Jump to content

Recommended Posts

Yes for security BUT cookies live longer (if set to do so).. sessions expire when you exit the site

 

The session module cannot guarantee that the information you store in a session is only viewed by the user who created the session. You need to take additional measures to actively protect the integrity of the session, depending on the value associated with it.

 

best bet is to read up

 

see more info here

 

http://www.php.net/manual/en/features.cookies.php

http://www.php.net/manual/en/ref.session.php

Link to comment
https://forums.phpfreaks.com/topic/76920-sessions/#findComment-389469
Share on other sites

Okay because the only way I know of doing things is by sessions. Sessions were officially removed in PHP 4.2.3 but you are able to disable that by using an ini_set thing (session.bug_compat_42 & session.bug_compat_warn) So I was wondering if that did happen is thier any other way of handling user logins and stuff?

Link to comment
https://forums.phpfreaks.com/topic/76920-sessions/#findComment-389475
Share on other sites

Oh Woot! I would be really sad if sessions were removed and I think it would be really dumb for the PHP team to remove them. Ya I was just asking because Im making this site and its all run by sessions so if they got removed then I world have to rebuild my site from scratch

Link to comment
https://forums.phpfreaks.com/topic/76920-sessions/#findComment-389478
Share on other sites

Okay because the only way I know of doing things is by sessions. Sessions were officially removed in PHP 4.2.3 but you are able to disable that by using an ini_set thing (session.bug_compat_42 & session.bug_compat_warn) So I was wondering if that did happen is thier any other way of handling user logins and stuff?

 

No no thats to do with register_globals  NOT sessions as a whole

session.bug_compat_42  boolean

    PHP versions 4.2.3 and lower have an undocumented feature/bug that allows you to initialize a session variable in the global scope, albeit register_globals is disabled. PHP 4.3.0 and later will warn you, if this feature is used, and if session.bug_compat_warn is also enabled. This feature/bug can be disabled by disabling this directive.

 

basically when you try to use $_SESSION['test'] before setting it, it would of pulled from the register_globals, but as from PHP versions 4.3+ it displays a security warning.. that option turns off that warning

Link to comment
https://forums.phpfreaks.com/topic/76920-sessions/#findComment-389479
Share on other sites

personally, i do this

<?php
session_start();
$_SESSION['name'] = 'bob';
$_SESSION['time'] = time();
?>

 

read comments

<?php
// Use of session_register() is deprecated
$barney = "A big purple dinosaur.";
session_register("barney");

// Use of $_SESSION is preferred, as of PHP 4.1.0
$_SESSION["zim"] = "An invader from another planet.";

// The old way was to use $HTTP_SESSION_VARS
$HTTP_SESSION_VARS["spongebob"] = "He's got square pants.";
?> 

Link to comment
https://forums.phpfreaks.com/topic/76920-sessions/#findComment-389485
Share on other sites

So my original code was:
[code]
<?php
session_register("valid_user");
session_register("valid_password");
session_register("user_id");
session_register("va");
session_register("mode");
session_register("admn");
?>

 

And So I change it to:

<?php

$_SESSION['valid_user'] = $valid_user;

$_SESSION['valid_password] = $valid_password;

$_SESSION['user_id'] = $user_id;

$_SESSION['va'] = $va;

$_SESSION['mode'] = $mode;

$_SESSION['admn = $admn;

?>

[/code]

 

Right or Wrong?

Link to comment
https://forums.phpfreaks.com/topic/76920-sessions/#findComment-389491
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.