[PHP] question about session variables
i have a registration page called register.php if the data entered is validated correctly i call a file called thankyou.php or else validate.php presently a user after seeing the url website.com/thankyou.php if they enter the url directly in the browser as website.com/thankyou.php they can access the file, if a user accesses the file this way i would like to redirect to a page saying Direct acess to this file is not allowed previously i used sessions in register.php and also in thakyou.php and validate.php and it worked fine for some reason now it is not working the way it is supposed to i might have made some changes which i do not know previously my code in register.php was, the first few lines of register.php file = ?php ob_start(); session_start(); if(!session_is_registered(directaccess)) { session_register(directaccess); } // rest of the html and php code ob_end_flush(); ? = code in thankyou.php, the first few lines of register.php file = ?php session_start(); if(!session_is_registered(directaccess)) { header(Location: http://website.com/directaccess.html;); exit; } // rest of the html and php code ob_end_flush(); ? = NOTE = in thankyou.php i display a thank you message by retrieving the first name from register page and displaying in thankyou.php using session variables in the following way in register.php, the first few lines of register.php file = if(!session_is_registered(firstname)) { session_register(firstname ); } $_SESSION[firstname] = $ firstname; = in thankyou.php, the first few lines of register.php file = if(session_is_registered(firstname )) { echo $_SESSION[firstname]; session_unregister(firstname ); } = please advice how i should rewrite the php code in both the files(register.php and thankyou.php) so that if a user enters the url directly in the browser i can redirect to directaccess.html file thanks.
Re: [PHP] question about session variables
How are you calling thankyou.php? 1. are you -redirecting- the user to that file? --or-- 2. are you -including- that file into register.php upon a successful submission? The method you're using determines how you best secure thankyou.php from direct access. If you're redirecting, then using a session variable is what you want. If you're including, then a simple constant or variable defined in register.php can be checked and validated in thankyou.php. NOTE: use of session_register() is deprecated. After calling session_start(), just assign variables directly to $_SESSION: $_SESSION['firstname'] = 'Fred; ~Ted On 2-Jun-08, at 11:12 AM, Sudhakar wrote: i have a registration page called register.php if the data entered is validated correctly i call a file called thankyou.php or else validate.php presently a user after seeing the url website.com/thankyou.php if they enter the url directly in the browser as website.com/thankyou.php they can access the file, if a user accesses the file this way i would like to redirect to a page saying Direct acess to this file is not allowed previously i used sessions in register.php and also in thakyou.php and validate.php and it worked fine for some reason now it is not working the way it is supposed to i might have made some changes which i do not know previously my code in register.php was, the first few lines of register.php file = ?php ob_start(); session_start(); if(!session_is_registered(directaccess)) { session_register(directaccess); } // rest of the html and php code ob_end_flush(); ? = code in thankyou.php, the first few lines of register.php file = ?php session_start(); if(!session_is_registered(directaccess)) { header(Location: http://website.com/directaccess.html;); exit; } // rest of the html and php code ob_end_flush(); ? = NOTE = in thankyou.php i display a thank you message by retrieving the first name from register page and displaying in thankyou.php using session variables in the following way in register.php, the first few lines of register.php file = if(!session_is_registered(firstname)) { session_register(firstname ); } $_SESSION[firstname] = $ firstname; = in thankyou.php, the first few lines of register.php file = if(session_is_registered(firstname )) { echo $_SESSION[firstname]; session_unregister(firstname ); } = please advice how i should rewrite the php code in both the files(register.php and thankyou.php) so that if a user enters the url directly in the browser i can redirect to directaccess.html file thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Question about session
On Fri, November 11, 2005 7:09 pm, Bagus Nugroho wrote: I have session code which written WindowsXP and It wotk properly as expected, but when I'm used in Windows 2K, it got error as; Notice: Undefined index: loginMessage in C:\CentralData\forms\mainForm.php on line 65 I'am used Apache 2.0 and PHP 5.0.4. Is php.ini setting on W2K different with XP The difference is you have: E_ALL on the Win 2K box, and: E_ALL ~ E_NOTICE on the XP box. The bug is in your code in BOTH cases, but the message is being suppressed by php.ini on the XP box. Fix your code is the best answer. Changing E_ALL to just E_ALL ~ E_NOTICE is a distant second. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Question about session
I have session code which written WindowsXP and It wotk properly as expected, but when I'm used in Windows 2K, it got error as; Notice: Undefined index: loginMessage in C:\CentralData\forms\mainForm.php on line 65 I'am used Apache 2.0 and PHP 5.0.4. Is php.ini setting on W2K different with XP Thxs in advance bgs !-- .style1 {font-weight: bold} .style2 { font-size: 24px; font-weight: bold; } .style8 {color: #0066CC; font-weight: bold; font-size: 18px; } --
Re: [PHP] Question about session
There's no code. You need to put your code in the Email so we can see it...
RE: [PHP] Question about session
poblem was solved by add session_register function before $_SESSION[blablabla]; From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Sat 12-Nov-2005 09:50 To: Bagus Nugroho; php-general@lists.php.net Subject: Re: [PHP] Question about session There's no code. You need to put your code in the Email so we can see it...