[thelist] PHP sessions syntax

Dan Parry dan at virtuawebtech.co.uk
Sun Jul 22 07:48:11 CDT 2007

Personally I would use the $_SESSION superglobal... session_register()
requires the register_globals directive to be switched on (which can lead to
insecurity and its use isn't recommended)

The only thing to watch out for is that $_SESSION requires an explicit call
to session_start() before it can be used

Either style of quote is acceptable, either single or double; the only real
question as to which one to use depends which you think fits the string
best... If I have a string that has single quotes in it I will usually use
double quotes to encapsulate... Also, and this can be handy, double quotes
will automatically expand variables contained within them... eg:

$myvar = "this is my string";
echo "myvar says: $myvar";
echo 'myvar says: $myvar';

Will output

myvar says: this is my string
myvar says: $myvar

Non-encapsulated (ie no quotes) strings will always be assumed to be
constants... If no constant has been defined (and the error level is set low
enough) PHP will assume the unquoted string is an actual string... this is
Bad Practice (tm)



> -----Original Message-----
> From: thelist-bounces at lists.evolt.org [mailto:thelist-
> bounces at lists.evolt.org] On Behalf Of Nan Harbison
> Sent: 22 July 2007 13:25
> To: thelist at lists.evolt.org
> Subject: [thelist] PHP sessions syntax
> Hi All,
> I need to use sessions in a website I am working on. I am finding
> conflicting information on this when I google for it. One major problem
> is
> that many of the articles I have found were written in 2003 or earlier,
> and
> the books I have lying around my office are older too. (I am using PHP
> Version 4.3.11)
>  My question is how to correctly set session variables.
> I have always used:
>   session_register ('user_id');
>   session_register ('first_name');
> but now I have read you can just set session vars to something, like:
> $_SESSION["first_name"] = "Nan";
> Is the way I have always used been deprecated or can I still safely use
> it?
> Another question, do I need to use:
> ["real_name"], ['real_name'] or [real_name] - double or single quotes,
> or no
> quotes. IIRC, $HTTP_SESSION_VARS did not use quotes at all. I have seen
> single and double quotes used, but don't know if there is a difference?
> Nan
> --
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.476 / Virus Database: 269.10.12/910 - Release Date:
> 21/07/2007 15:52

More information about the thelist mailing list