$_GET stored in $_SESSION variables do not persist

Cheslia · June 16, 2017

I have searched through many forums/posts in an attempt to find an answer to this question. Many say to make sure to include session_start(); at the beginning of your PHP page. Others have been domain/host related resolutions. One post even eluded to the fact that the session variable instantiated from a get does not persist, but no definitive answer was provided as they were missing their session_start(); at the beginning. I have duplicated this in the following code, showing that my test session variable persists, but the session variable instantiated from the get does not persist. This seems like a bug, but I need to know if there is workaround or better way to do what I'm trying to accomplish (basically passing my final destination page after going through a couple of other pages from a menu of <a href> tags). Any assistance would be awesome as I am quickly becoming bald from pulling out my hair on this one. Thanks.

index2.php --

<?php

/*some comments*/

session_start();

session_unset();

//define some variables here

?>

<!DOCTYPE HTML>

<html>

<head>

</head>

<body>

<table>

<tr>

<p>

Make a choice:<br><br>

<a href="first_page.php?page=third_page">Get the third page after first and second pages</a><br>

<a href="first_page.php?page=fourth_page">Get the fourth page after first and second pages</a><br>

</p>

</td>

</tr>

</table>

</body>

</html>

first_page.php --

<?php

/*some comments*/

session_start();

session_unset();

//define some variables here

?>

<!DOCTYPE HTML>

<html>

<head>

</head>

<body>

<table>

<tr>

<p>

Make a choice:<br><br>

<a href="first_page.php?page=third_page">Get the third page after first and second pages</a><br>

<a href="first_page.php?page=fourth_page">Get the fourth page after first and second pages</a><br>

</p>

</td>

</tr>

</table>

</body>

</html>

second_page.php --

<?php

/*some comments*/

session_start();

session_unset();

//define some variables here

?>

<!DOCTYPE HTML>

<html>

<head>

</head>

<body>

<table>

<tr>

<p>

Make a choice:<br><br>

<a href="first_page.php?page=third_page">Get the third page after first and second pages</a><br>

<a href="first_page.php?page=fourth_page">Get the fourth page after first and second pages</a><br>

</p>

</td>

</tr>

</table>

</body>

</html>

requinix · June 16, 2017

1. If you have a problem with code that doesn't work then you have to post that code. You can't just say "some comments" and "define some variables here".

2. When in doubt, check the documentation.

benanamen · June 16, 2017

Your problem is quite obvious. You keep unsettling the session immediately after you set it.

Cheslia · June 16, 2017

First, the code as I submitted it works and demonstrates the issue I have described. The comments can be removed as they were just there to show I have no spaces before the session_start(); etc, which I have seen commented in other posts. I have removed them in the code reposted below. Secondly, I only unset it on the index page once so it doesn't retain another page's value and starts fresh each time you load index2.php, but it didn't matter because even with it removed, it still exhibits the problem (as demonstrated by the new code posted below). Also, the unset wouldn't explain why the test session variable works but the get instantiated one does not. Can I ask you to try the code as posted below please before responding? Thanks.

index2.php --

<?php

session_start();

?>

<!DOCTYPE HTML>

<html>

<head>

</head>

<body>

<table>

<tr>

<p>

Make a choice:<br><br>

<a href="first_page.php?page=third_page">Get the third page after first and second pages</a><br>

<a href="first_page.php?page=fourth_page">Get the fourth page after first and second pages</a><br>

</p>

</td>

</tr>

</table>

</body>

</html>

first_page.php --

<?php

session_start();

$s=$_GET['page'];

$_SESSION['sp']=$s;

$_SESSION['test']="test123";

echo "s variable from get is set to " . $s . "<br>";

echo "session variable for page is set to " . $_SESSION['sp'] . "<br>";

echo "session variable for test is set to " . $_SESSION['test'] . "<br>";

if (isset($_POST['submit']) && !empty($_POST['submit']))

{

header('Location: second_page.php');

}

?>

<!DOCTYPE HTML>

<html>

<head>

</head>

<body>

<table>

<tr>

<p>

HTML text and a select tag here for choices

</p>

</form>

</td>

</tr>

</table>

</body>

</html>

second_page.php --

<?php

session_start();

echo "session variable for page is set to " . $_SESSION['sp'] . "<br>";

echo "session variable for test is set to " . $_SESSION['test'] . "<br>";

if (isset($_POST['submit']) && !empty($_POST['submit']))

{

if($_SESSION['sp']=="third_page") {

header('Location: third_page.php');

}

if($_SESSION['sp']=="fourth_page") {

header('Location: fourth_page.php');

} else {

header('Location: index2.php');

}

?>

<!DOCTYPE HTML>

<html>

<head>

</head>

<body>

<table>

<tr>

<p>

HTML text and a select tag here for choices

</p>

</form>

</td>

</tr>

</table>

</body>

</html>

requinix · June 16, 2017

First, the code as I submitted it works and demonstrates the issue I have described.

Except for the part where it didn't set any variables. Which are kinda required for there to be a problem with variables being set.

Secondly, I only unset it on the index page once so it doesn't retain another page's value and starts fresh each time you load index2.php,

According to the code you submitted, you were unsetting the session on every page.

Can I ask you to try the code as posted below please before responding?

No need. The problem is apparent by reading it:

<?php
session_start();
 
$s=$_GET['page'];
$_SESSION['sp']=$s;
$_SESSION['test']="test123";

The first time this page runs (from index2.php) $_GET

will be set to something. [sp] will be set to that and [test] to, obviously, its own value. The page then displays a form which points back to itself.

