register_globals=on is your enemy. Starting with PHP version 4.2 the php.ini is set to off. What this means is that any book or tutorial that has been published before 4.2 was released is probably telling you a big lie on how to handle POST, GET, SYSTEM, SESSION, COOKIES. I know this is the case if you are using the book published by sams titles "PHP and MySQL Web Development" I know. I own the book. It does give you a good overview of the php/mysql language, but some of it is incorrect. There is a blurb in there stating that the way they are teaching you is wrong. They even reference to you that by turning register_globals=off in the php.ini is the correct way. Why they did that I don't know.
The point of my post is to be a possible reference to those wondering why they do not see thier variables after they hit the submit button. I will try and give some examples so that you will overcome your teachings of miss-information.
1. Sessions
Sessions are your friend. They allow you to preserve certain data across subsequent accesses. Which means you can transfer information from page to page. How this works is by using the session_start() function that is built into PHP. What this does is create a unique id that is sent to the clients computer in either the form of a cookie or through the URL. Please note that there has been talk of removing the method to set it from the URL.
If you are somewhat firmilar with sessions and are using session_register() this is not the best way to do it. Not only is there more code involved it also may confuse the living s@!$% out of you. There is a much easier way to do this.
Introduced into PHP 4.1 are Predefined Variables. These are a set of reserved variables that have made working with sessions and other functions as easy as simple arrays.
Using this method to set a session variable all you have to do is use the $_SESSION super global.
- Code: Select all
<?php
session_start();
$_SESSION['new_variable'] = 1;
?>
This will create a session variable that will remain untill you use session_destroy(), the user closes the browser, or the time you have specified times out. The information that is set within the $_SESSION[] can be accessed from page to page. This is good when using a shopping cart, restricting access to different pages, or even making sure that your webpage counter doesn't keep increasing when they hit the refresh button.
2. $_POST, $_GET
One of the most common problem that I see is people do not realize that they need to use these when posting a form. Just like $_SESSION this is a super global that is reserved in the PHP language. In a form tag it will have a method that you would like to use to post information if you use a post method your information will be contained in the $_POST variable as an array. If you use a GET method it will be in the $_GET variable once again as an array. Below is an example on how you would use this with a POST method form and a $_SESSION['error'].
- Code: Select all
<?php
session_start();
if(isset($_POST['submit']))
{
if(empty($_POST['post_firstname']) || empty($_POST['post_lastname']) ||
empty($_POST['post_email']))
{
$_SESSION['error'] = '<strong>You must enter all information</strong>';
}
else
{
echo 'First Name: '.$_POST['post_firstname'].'<br>';
echo 'Last Name: '.$_POST['post_lastname'].'<br>';
echo 'Email Address: '.$_POST['post_email'].'<br>';
exit;
}
}
if(!empty($_SESSION['error']))
{
echo $_SESSION['error'];
$_SESSION['error'] ='';
}
?>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
First Name: <input type="text" name="post_firstname"
<?php if(!empty($_POST['post_firstname'])) echo 'value="'.$_POST['post_firstname'].'"';?>><br>
Last Name: <input type="text" name="post_lastname"
<?php if(!empty($_POST['post_lastname'])) echo 'value="'.$_POST['post_lastname'].'"';?>><br>
Email: <input type="text" name="post_email"
<?php if(!empty($_POST['post_email'])) echo 'value="'.$_POST['post_email'].'"';?>><br>
<input type="submit" name="submit" value="submit">
</form>
</body>
</html>
That is a simple post form that when submitted it will check to see if there is actually information inputted into the text boxes and error out if any one of them is blank.
Conclusion
I wanted this post to be a little longer. I did not cover $_SERVER, or $_ENV super global but you can follow some of the links I put in there and find some good information. I hope this has helped to shed some light a little. If there are errors in my code please let me know. This post was kinda on the fly so I have not actually tested the code. I may have missed a ; here or there so if the code don't work right out the box look for that. Peace out.
NOTE: if you want to put this as a sticky post please do so more people will see it and might save some repeat posts.
