

I have something like:

$userIPAddress = $_SERVER['REMOTE_ADDR'];

and then "SELECT id FROM users WHERE ip = '$userIPAddress';

 

I would like to save the id in a global variable, so that I dont have to make that select every time, and I can optimize... I just had an idea though, I could use the sessions as you say, and only if the session does not exist anymore I can go again to the db... Since the likelihood might be small... I think that is what I'm going to do, would that be a good approach? Or is it a bit hacky? You saying the word 'likelihood' helped me :P

 

Thanks!

 

The alternative you mentioned is more of a standard way of doing things. As far as I know, there is no way to assign a server-side variable from a script that persists between executions. Even if there was a way, it would be bad design.

Link to comment
https://forums.phpfreaks.com/topic/190734-global-variables/#findComment-1006577
Share on other sites

$userIPAddress = $_SERVER['REMOTE_ADDR'];
and then "SELECT id FROM users WHERE ip = '$userIPAddress';

You realize IPs change?

 

hmmm the average user time would be half an hour... I don't think this should be an issue, if he gets a new IP he will have the new one in his next session. I'm not saving users, only while they use one part of the website.

 

The alternative you mentioned is more of a standard way of doing things. As far as I know, there is no way to assign a server-side variable from a script that persists between executions. Even if there was a way, it would be bad design.

 

Are sessions secure? Are they stored in the server or can the user make modifications in his cookies/private browser data that could pose a security risk to my site?

 

Thanks again!

Link to comment
https://forums.phpfreaks.com/topic/190734-global-variables/#findComment-1006884
Share on other sites

$userIPAddress = $_SERVER['REMOTE_ADDR'];
and then "SELECT id FROM users WHERE ip = '$userIPAddress';

You realize IPs change?

 

hmmm the average user time would be half an hour... I don't think this should be an issue, if he gets a new IP he will have the new one in his next session. I'm not saving users, only while they use one part of the website.

 

The alternative you mentioned is more of a standard way of doing things. As far as I know, there is no way to assign a server-side variable from a script that persists between executions. Even if there was a way, it would be bad design.

 

Are sessions secure? Are they stored in the server or can the user make modifications in his cookies/private browser data that could pose a security risk to my site?

 

Thanks again!

 

Session data is stored on the server.  The only bit that's saved on the client is a cookie with the session id.  You can change/refresh that id to prevent session fixation (session_regenerate_id).

Link to comment
https://forums.phpfreaks.com/topic/190734-global-variables/#findComment-1006918
Share on other sites

Session data is stored on the server.  The only bit that's saved on the client is a cookie with the session id.  You can change/refresh that id to prevent session fixation (session_regenerate_id).

 

I guess I'll use sessions then... Sounds like a good deal.

 

IPs are also shared.  Hard-linking a user to an IP address is never a good idea.

 

How would you do it? I have an area in the website where I need to link users to something... I need to identify each user somehow because he is sending/receiving private information, even though he is not logged in or anything.

Link to comment
https://forums.phpfreaks.com/topic/190734-global-variables/#findComment-1009460
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.