Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

session variable and NS

Status
Not open for further replies.
inusrat

inusrat

Programmer
Feb 28, 2004
308
CA
Hi,

I am setting a session variable, it is working fine both on IE and NS. But on NS when I go to a page using the following

<script language="JavaScript">
location.href="</script>

i get error on the "orderapproval" page saying "Undefined index: id"


But if i go to the page "orderaproval"manual through link i do not get any error


<?php
echo "<td><A HREF=orderapproval.php>Continue Shopping</a></td>";
?>

the problem is only on NS, i wonder what is going on..

Thanks



 
Sort by date Sort by votes
It more then likely has something to do with the session being lost as in the manual link you are using a relative link and in javascript you are using an absolute link. try changing the javascript to location.href="orderapproval.php
 
Upvote 0 Downvote
ps.
when using href or form submit, it might be good to do it like this:

Code: 
<a href="orderapproval.php?<?=SID?>"></a>

Olav Alexander Mjelde
Admin & Webmaster
 
Upvote 0 Downvote
Thanks, I am little confused. In my case i set two session variables. One is called id and other is called profileid

In this situation how exactly my href syntax will look like.

<a href="orderapproval.php?<?=id&profileid?>"></a> ????


I think i got it all wrong

thanks

 
Upvote 0 Downvote
DaButcher:
Why should one pass the session variables in the href? Isn't the idea of session variables that they are invisible and don't need to be passed?

--Chessbot

"See the TURTLE of enormous girth!"
-- Stephen King, The Dark Tower series
 
Upvote 0 Downvote
I am doing something like this on my home page

A.
if(!isset($_SESSION["id"]))
{
$cart_id = md5(uniqid(rand()));

$_SESSION['id'] = $cart_id;
}


B.
later when i need to use it I I do
$sessionid = $_SESSION['id'];

I did not know that it will automatically set the session id.

How will retrive that session id value?, something that I am doing in "B"




 
Upvote 0 Downvote
chessbot

The answer is, it depends. There are security holes and gaps if you pass the session id in the url (like users passing it around), but its no less safe than if you pass the session id in the hidden fields with POST.

The issue is that not all users allow session cookies (or have it turned on). This is an acceptable workaround, though it depends on the level of risk that your app can take without compromising the data.

Bastien

Cat, the other other white meat
 
Upvote 0 Downvote
But aren't sessions stored server-side?

--Chessbot

"See the TURTLE of enormous girth!"
-- Stephen King, The Dark Tower series
 
Upvote 0 Downvote
The session DATA is stored serverside, but a session cookie is stored on the client. (Simple way to see, open IE > Tools > Internet Options > Privacy > Advanced > "session cookie" is there

Bastien

Cat, the other other white meat
 
Upvote 0 Downvote
So what is a "session cookie", exactly? Does it have anything to do with the $_SESSION[] array? Can I access the "session data" without using a cookie?

--Chessbot

"See the TURTLE of enormous girth!"
-- Stephen King, The Dark Tower series
 
Upvote 0 Downvote
If you do not accept cookies (security on client), you need to parse the SID in the href, form action or something like that. (or sessions will not work!)

I dont think it's that insecure, since you will see your own session id, not anyone elses.

For administrative logins, etc. you can leave out the SID, if you know the users do not block the SID.

Olav Alexander Mjelde
Admin & Webmaster
 
Upvote 0 Downvote
This thread has gone slightly off topic; for continued discussion of session storage please see thread434-944936.

--Chessbot

"See the TURTLE of enormous girth!"
-- Stephen King, The Dark Tower series
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

c0deM0nK424
  • Locked
  • Question
Gutenberg Block Editor - page edits and updates not working since wp site migration
Replies
1
Views
828
spamjim
spamjim
lexer
  • Locked
  • Question
Fetching Data from Mysql and filling Inputs in a Form
Replies
0
Views
245
lexer
lexer
Gerrit Broekhuis
  • Locked
  • Question
PHP form with captcha and file upload
Replies
4
Views
406
Gerrit Broekhuis
Gerrit Broekhuis
PeDa
  • Locked
  • Question
PHP and CSS media queries 1
Replies
2
Views
607
PeDa
PeDa
lexer
  • Locked
  • Question
Php passing a variable from a dropdown list to Ajax
Replies
1
Views
271
vacunita
vacunita

Part and Inventory Search

Sponsor

Back
Top