NYCPHP Meetup

NYPHP.org

[nycphp-talk] Passing Objects Via Session in PHP 4

Phillip Powell phillip.powell at adnet-sys.com
Mon Sep 27 11:58:02 EDT 2004 

Isn't it a bit dangerous to pass an object not-serialized into a 
session?  Just an observation.

Phil

Joseph Crawford wrote:

>OMG dan i apoligise i cant believe i missed that on LOL
>
>
>On Mon, 27 Sep 2004 09:23:46 -0500, Dan Cech <dcech at phpwerx.net> wrote:
>  
>
>>Hi Joe,
>>
>>I seem to recall some comment about 'i understand the use of sessions
>>thanks' a little while ago, but I'll help you out anyway.
>>
>>You need to change the second if statement in your getObject function.
>>It should read:
>>
>>function &getObject($class) {
>>   if (!isset($_SESSION['objects'])) {
>>     $_SESSION['objects'] = array();
>>   }
>>
>>   if (!isset($_SESSION['objects'][$class])) {
>>     $_SESSION['objects'][$class] =& new $class;
>>   }
>>
>>   return $_SESSION['objects'][$class];
>>}
>>
>>Dan
>>
>>
>>
>>Joseph Crawford wrote:
>>    
>>
>>>can anyone explain why this is not working?  i have done passing
>>>objects via session before and i remember that the object class file
>>>had to be included before the session_start for it to work, but this
>>>doesnt seem to be working, i mean i have it set $db->test = 'page 1';
>>>on page 1 and provide a link to page 2, but it doesnt seem to retain
>>>the value for $test from page to page. :(
>>>
>>><?php
>>>
>>>// we will do our own error handling
>>>error_reporting(0);
>>>
>>>// include the const.php file that holds all the necessary constants
>>>include_once('const.php');
>>>
>>>include_once('class/mysql.class.php');
>>>include_once('class/template.class.php');
>>>
>>>session_start();
>>>
>>>function &getObject($class) {
>>>      if (!isset($_SESSION['objects'])) {
>>>              $_SESSION['objects'] = array();
>>>      }
>>>
>>>      if (!isset($_SESSION['_singleton'][$class])) {
>>>              $_SESSION['objects'][$class] =& new $class;
>>>      }
>>>
>>>      return $_SESSION['objects'][$class];
>>>}
>>>
>>>$tpl = &getObject('template');
>>>
>>>// user defined error handling function
>>>// taken from the example on http://us2.php.net/errorfunc
>>>function myErrorHandler($errno, $errmsg, $filename, $linenum, $vars)
>>>{
>>>      global $tpl;
>>>      // timestamp for the error entry
>>>      $dt = date("Y-m-d H:i:s (T)");
>>>
>>>      // define an assoc array of error string
>>>      // in reality the only entries we should
>>>      // consider are E_WARNING, E_NOTICE, E_USER_ERROR,
>>>      // E_USER_WARNING and E_USER_NOTICE
>>>      $errortype = array (
>>>      E_ERROR          => "Error",
>>>      E_WARNING        => "Warning",
>>>      E_PARSE          => "Parsing Error",
>>>      E_NOTICE          => "Notice",
>>>      E_CORE_ERROR      => "Core Error",
>>>      E_CORE_WARNING    => "Core Warning",
>>>      E_COMPILE_ERROR  => "Compile Error",
>>>      E_COMPILE_WARNING => "Compile Warning",
>>>      E_USER_ERROR      => "User Error",
>>>      E_USER_WARNING    => "User Warning",
>>>      E_USER_NOTICE    => "User Notice",
>>>      E_STRICT          => "Runtime Notice"
>>>      );
>>>      // set of errors for which a var trace will be saved
>>>      $user_errors = array(E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE);
>>>
>>>      $err = "<errorentry>\n";
>>>      $err .= "\t<datetime>" . $dt . "</datetime>\n";
>>>      $err .= "\t<errornum>" . $errno . "</errornum>\n";
>>>      $err .= "\t<errortype>" . $errortype[$errno] . "</errortype>\n";
>>>      $err .= "\t<errormsg>" . $errmsg . "</errormsg>\n";
>>>      $err .= "\t<scriptname>" . $filename . "</scriptname>\n";
>>>      $err .= "\t<scriptlinenum>" . $linenum . "</scriptlinenum>\n";
>>>
>>>      if (in_array($errno, $user_errors)) {
>>>              $err .= "\t<vartrace>" . wddx_serialize_value($vars, "Variables") .
>>>"</vartrace>\n";
>>>      }
>>>      $err .= "</errorentry>\n\n";
>>>
>>>      // for testing
>>>      // echo $err;
>>>
>>>      // save to the error log, and e-mail me if there is a critical user error
>>>      error_log($err, 3, "D:/htdocs/NYPHPCode/error.log");
>>>      if ($errno == E_USER_ERROR) {
>>>              mail("jcrawford at codebowl.com", "Critical User Error", $err);
>>>              $tpl->display('error.tpl');
>>>      }
>>>}
>>>$old_error_handler = set_error_handler("myErrorHandler");
>>>
>>>
>>>?>
>>>
>>>      
>>>
>>_______________________________________________
>>New York PHP Talk
>>Supporting AMP Technology (Apache/MySQL/PHP)
>>http://lists.nyphp.org/mailman/listinfo/talk
>>http://www.newyorkphp.org
>>
>>    
>>
>
>
>
>  
>


-- 
---------------------------------------------------------------------------------
Phil Powell
Multimedia Programmer
BPX Technologies, Inc.
#: (703) 709-7218 x107 
Fax: (703) 709-7219

More information about the talk mailing list