Page 1 of 2 12 Last
  • Jump to page:
    #1
  1. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    830
    Rep Power
    0

    How To Label Sessions With Mysql Tbl Columns Names ?


    Php Gurus,


    Look at this code. Do you see a long list of sessions ? On my membership site project, I'm having to write or copy & paste this long list of sessions on each page like home.php, users_list.php, post.php, delete_post.php, edit_post.php, etc.
    Now, I want to cut short on the code.
    These session variables are labeled after my mysql tbl column names. Therefore, I reckon, if I write code for the script to grab the column names and then create sessions based on the column names then the code would be cut short on each page.
    I am stuck how to achieve this and so anybody's code sample would be most appreciated!

    Current lengthy code that needs shortening like the way I just described:
    PHP Code:
    <?php 

    //Required PHP Files.
    include 'config.php';
    include 
    'header.php';

    //Check if User is already logged-in or not. Get the login_check() FUNCTION to check. 
    if (login_check() === FALSE)
    {
        
    //Redirect User to Log-in Page after 2 secs.
        
    header("refresh:2; url=login.php");
        exit();
    }
    else
    {
        
    $user $_SESSION["user"];
        
        
    $id $_SESSION["id"]; 
        
    $account_activation_status $_SESSION["account_activation_status"]; 
        
    $id_video_verification_status $_SESSION["id_video_verification_status"]; 
        
    $id_video_verification_url $_SESSION["id_video_verification_url"]; 
        
    $sponsor_username $_SESSION["sponsor_username"]; 
        
    $recruits_number $_SESSION["recruits_number"]; 
        
    $on_day_number_on_7_days_wish_list $_SESSION["on_day_number_on_7_days_wish_list"]; 
        
    $primary_website_domain $_SESSION["primary_website_domain"]; 
        
    $primary_website_email $_SESSION["primary_website_email"]; 
        
    $username $_SESSION["username"]; 
        
    $first_name $_SESSION["first_name"]; 
        
    $middle_name $_SESSION["middle_name"]; 
        
    $surname $_SESSION["surname"]; 
        
    $gender $_SESSION["gender"]; 
        
    $date_of_birth $_SESSION["date_of_birth"]; 
        
    $age_range $_SESSION["age_range"]; 
        
    $religion $_SESSION["religion"]; 
        
    $education $_SESSION["education"]; 
        
    $profession $_SESSION["profession"]; 
        
    $marital_status $_SESSION["marital_status"]; 
        
    $working_status $_SESSION["working_status"]; 
        
    $home_town $_SESSION["home_town"]; 
        
    $home_borough $_SESSION["home_borough"]; 
        
    $home_city $_SESSION["home_city"]; 
        
    $home_county $_SESSION["home_county"]; 
        
    $home_region $_SESSION["home_region"]; 
        
    $home_state $_SESSION["home_state"]; 
        
    $home_country $_SESSION["home_country"]; 
        
    }

    ?>

    Here's my rough attempt but I'm stuck and drowning in the muddy puddle!

    PHP Code:
    <?php 

    //Required PHP Files.
    include 'config.php';
    include 
    'header.php';

    //Check if User is already logged-in or not. Get the login_check() FUNCTION to check. 
    if (login_check() === FALSE)
    {
        
    //Redirect User to Log-in Page after 2 secs.
        
    header("refresh:2; url=login.php");
        exit();
    }
    else
    {
        
    $sql "SHOW COLUMNS FROM browsing_histories";
    $result mysqli_query($conn,$sql);
    while(
    $row mysqli_fetch_array($result)){
        $
    $row['Field'] =  $_SESSION["$row['Field']"]."<br>";
    }

    ?>
    Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in C:\xampp\htdocs\test\grab_column_names.php on line ...

