Session variables - It looks like I do not understand them

[Johnain]

I have a script where I logon, kick off a session,  and set session variables ...

 

  session_start();

       

              =================  lots of code  ================

 

    $_SESSION['username'] = $_POST['uname'];

    $_SESSION['password'] = $_POST['passwd'];

    $_SESSION['stepno'] = $stepno; // Set stepno

 

 

This then lets me get to another script where I start a session and then set $stepno to 1, which works and is used later in the script successfully.

 

Later I try to update $stepno. I put my own version of a debug into it.

 

  The script says ...

 

  session_start();

       

              =================  lots of code  ================

 

echo("<p>Step ".$stepno."</p><br />");

echo(print_r($_SESSION));

$stepno = 2;

echo(print_r($_SESSION));

 

Array ( [username] => johnain [password] => b9f70cbb473c65c19063cc40e14be4c4 [stepno] => ) 1

 

Array ( [username] => johnain [password] => b9f70cbb473c65c19063cc40e14be4c4 [stepno] => ) 1

 

I have two questions

 

1. Why is the value of 1 (which is the correct value in the first print_r) outside the closing array bracket?

 

2. Why is the change of $stepno from 1 to 2 ignored so that the second print_r still shows a value of 1?

 

Is there some setting I have not made?

 

Regards

 

John

 

 

 

 

 

 

 

 

 

 

 

 

 

 

[adam291086]

2) the reason it isn't changing to 2 is because you haven't said to set the session to = 2. You are only changing the variable. if you did

 

$_SESSION['stepno'] = 2;  then it would work

 

I am unsure of what you are asking in question 1

[papaface]

Well I can answer #2.

You are setting $stepno to equal 2, not the session. You should use:

$_SESSION['stepno'] = 2; 

instead.

oops to late, again lol.

[Johnain]

I want $stepno to equal 2. I do not want to change the session number.

 

My understanding is that I have defined $stepno as session wide, so that if I alter its value in one HTML/PHP doc, it will be valid within other HTML/PHP docs within the same session.

 

regards

 

John

[revraz]

Where did you do that at?

 

 

 

My understanding is that I have defined $stepno as session wide, so that if I alter its value in one HTML/PHP doc, it will be valid within other HTML/PHP docs within the same session.

 

regards

 

John

[adam291086]

you have set $stepno as a session which will follow you around. The variable $stepno will not follow you around. I is only on that php page that you defined it.

[Johnain]

Where did you do that at?

 

 

 

My understanding is that I have defined $stepno as session wide, so that if I alter its value in one HTML/PHP doc, it will be valid within other HTML/PHP docs within the same session.

 

regards

 

John

 

$_SESSION['stepno'] = $stepno;    I understood that this would add it to the session variables and that normal chages to the values of ordinary $ variables would be used to update it session wide.

 

Is that not correct?

 

Regrds

 

John

[Johnain]

you have set $stepno as a session which will follow you around. The variable $stepno will not follow you around. I is only on that php page that you defined it.

 

Oh, then I have really misunderstood. How then can I make a variable used in one form useable in another within the same session? Do I have to write it to a table?

 

Regrds

 

John

[adam291086]

You have already done that by setting a session. Set a session with the variable value. Then you can call on that session anywhere.

 

$stepon = $_SESSION['stepon'];

echo $stepon;

 

[revraz]

use $_SESSION['stepno'] and not $stepno, unless you want to do

 

$stepno = $_SESSION['stepno']

 

and then each time you do something to $stepno, you update $_SESSION['stepno'], but that really doesn't make sense to do.

 

[adam291086]

I really do think you need to read more on session. Use php.net

[Johnain]

I really do think you need to read more on session. Use php.net

 

You are right Adam. I thoght I had grasped it, but clearly I have not. I will take your advice.

 

Regards and thanks

 

John

[PFMaBiSmAd]

Once again register_globals have caused confusion and more wasted time.

 

Any discussion/tutorial/book/code... that you saw that indicated that a program variable with the same name as the index name of a session variable would be automatically (and magically) populated with the value from the session variable, was correct if register_globals are on. But since register_globals allowed a hacker to put their own external data into a program variable that you were expecting to be set from a session variable (so that he could do things like appear to be logged in or to become an administrator...) register globals were turned off by default in php4.2 in the year 2002 to prevent this security hole.

 

Register globals have been completely eliminated in php6. So, for security reasons and so that your code will continue to work under php6, forget that you ever wanted php to automatically set a program variable from a session variable with the same name.