Schlo_50 Posted April 7, 2008 Share Posted April 7, 2008 I am working on a script which works similar to an affiliate system. When a visitor from another site clicks a link which directs to mine, I want to store the affiliate code from the URL as a session for use later in a hidden field if that visitor decided to fill out my enquiry form. The URL looks like this: http://www.my-website.co.uk/index.php?aff&&code=affiliate1 At the moment I can collect and display 'affiliate1' but when I try to set it as a session and then print it out on other pages there is nothing stored.. My code is: <?php function aff(){ $code = $_GET['code']; $_SESSION['affiliate'] = $code; print "".$_SESSION['affiliate'].""; } ?> <input name="affiliate" type="text" value="<?php aff(); ?>" /> Does anybody have any ideas? I thought what im doing would work. I have put session_start(); at the top of my index page also. Thanks in advance! Link to comment https://forums.phpfreaks.com/topic/99948-php-sessions/ Share on other sites More sharing options...
uniflare Posted April 7, 2008 Share Posted April 7, 2008 make sure session_start() is at the top of EVERY page using sessions. Also make sure that session keys are stored in cookies, if not you will have to pass the session key to each page. --- FYI: print "".$_SESSION['affiliate'].""; need only be; print $_SESSION['affiliate']; hope this helps, Link to comment https://forums.phpfreaks.com/topic/99948-php-sessions/#findComment-511082 Share on other sites More sharing options...
Cep Posted April 7, 2008 Share Posted April 7, 2008 The problem is more likely to do with your function call/function. I don't see why you are using a function for this in the first instance and secondly your not validating your GET first, very dangerous. <?php function aff() { $_SESSION['affiliate'] = $_GET['code']; } aff(); ?> <input name="affiliate" type="text" value="<?php echo $_SESSION['affiliate']; ?>" /> Link to comment https://forums.phpfreaks.com/topic/99948-php-sessions/#findComment-511084 Share on other sites More sharing options...
uniflare Posted April 7, 2008 Share Posted April 7, 2008 htmlentities should do the trick for that vulnerable $_GET variable. <input name="affiliate" type="text" value="<?php echo htmlentities($_SESSION['affiliate']); ?>" /> This vulnerability is because someone could enter javascript that could potentially damage the website as a whole. Link to comment https://forums.phpfreaks.com/topic/99948-php-sessions/#findComment-511091 Share on other sites More sharing options...
Schlo_50 Posted April 7, 2008 Author Share Posted April 7, 2008 Hmm.. I've tried the suggestions you both have made but the session doesn't appear to be storing the string 'affiliate1'. When the index page is visited from the example URL i showed you 'affiliate1' is displayed but when I go to another page of my website and print out the session again nothing is displayed.. Thanks for the feedback! Link to comment https://forums.phpfreaks.com/topic/99948-php-sessions/#findComment-511107 Share on other sites More sharing options...
Cep Posted April 7, 2008 Share Posted April 7, 2008 Show us your script, you are either 1. Calling the wrong variable 2. Un-setting the variable 3. Changing the value of the variable to a default like ="" or something Link to comment https://forums.phpfreaks.com/topic/99948-php-sessions/#findComment-511164 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.