Jump to content

$_GET stored in $_SESSION variables do not persist


Cheslia

Recommended Posts

I have searched through many forums/posts in an attempt to find an answer to this question.  Many say to make sure to include session_start(); at the beginning of your PHP page.  Others have been domain/host related resolutions.  One post even eluded to the fact that the session variable instantiated from a get does not persist, but no definitive answer was provided as they were missing their session_start(); at the beginning.  I have duplicated this in the following code, showing that my test session variable persists, but the session variable instantiated from the get does not persist.  This seems like a bug, but I need to know if there is workaround or better way to do what I'm trying to accomplish (basically passing my final destination page after going through a couple of other pages from a menu of <a href> tags).  Any assistance would be awesome as I am quickly becoming bald from pulling out my hair on this one.  Thanks.

 

index2.php --

 

<?php
/*some comments*/
session_start();
session_unset();
 
//define some variables here
 
?>
 
<!DOCTYPE HTML>
<html>
<head>
    <link rel="stylesheet" type="text/css" href="includes/style.css">
</head>
<body>
<table>
    <tr>
        <td width-"750">
        <p>
            Make a choice:<br><br>
            <a href="first_page.php?page=third_page">Get the third page after first and second pages</a><br>
            <a href="first_page.php?page=fourth_page">Get the fourth page after first and second pages</a><br>
        </p>
        </td>
    </tr>
</table>
</body>
</html>
 
first_page.php --
 
<?php
/*some comments*/
session_start();
session_unset();
 
//define some variables here
 
?>
 
<!DOCTYPE HTML>
<html>
<head>
    <link rel="stylesheet" type="text/css" href="includes/style.css">
</head>
<body>
<table>
    <tr>
        <td width-"750">
        <p>
            Make a choice:<br><br>
            <a href="first_page.php?page=third_page">Get the third page after first and second pages</a><br>
            <a href="first_page.php?page=fourth_page">Get the fourth page after first and second pages</a><br>
        </p>
        </td>
    </tr>
</table>
</body>
</html>
 
second_page.php --
 
<?php
/*some comments*/
session_start();
session_unset();
 
//define some variables here
 
?>
 
<!DOCTYPE HTML>
<html>
<head>
    <link rel="stylesheet" type="text/css" href="includes/style.css">
</head>
<body>
<table>
    <tr>
        <td width-"750">
        <p>
            Make a choice:<br><br>
            <a href="first_page.php?page=third_page">Get the third page after first and second pages</a><br>
            <a href="first_page.php?page=fourth_page">Get the fourth page after first and second pages</a><br>
        </p>
        </td>
    </tr>
</table>
</body>
</html>

 

Link to comment
Share on other sites

First, the code as I submitted it works and demonstrates the issue I have described.  The comments can be removed as they were just there to show I have no spaces before the session_start(); etc, which I have seen commented in other posts.  I have removed them in the code reposted below.  Secondly, I only unset it on the index page once so it doesn't retain another page's value and starts fresh each time you load index2.php, but it didn't matter because even with it removed, it still exhibits the problem (as demonstrated by the new code posted below). Also, the unset wouldn't explain why the test session variable works but the get instantiated one does not.  Can I ask you to try the code as posted below please before responding?  Thanks.

 

index2.php --

 

<?php
session_start();
?>
 
<!DOCTYPE HTML>
<html>
<head>
    <link rel="stylesheet" type="text/css" href="includes/style.css">
</head>
<body>
<table>
    <tr>
        <td width-"750">
        <p>
            Make a choice:<br><br>
            <a href="first_page.php?page=third_page">Get the third page after first and second pages</a><br>
            <a href="first_page.php?page=fourth_page">Get the fourth page after first and second pages</a><br>
        </p>
        </td>
    </tr>
</table>
</body>
</html>
 
 
first_page.php --
 
<?php
session_start();
 
$s=$_GET['page'];
$_SESSION['sp']=$s;
$_SESSION['test']="test123";
 
echo "s variable from get is set to " . $s . "<br>";
echo "session variable for page is set to " . $_SESSION['sp'] . "<br>";
echo "session variable for test is set to " . $_SESSION['test'] . "<br>";
 
if (isset($_POST['submit']) && !empty($_POST['submit']))
{
    header('Location: second_page.php');
}
 
