|
Posted by Jochem Maas on 04/28/05 15:45
Giulio wrote:
> As far as I know,
> it's not true you can't use session variables if register_globals is off,
> the difference is that you must acces session variables using
ALWAYS CALL session_start() BEFORE TRYING TO USE THE $_SESSION SUPERGLOBAL!
also I don't quite see the connection with register_globals, but anyway
var sent by POST/GET can be found in the $_POST and $_GET superglobal vars
> $_SESSION['variablename'], that's is an assurance that a session
> variable is a REAL session variable, and that it is not set using for
> example a faked form.
>
> hope this is a correct answer and it helps you,
>
> Giulio
>
>
> Il giorno 28/apr/05, alle 11:06 AM, Dan ha scritto:
>
>> Hi all.
>>
>> I taught myself PHP before the frenzy over register_globals.
>> After a reasonable break from the language, I'm back for more.
>>
>> I'm building a site where I'll be holding a lot of variables in memory
>> for each session. How do I do that? Apparently I can't use
>> session_register() if register_globals is turned off. I've read a
>> little about the consequences of writing bad scripts with
>> register_globals on ... I'm fine with this explanation. I agree that I
>> don't want people injecting variables into my session. What I want is
>> for ME to be able to set variables and remember them throughout the
>> session. How do I do that?
>>
>> Dan
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>>
> Cantoberon Multimedia srl
> http://www.cantoberon.it
> Tel. 06 39737052
>
Navigation:
[Reply to this message]
|