PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Hiermenus
DatabaseJournal
Technology Jobs

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Covalent Extends Apache 2.0 to Microsoft ASP.NET
ShopWorX - Support for Windows
PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1
Network Risk Assessment
Full-Featured, Java-Based Apache GUI

Partners & Affiliates

PHP Templates: Revisited
PHPLib and Multiple Databases
Using XML: A PHP Developer's Primer
Using PHP Error Handling
Beginning Ajax with PHP: From Novice to Professional

Re: [PHP-DEV] PHP 4.0 Bug #5783 Updated: session_register always returns true From: Albert Chin-A-Young (china <email protected>)
Date: 08/23/00

Next message: Bug Database: "[PHP-DEV] PHP 4.0 Bug #6313 Updated: Problem compiling"
Previous message: Bug Database: "[PHP-DEV] PHP 4.0 Bug #5725 Updated: Resource hog."
In reply to: Stanislav Malyshev: "Re: [PHP-DEV] PHP 4.0 Bug #5783 Updated: session_register always returns true"
Next in thread: Stanislav Malyshev: "Re: [PHP-DEV] PHP 4.0 Bug #5783 Updated: session_register always returns true"
Reply: Stanislav Malyshev: "Re: [PHP-DEV] PHP 4.0 Bug #5783 Updated: session_register always returns true"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Aug 23, 2000 at 04:51:02PM +0300, Stanislav Malyshev wrote:
> AC>> Do you see this as a problem? This makes it impossible to detect at
> AC>> runtime whether or not your saved variables will be available later.
>
> They are. That's like fiving you means to check if your head is still on
> you. If it isn't, you've in deep trouble anyway, so no need for additional
> check. Same with sessions - if it cannot save, that means session module
> is dead, and no amount of checks is going to help you anyway.

It doesn't mean the session module is dead. Say you require someone to
authenticate and prompt for login/password. If they enter the correct
login/password pair, you register a variable called "logged_in".
Future pages read the list of session variables and allow viewing of
the web pages if the $logged_in variable is present. If not, the web
pages say you must first log in. Now, how do you tell if:
1. They correctly logged in but sessions are not working
2. They went to the web page directly, bypassing the login page

Both of these errors are equivalent because session_register always
returns true.

> AC>> It seems wrong to find out later that a variable you know you tried to
> AC>> save earlier is not available. Seems to make more sense to catch the
> AC>> problem as early as possible.
>
> Like when? When sessions fails to save, it gives you a warning. If it
> didn't fail, nobody can give you any kind of indication would it fail or
> not - PHP core has no extrasensory abilities.

When does it give you a warning? session_register can return true even
through your custom session handler returns false.

-- 
albert chin (china <email protected>)
-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>

Next message: Bug Database: "[PHP-DEV] PHP 4.0 Bug #6313 Updated: Problem compiling"
Previous message: Bug Database: "[PHP-DEV] PHP 4.0 Bug #5725 Updated: Resource hog."
In reply to: Stanislav Malyshev: "Re: [PHP-DEV] PHP 4.0 Bug #5783 Updated: session_register always returns true"
Next in thread: Stanislav Malyshev: "Re: [PHP-DEV] PHP 4.0 Bug #5783 Updated: session_register always returns true"
Reply: Stanislav Malyshev: "Re: [PHP-DEV] PHP 4.0 Bug #5783 Updated: session_register always returns true"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]