?>
 
<!DOCTYPE HTML>
<html>
<head>
    <link rel="stylesheet" type="text/css" href="includes/style.css">
</head>
<body>
<table>
    <tr>
        <td width="750px">
            <form method="post" action='first_page.php'>
                <p>
                    HTML text and a select tag here for choices
                </p>
                <input type="submit" name="submit" value="Submit">
            </form>
        </td>
    </tr>
</table>
</body>
</html>
 
 
second_page.php --
 
<?php
session_start();
 
echo "session variable for page is set to " . $_SESSION['sp'] . "<br>";
echo "session variable for test is set to " . $_SESSION['test'] . "<br>";
 
if (isset($_POST['submit']) && !empty($_POST['submit']))
{
        if($_SESSION['sp']=="third_page") {
            header('Location: third_page.php');
        }
        if($_SESSION['sp']=="fourth_page") {
            header('Location: fourth_page.php');
        } else {
            header('Location: index2.php');
        }
}
 
?>
 
<!DOCTYPE HTML>
<html>
<head>
    <link rel="stylesheet" type="text/css" href="includes/style.css">
</head>
<body>
<table>
    <tr>
        <td width="750px">
            <form method="post" action='second_page.php'>
                <p>
                    HTML text and a select tag here for choices
                </p>
                <input type="submit" name="submit" value="Submit">
            </form>
        </td>
    </tr>
</table>
</body>
</html>
 
 
Edited by Cheslia
Link to comment
Share on other sites


First, the code as I submitted it works and demonstrates the issue I have described.

Except for the part where it didn't set any variables. Which are kinda required for there to be a problem with variables being set.

 

Secondly, I only unset it on the index page once so it doesn't retain another page's value and starts fresh each time you load index2.php,

According to the code you submitted, you were unsetting the session on every page.

 

Can I ask you to try the code as posted below please before responding?

No need. The problem is apparent by reading it:

<?php
session_start();
 
$s=$_GET['page'];
$_SESSION['sp']=$s;
$_SESSION['test']="test123";
The first time this page runs (from index2.php) $_GET

will be set to something. [sp] will be set to that and [test] to, obviously, its own value. The page then displays a form which points back to itself.

The second time this page runs (from said form) $_GET


will not be set. Thus [sp] will be set to null while [test] will be set again (to the same value as before).

 

If these files mirror what you're really trying to achieve then you need to pass that page/sp value in the form. Since the form is POSTing, put it in the action like

action="first_page.php?<?=htmlspecialchars(http_build_query(["page" => $_GET["page"]]))?>"
or to replicate the whole URL unchanged,

action="<?=htmlspecialchars($_SERVER["REQUEST_URI"])?>"
Link to comment
Share on other sites

By the way, now would be the right time to turn your error reporting all the way up and check the error log (for the first time ever, I assume).

 

It's also the right time to learn that assumptions must be validated. When you need to access a URL parameter or POST field, check if they're actually there, don't just assume they are.

<?php

session_start();

// is the page parameter present at all?
if (!isset($_GET['page']))
{
    http_response_code(400);
    exit('Missing URL parameter: page');
}

// is the parameter valid?
if (!ctype_digit($_GET['page']) || $_GET['page'] == 0)
{
    http_response_code(400);
    exit('Invalid URL parameter: page');
}

// *now* you're ready to put the page into the session

$_SESSION['sp'] = $_GET['page'];

Do you realize now that you were pretty much flying blind?

Link to comment
Share on other sites

First, thanks for the feedback, it is why I am posting.

 

Second, requinix - I tried both of your suggestions and they did not work.  

 

Third, Jacques1 - I appreciate the debug.  I am fairly new to more complex PHP and had not heard of the ctype_digit function previously.  But I do and have tailed the /etc/httpd/logs/error_log before <smile>.  And it does appear that the page is an invalid URL parameter, although I am not sure why.   I'm investigating using $s = isset($parsed_url['query']) ? '?' $parsed_url['query'] : '';  but I don't know if that is the right direction to pursue or if there is an easier way. 

Link to comment
Share on other sites

Ok...question....why would we use ctype_digit if my page= is not numeric?  I guess that would always fail.  What am I missing here?  

