|
Posted by Ian B on 10/25/05 14:46
Hi Nicole,
Yep you would get the same result because $_session is different from
$_SESSION
PHP variables are case sensitive
As Hilarion said, you are using the old way of accessing variables.
It is better to use the format $_SESSION['country'] for a number of
reasons:
* Having started a session with session_start(), you don't need to
register any variable
* It is independent of "register_globals" - whatever this setting is,
you can always access $_SESSION['country']
* register_globals = On is dangerous because it can mask or be masked
by other variable
* register_globals = On is dangerous because users can add variables
to the query string and override stuff you thought was safe
Think of it like this:
* The first time a browser window calls session_start(), PHP goes off
to find the session variables, finds none and gives you an empty
$_SESSION array.
* You can amend $_SESSION vars by assigning values to them. If they
don't exist, they will be created.
* PHP makes sure that these values are always saved
* The next time that the same browser window calls session_start(), PHP
creates the $_SESSION array and loads the existing values, so you have
them back again.
$_SESSION vars are available from within functions
Nice and simple if you leave it at that.
With register_globals = On, PHP creates an $var for every
$_SESSION['var']. These are not available within function unless you
use "global $var", so "$var m= 27;" within a function will create a
local $var which will mask your session $var
Setting $HTTP_SESSION_VARS ["country"] = $country; means that anything
you do to $country will be done to $HTTP_SESSION_VARS ["country"] since
they are now one and the same (I think)
BUT...$country still has the same scope that any other $var has, so if
you do $HTTP_SESSION_VARS ["country"] = $country; within a function,
$country disappears when the function ends ($HTTP_SESSION_VARS
["country"] remains, though)
Simple answer: Stick with $_SESSION['country'] - it's simpler, obvious,
and a lot safer
Ian
[Back to original message]
|