$_SUPERGLOBALS['!!'] = $_SESSION['confusion'];

luds

Call me silly.. but after 2 hours of trawling through previous posts I'm gonna have to ask a question that many of you have probably answered millions of times before!!

As I understand it, if I use the superglobal arrays, I:

Don't start each page with session_start();
have trans-sid and session-auto-start turned off;
[/list=1]

THe problem is that I've misunderstood something here, as variables aren't being passed!

Index.php page is ok. I have a function, check_valid_user() which displays the user status ...
```
function check_valid_user()
// see if somebody is logged in and notify them if not
{

  global $_SESSION;
  if (isset($_SESSION['valid_user']))
  		{

	  echo '<h3 align="center">User Status: <br> Logged On</h3>';  
	  echo '<h3 align="center">Welcome '.$_SESSION['valid_user'].'.</h3>';
	  echo '<br />';
	}
else
	{
 				// they are not logged in 

 	echo '<h3 align="center">User Status: <br> You are not logged in.</h3><br />';
	display_login_form('login.php', 'Login');
	}  

}
```
the display_login_formm which POSTS the data to index2.php.

check_valid_user() picks up the user variable and displays the welcome message....

but.....

if I move to the next page, check_valid_user() reverts to telling the user that they are NOT logged in...

Please can someone clarify where I'm going wrong??

THanks in advance,

luds

drew010

you do still need to call session_start for sessions, but superglobals are available in all scopes, meaning global $SESSION; within functions is unnecessary as they are automatically available everywhere. the same goes for $POST, $GET, $COOKIE, $_FILES

luds

THanks drew

I've put

<?php start_session(); ?>

at the top of all my pages.... got rid of that global that you said that I didn't need.....

..but....

still no joy :¬(

It's like that variable just isn't available... even though it's a SuperGlobal one!

Sorry to be a pain, but have you any more suggestions??

thanks
luds

drew010

i think since you have trans_sid turned off you will need to either pass the session id via get, post, or cookie.
see this section of the php manual for more info on propagating the session id:
http://php.net/manual/en/ref.session.php#session.idpassing

luds

Thanks again, drew!

I'll have a look at that page.

HAve disabled trans-sid cos I thought that it was a security risk having it turned on.... but as I say... I'll read that article!

..... but!!

I could well be back!!!!

Many thanks
luds

dalecosp

Originally posted by luds
Call me silly..

If you insist ... normally we try and act decent to each other around here 😉

As I understand it, if I use the superglobal arrays, I:

Don't start each page with session_start();

have trans-sid and session-auto-start turned off;
[/list=1][/b]

Hmm, what have you been reading?

Use of the superglobal arrays has very little to do with anything you've mentioned in your list, and as you've found out, the first one is just downright wrong.... Here's a better list:

*Although the developers of PHP have found a better way to refer to session variables since register_globals="on" became deprecated/frowned upon, they still haven't found more than one old and two new(er) ways to tell PHP to use session data: either by calling session_start() during the "headers" section of a script, or by setting session.auto_start=1 in an configuration operation/file, or the old way, starting the session implicitly with session_register().

*session_register() still works, but is basically deprecated because the preferred method is calling session_start() and then assigning values directly to the superglobal SESSION array.

*In order for sessions to work, the server must be able to "stick a virtual name tag" on the client, either by sending a cookie that contains the session ID (SID), or appending the session ID to the query string automatically. If you are masochistic, you can handle the session ID yourself ....

*the most likely real danger from using "trans_sid" is that your grandmother will send your aunt a link that contains her session ID, and your aunt will be able to log in as your grandma, and read correspondance about the will, etc. 😉 If this sort of thing is a concern (and there are situations where it would be) then you should set use session.use_only_cookies instead, and put the fact that users must have cookies enabled in your site's F.A.Q. ....

luds

Thanks Dalecosp,

That's cleared a few more questions that I had and made the Sessions issue clearer in my mind :¬)

Thanks to you, and drew, my sessions now appear to be passing those lovely variables from page to page!!

luds