Don't use anything written about PHP3 and sessions if you're using PHP4 - native PHP sessions were only introduced in PHP4, so anything written for PHP3 is a 3rd-party addon which you don't need. Your code looks fine, with the exception of using the "register globals" feature. The advice you read not to use it is very sound, and you really should follow it. Not only are there serious security issues, but using 'register globals' also inevitably creates less readable, harder to maintain code. "Now where did that variable come from??". The top two things that cause problems with PHP sessions are: 1) the session id is not getting passed. 2) your session save handler isn't working. What are the values in the [Session] section of your php.ini file? Are you using cookies to pass the session id (session.use_cookies = 1)? If so, are cookies turned on in your test browser? Can you check your browser and see if the session cookie is being set (should have a name like PHPSESSID, or the value of session.name in php.ini)? If not using cookies to pass the session id, then did you compile PHP with the enable-trans-sid feature and is session.use_trans_sid = 1? (trans_sid enables PHP to automatically rewrite all local links in your pages to include the session id. Note that passing the session id via the URL is a potential security risk, cookies are preferable). If neither use_cookies nor use_trans_sid are on, then you need to pass the session id manually from page to page in the GET string of every link (including the header redirect). In fact, even if you are using the trans_sid feature PHP probably won't catch that header redirect, which might be your problem - try adding the session id to the link manually (ie header("Location: products.php?" . SID);). (the SID constant is always set to the value "name=id" where name is your PHP session name (session.name, PHPSESSID by default) and id is the session id (a random 32-character string). Also, your call to session_register is unnecessary - adding an entry to the $_SESSION array is all you need to do to register the session value. In fact, the PHP manual specifically warns against trying to use both session_register() and the $_SESSION array, so conceivably taking out the call to session_register() could fix your problem. HTH Carl On Wed, 2002-12-11 at 14:18, Tom Dell'Aringa wrote: > I've been struggling with some PHP session tutorials, and I wondered > if I could get some tips. Most of the tutorials I find seem to be for > PHP3 not 4. The one I am using the guy says not to use superglobals > due to security. Anyway, I am doing this very simple code: > > >From a simple form that has only a 'name' text field, I send it to a > process page that does this: > > <? > // start the session > session_start(); > header("Cache-control: private"); //IE 6 Fix > > // Create a new Session Value > session_register('name'); > > // Register the input with the value > $_SESSION['name'] = $name; > > header("Location: products.php"); > ?> > > I suppose $_SESSION['name'] = $name; could be $_SESSION['name'] = > $_POST['name']; as well, but I like using the globals myself. > > Then I send them to a products page, where I want to display the name > from the session to see if it is working. I do: > > // start the session > session_start(); > header("Cache-control: private"); //IE 6 Fix > > at the top of the page, then > > Hey <? echo $_SESSION['name'];?> > > in the page, and I get nothing but blanks. > > I've perused the php.net docs and they are a bit scattered without > much practical stuff..any help is appreciated. > > Tom > > > ===== > var me = tom.pixelmech.webDeveloper(); > > http://www.pixelmech.com/ > http://www.maccaws.com/ > [Making A Commercial Case for Adopting Web Standards] > > __________________________________________________ > Do you Yahoo!? > Yahoo! Mail Plus - Powerful. Affordable. Sign up now. > http://mailplus.yahoo.com > -- > * * Please support the community that supports you. * * > http://evolt.org/help_support_evolt/ > > For unsubscribe and other options, including the Tip Harvester > and archives of thelist go to: http://lists.evolt.org > Workers of the Web, evolt !