Jump to content
iwato

$_SESSION and $_GET Variable Assignment

Recommended Posts

BACKGROUND:  In the past I have retrieved an HTTPRequest via the $_GET superglobal, used the data from the superglobal to access a MySQL database, and from the thus retrieved data, generated an array of parameter values that I then assigned to a local array.  This local array was then assigned to a $_SESSION variable where it was used for other purposes.  This time, I would like to make the routing of data less circuitous.

QUESTION:  Does the following expression make sense?

$_SESSION = $_GET;

Roddy

Share this post


Link to post
Share on other sites

That expression copies the data from $_GET to the session. It has drawback of overwriting all the rest of the data you may have had in the session previously. Instead, you can create a session variable just for the GET data.

$_SESSION['parameters'] = $_GET;

If you're doing a query with the GET data and want the query result on multiple pages then it would be far more efficient to store the query results in the session instead of the GET parameters.

  • Like 1

Share this post


Link to post
Share on other sites

I understand what I am doing wrong, but I am not sure what I should be doing that is right.  What I do understand is that I should assign the $_GET variables to the $_SESSION global?  What i do not understand is how these are read into the $_SESSION global.

For example, say I have a $_GET global with two key-value pairs:  $_GET[ 'letter_no' ] = 1 and $_GET[ 'username' ] = 'JSG'.  Say further that I have a $_SESSION global with the value $_SESSION[ 'current_state' ] = 0.

How would I go about establishing the following?

$current_state =  $_SESSION[ 'current_state' ] ;  echo $current_state;  // 0

$letter_no = $_SESSION[ 'letter_no' ]; echo $letter_no; // 1

$username = $_SESSION[ 'username' ]; echo $username; // JSG

Roddy

 

Share this post


Link to post
Share on other sites

Yes, this works, but I discovered that once the $_SESSION variable has been merged it overrides its previous value -- this, despite that the absence of a session_start() function at the time of implementation.  In summary, the following code

				$_SESSION['status'] = 0;
				print_r($_SESSION); echo '<br />';
				$_GET['letter_no'] = 1;
				$_GET['username'] = JSG;
				print_r($_GET); echo '<br />';
				$_SESSION = array_merge($_SESSION, $_GET);
				print_r($_SESSION);

results in 

Array ( [letter_no] => 1 [status] => 0 [username] => JSG ) 
Array ( [letter_no] => 1 [username] => JSG ) 
Array ( [letter_no] => 1 [status] => 0 [username] => JSG )

when I was expecting to see

Array ( [status] => 0 ) 
Array ( [letter_no] => 1 [username] => JSG ) 
Array ( [letter_no] => 1 [status] => 0 [username] => JSG )

How do you explain this?

Roddy

Share this post


Link to post
Share on other sites

OK.  Then, we return to the same question that I had long ago and whose answer I never truly found.  To what refers a $_SESSION variable anyway?

  1. All the pages of a particular domain in the same browser window of the same browser session?
  2. All the pages of a particular domain in any browser window of the same browser session?
  3. All the pages of any domain in the same browser window of the same browser session?
  4. All the pages of any domain in any browser window of the same browser session?

By browser session I mean an opened browser -- no matter the presence or absence of tabs or windows.

Roddy

Share this post


Link to post
Share on other sites

Every time the user opens a page on your website, they send cookies belonging to your domain. Aside from being the program that sends the session cookie, the browser is irrelevant to how sessions work. The browser does not know what a session is, it just sends cookies. When PHP's session_start() method is called, it uses the ID provided by the session cookie, searches for data from the specified session based on that ID and stores that data into the $_SESSION variable, which is available to you. $_SESSION is just a regular array, the only difference being that its value is retained when the user changes pages.

Session restrictions are exactly the same as cookie restrictions:

  • The session expires when the session's cookie expires
  • The same session can be used every single PHP page from the domain that the cookie belongs to, including subdomains. Cookies have the option to be restricted to particular subdomains or even directories if necessary. You can set the cookie parameters using session_set_cookie_params().
  • Thanks 1

Share this post


Link to post
Share on other sites

Does merging a $_GET superglobal with a $_SESSION superglobal destroy the $_GET superglobal? Consider the following two pieces of code: one works, the other does not.  The included PHP file in both cases contains the following piece of code:
 

	if ($_SERVER["REQUEST_METHOD"] == "GET") {
		if (empty($_GET['letter_no'])) {
			$error_msg = "Please submit an edition number for the newsletter that you desire.";
		} else {
			$letter_no = filter_var($_GET['letter_no'], FILTER_VALIDATE_INT);
			...
		}
	}

THIS CODE FAILS

	if (!empty($_GET['letter_no'])) {
		session_start();
		$_SESSION = array_merge($_SESSION, $_GET['letter_no'];
		include('./newsletter/template/newsletter_generator_foreign.php');
	}

THIS CODE SUCCEEDS

	if (!empty($_GET['letter_no'])) {
		session_start();
		$_SESSION['letter_no'] = $_GET['letter_no'];
		include('./newsletter/template/newsletter_generator_foreign.php');
	}

Both sets of code receive an HTTPRequest similar to the following:

https://www.grammarcaptive.com/overview.html?letter_no=1

 

Share this post


Link to post
Share on other sites

You can't use array_merge with $_GET['letter_no'] because it's not an array. The array_merge function combines two arrays. If you want to add a scalar value to your array, you would do so the regular way: $_SESSION['key'] = $value

array_merge() does not change either of the source arrays, instead it returns a completely new array based on the inputs.

  • Thanks 1

Share this post


Link to post
Share on other sites

Oh, how silly of me.

It had been a long and exhausting day.

Thanks!

Roddy

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...