The second time this page runs (from said form) $_GET

will not be set. Thus [sp] will be set to null while [test] will be set again (to the same value as before).

If these files mirror what you're really trying to achieve then you need to pass that page/sp value in the form. Since the form is POSTing, put it in the action like

action="first_page.php?<?=htmlspecialchars(http_build_query(["page" => $_GET["page"]]))?>"

or to replicate the whole URL unchanged,

action="<?=htmlspecialchars($_SERVER["REQUEST_URI"])?>"

Jacques1 · June 16, 2017

By the way, now would be the right time to turn your error reporting all the way up and check the error log (for the first time ever, I assume).

It's also the right time to learn that assumptions must be validated. When you need to access a URL parameter or POST field, check if they're actually there, don't just assume they are.

<?php

session_start();

// is the page parameter present at all?
if (!isset($_GET['page']))
{
    http_response_code(400);
    exit('Missing URL parameter: page');
}

// is the parameter valid?
if (!ctype_digit($_GET['page']) || $_GET['page'] == 0)
{
    http_response_code(400);
    exit('Invalid URL parameter: page');
}

// *now* you're ready to put the page into the session

$_SESSION['sp'] = $_GET['page'];

Do you realize now that you were pretty much flying blind?

Cheslia · June 16, 2017

First, thanks for the feedback, it is why I am posting.

Second, requinix - I tried both of your suggestions and they did not work.

Third, Jacques1 - I appreciate the debug. I am fairly new to more complex PHP and had not heard of the ctype_digit function previously. But I do and have tailed the /etc/httpd/logs/error_log before <smile>. And it does appear that the page is an invalid URL parameter, although I am not sure why. I'm investigating using $s = isset($parsed_url['query']) ? '?' . $parsed_url['query'] : ''; but I don't know if that is the right direction to pursue or if there is an easier way.

Cheslia · June 16, 2017

Ok...question....why would we use ctype_digit if my page= is not numeric? I guess that would always fail. What am I missing here?

And it isn't that it doesn't initially get the session variable on first_page, it works fine. It's that when you go to second_page it is no longer there, so what requinix said about redisplaying the page without the value would make sense, but his recommendations didn't work.

Cheslia · June 16, 2017

RESOLVED:

Thanks everyone for your assistance!

It was in the form action calling the first_page again prior to the redirect to the second_page and when the form was submitted, the get was blank, which makes sense. Here is the solution in case anyone else runs into this issue. I've left some of the debug in place to help others as well as it helped me.

index2.php --

<?php

session_start();

?>

<!DOCTYPE HTML>

<html>

<head>

</head>

<body>

<table>

<tr>

<p>

Make a choice:<br><br>

<a href="first_page.php?page=third_page">Get the third page after first and second pages</a><br>

<a href="first_page.php?page=fourth_page">Get the fourth page after first and second pages</a><br>

</p>

</td>

</tr>

</table>

</body>

</html>

first_page.php --

<?php error_reporting(E_ALL); ini_set('display_errors', 1);

session_start();

// is the page parameter present at all?

if (!isset($_GET['page']))

{

http_response_code(400);

exit('Missing URL parameter: page');

}

/* is the parameter valid? - this will fail if the page= is not all numeric

if (!ctype_digit($_GET['page']) || $_GET['page'] == 0)

{

http_response_code(400);

exit('Invalid URL parameter: page');

}

*/

$s=$_GET['page'];

$_SESSION['sp']=$s;

$_SESSION['test']="test123";

echo "s variable from get is set to " . $s . "<br>";

echo "session variable for page is set to " . $_SESSION['sp'] . "<br>";

echo "session variable for test is set to " . $_SESSION['test'] . "<br>";

if (isset($_POST['submit']) && !empty($_POST['submit']))

{

header('Location: second_page.php');

}

?>

<!DOCTYPE HTML>

<html>

<head>

</head>

<body>

<table>

<tr>

<p>

HTML text and a select tag here for choices

</p>

</form>

</td>

</tr>

</table>

</body>

</html>

second_page.php --

<?php error_reporting(E_ALL); ini_set('display_errors', 1);

session_start();

echo "session variable for page is set to " . $_SESSION['sp'] . "<br>";

echo "session variable for test is set to " . $_SESSION['test'] . "<br>";

if (isset($_POST['submit']) && !empty($_POST['submit']))

{

if($_SESSION['sp']=="third_page") {

header('Location: third_page.php');

} else {

if($_SESSION['sp']=="fourth_page") {

header('Location: fourth_page.php');

} else {

header('Location: index2.php');

}

?>

<!DOCTYPE HTML>

<html>

<head>

</head>

<body>

<table>

<tr>

<p>

HTML text and a select tag here for choices

</p>

</form>

</td>

</tr>

</table>

</body>

</html>

third_page.php --

<!DOCTYPE HTML>

<html>

<head>

</head>

<body>

Congrats, you made it to the third page!

</body>

</html>

fourth_page.php --

<!DOCTYPE HTML>

<html>

<head>

</head>

<body>

Congrats, you made it to the fourth page!

</body>

</html>

Sign In

$_GET stored in $_SESSION variables do not persist

Recommended Posts

Cheslia

Link to comment

Share on other sites

requinix

Link to comment

Share on other sites

benanamen

Link to comment

Share on other sites

Cheslia

Link to comment

Share on other sites

requinix

Link to comment

Share on other sites

Jacques1

Link to comment

Share on other sites

Cheslia

Link to comment

Share on other sites

Cheslia

Link to comment

Share on other sites

Cheslia

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information