Do you have a question? Post it now! No Registration Necessary. Now with pictures!
July 3, 2005, 2:33 pm
rate this thread
I have started to study sessions and as I understood it works in the
Let us consider two files first.php and second.php. By clicking on a
link in the file first.php user pass to the file second.php. We want
PHP programs in second.php can see values of variables which (values)
have been set in the first.php. It can be done in the following way:
·Both files have to start with session_start();.
·Variables whose values are set in the first.php and have to be
seen in the second.php have to be declared as session_register(
"variable_name" ); (before value of variable is set).
·In the place in first.php where we make link to second.php we
need to write second.php?.SID (instead of second.php). In this case
values of variables can be passed from first.php to second.php even if
user prohibits saving cookies.
As I understood it is better to replace SID by strip_tags(SID). In this
case one can avoid an XSS related attack. But I do not know what is
this attack and what strip_tags does.