Welcome to WebmasterWorld Guest from 107.22.7.35

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Session ID with Dynamic Name?

     
11:30 pm on Nov 12, 2008 (gmt 0)

5+ Year Member



Is it possible to use variables in the name of a session?

$xd = $_GET['o'];
$ox = "x$xd";
$hc = $_SESSION['$ox'];

In the above example $_GET['o'] is equal to 1 - I know $_SESSION['x1'] exists, but I cannot retrieve it using the method above. Something I'm missing?

1:23 am on Nov 13, 2008 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



$hc = $_SESSION['$ox'];

With the single quotes, PHP doesn't evaluate the variable. Either of these is fine:
$hc = $_SESSION["$ox"];
$hc = $_SESSION[$ox];

If you're not combining it with anything like you are in your second line, you don't really need the quotes.

1:42 am on Nov 13, 2008 (gmt 0)

5+ Year Member



Superb! You make the novice very happy, I thank you greatly!
8:03 pm on Jan 19, 2009 (gmt 0)

5+ Year Member



Can I set the values of $_SESSION variables the same way?

eg:


$job_id = valuefrommysqltable;
$start_time_{$job_id} = time();
$_SESSION[start_time_{$job_id}] = $start_time_{$job_id};

I want the name of the session variable to match the name of the actual variable. Would this work?

10:57 pm on Jan 21, 2009 (gmt 0)

WebmasterWorld Administrator coopster is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Welcome to WebmasterWorld, mandrill.

Did you try it? ;)
Yes, you can. But you will want to concatenate that index string (easy way is to wrap it in double quotation marks):

$_SESSION["start_time_{$job_id}"] = $start_time_{$job_id};
11:02 pm on Jan 21, 2009 (gmt 0)

5+ Year Member



Be careful doing this if you're using $_GET values. I'm not sure if you're storing anything important in the $_SESSION, but if you have

echo $_SESSION[$_GET['o']];

and the user types ?o=master_password_of_all_passwords

you're going to echo $_SESSION['master_password_of_all_passwords'];

and that just looks dangerous :-o

Anyway, I hope you get my point.. I would make sure you validate any user input first.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month