 

And it isn't that it doesn't initially get the session variable on first_page, it works fine.  It's that when you go to second_page it is no longer there, so what requinix said about redisplaying the page without the value would make sense, but his recommendations didn't work.  

Link to comment
Share on other sites

RESOLVED:

 

Thanks everyone for your assistance! 

 

It was in the form action calling the first_page again prior to the redirect to the second_page and when the form was submitted, the get was blank, which makes sense.  Here is the solution in case anyone else runs into this issue.  I've left some of the debug in place to help others as well as it helped me.  

 

index2.php --

 

    <?php

    session_start();

    ?>

    

    <!DOCTYPE HTML>

    <html>

    <head>

        <link rel="stylesheet" type="text/css" href="includes/style.css">

    </head>

    <body>

    <table>

        <tr>

            <td width-"750">

            <p>

                Make a choice:<br><br>

                <a href="first_page.php?page=third_page">Get the third page after first and second pages</a><br>

                <a href="first_page.php?page=fourth_page">Get the fourth page after first and second pages</a><br>

            </p>

            </td>

        </tr>

    </table>

    </body>

    </html>

 

first_page.php --

 

    <?php error_reporting(E_ALL); ini_set('display_errors', 1);

    session_start();

    

    // is the page parameter present at all?

    if (!isset($_GET['page']))

    {

        http_response_code(400);

        exit('Missing URL parameter: page');

    }

    

    /* is the parameter valid?  - this will fail if the page= is not all numeric

    if (!ctype_digit($_GET['page']) || $_GET['page'] == 0)

    {

        http_response_code(400);

        exit('Invalid URL parameter: page');

    }

    */

    

    

    $s=$_GET['page'];

    $_SESSION['sp']=$s;

    $_SESSION['test']="test123";

    

    echo "s variable from get is set to " . $s . "<br>";

    echo "session variable for page is set to " . $_SESSION['sp'] . "<br>";

    echo "session variable for test is set to " . $_SESSION['test'] . "<br>";

    

    if (isset($_POST['submit']) && !empty($_POST['submit']))

    {

        header('Location: second_page.php');

    }

    

    ?>

    

    <!DOCTYPE HTML>

    <html>

    <head>

        <link rel="stylesheet" type="text/css" href="includes/style.css">

    </head>

    <body>

    <table>

        <tr>

            <td width="750px">

                <form method="post" action="first_page.php?page=<?php echo $_SESSION['sp']?>">

                    <p>

                        HTML text and a select tag here for choices

                    </p>

                    <input type="submit" name="submit" value="Submit">

                </form>

            </td>

        </tr>

    </table>

    </body>

    </html>

 

second_page.php --

 

    <?php error_reporting(E_ALL); ini_set('display_errors', 1);

    session_start();

    

    echo "session variable for page is set to " . $_SESSION['sp'] . "<br>";

    echo "session variable for test is set to " . $_SESSION['test'] . "<br>";

    

    if (isset($_POST['submit']) && !empty($_POST['submit']))

    {

            if($_SESSION['sp']=="third_page") {

                header('Location: third_page.php');

            } else {

                if($_SESSION['sp']=="fourth_page") {

                    header('Location: fourth_page.php');

                } else {

                    header('Location: index2.php');

                }

            }

    

    }

    

    ?>

    

    <!DOCTYPE HTML>

    <html>

    <head>

        <link rel="stylesheet" type="text/css" href="includes/style.css">

    </head>

    <body>

    <table>

        <tr>

            <td width="750px">

                <form method="post" action="second_page.php">

                    <p>

                        HTML text and a select tag here for choices

                    </p>

                    <input type="submit" name="submit" value="Submit">

                </form>

            </td>

        </tr>

    </table>

    </body>

    </html>

 

third_page.php --

 

    <!DOCTYPE HTML>

    <html>

    <head>

        <link rel="stylesheet" type="text/css" href="includes/style.css">

    </head>

    <body>

    Congrats, you made it to the third page!

    </body>

    </html>

 

fourth_page.php --

 

    <!DOCTYPE HTML>

    <html>

    <head>

        <link rel="stylesheet" type="text/css" href="includes/style.css">

    </head>

    <body>

        Congrats, you made it to the fourth page!

    </body>

    </html>
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.