    Attempt 2
    PHP Code:
    <?php 

    //Required PHP Files.
    include 'config.php';
    include 
    'header.php';

    //Check if User is already logged-in or not. Get the login_check() FUNCTION to check. 
    if (login_check() === FALSE)
    {
        
    //Redirect User to Log-in Page after 2 secs.
        
    header("refresh:2; url=login.php");
        exit();
    }
    else
    {
        
    $sql "SHOW COLUMNS FROM browsing_histories";
    $result mysqli_query($conn,$sql);
    while(
    $row mysqli_fetch_array($result)){
        $
    $row['Field'] =  $_SESSION["\$row['Field']\"]."<br>";
    }

    ?>
    Parse error: syntax error, unexpected '>' in C:\xampp\htdocs\test\grab_column_names.php on line ...


    Remember, since the column names are like this:
    id
    username
    gender

    Then currently I got on my lengthy file, the sessions written like this:

    $id = $_SESSION["id"];
    $username = $_SESSION["username"];
    $gender = $_SESSION["gender"];

    I don't want to be writing lines of sessions like this to make the file size smaller and so need to write code so script fetches the column names and creates session variables under those fetched column names (or fetched labels or fetched fields).
    In short, on the above mentioned lengthy code, you see a variable "$id" followed by " = $_SESSION" then followed by "['id'] again. I don't want to be typing all these 'id' and so want the script to write them by grabbing the column field name since here the column field name is 'id'. You know what I want to do. And so, care to show a code sample how to do it ? I made a few attempts and no luck.
    Last edited by UniqueIdeaMan; April 4th, 2018 at 12:59 PM.
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2016
    Posts
    136
    Rep Power
    65
    The only user value that you should store in a session variable is the user id, to identify who the logged in user is. You should query on each page request for any other user data and store it in an array variable, such as $user, then reference the elements of that array variable in the rest of the code.

    This will do two things -

    1) Insure that any changes made to the user data will take effect, using the least amount of code (storing the values in session variables will require that the user logout and back in again for the values to take effect or it will take more code to modify the session variables in addition to the source data in the database table.) Keep It Simple - KISS.

    2) By storing the set of user data in an array variable (arrays are for sets of data that you will be operating on in the same/similar way), you can add or subtract pieces of data without going through EVERY place in the code and add or subtract code for every possible value. You will only have to modify the Create. Read. Update, Delete (CRUD) code dealing with the source data in the database table and the final code that uses the data (which should be using a template), not all the code in between.

    Unfortunately, the php mysqli extension that you insist on using is not conducive to fetching data as a set into an array from a prepared query (the person(s) who designed and wrote the mysqli extension had apparently never actually used php to query for and fetch data using any sort of general purpose reusable dynamic method that is used in developing applications.)

    If you are concerned about reducing the amount of code you have, switch to use the php PDO extension. This will simplify and reduce ALL the database dependent code.

    BTW - you have already been told this, but no one likes to wait around for web pages to do things. The header() redirect should be immediate, not wait 2 seconds. You have also been told to not write code testing if Boolean values are equal or not equal to TRUE/FALSE values. Boolean values exist for a reason, so that you can test them directly in logic statements.

    Comments on this post

    • UniqueIdeaMan agrees : Thanks for your suggestion number 1! As for number 2, I will have to read it a few times before it sinks in!
    Last edited by DSmabismad; April 3rd, 2018 at 04:27 AM.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2012
    Posts
    3
    Rep Power
    0
    I can't think of any healthy reason to be storing all of this information in the session to begin with. If you're going to query the database anyway, why not query the user table and get the data from there?

    As for your code, you tried...

    Code:
    $_SESSION["$row['Field']"]
    and

    Code:
    $_SESSION["\$row['Field']\"]
    You probably meant:

    Code:
    $_SESSION["{$row['Field']}"]
    But in this case, you could/should just do:

    Code:
    $_SESSION[$row['Field']]

    Comments on this post

    • UniqueIdeaMan agrees : Thanks! you are right! I meant all those but forgot that you do all that through the braces!
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    830
    Rep Power
    0
    Originally Posted by Lobe
    I can't think of any healthy reason to be storing all of this information in the session to begin with. If you're going to query the database anyway, why not query the user table and get the data from there?

    As for your code, you tried...

    Code:
    $_SESSION["$row['Field']"]
    and

    Code:
    $_SESSION["\$row['Field']\"]
    You probably meant:

    Code:
    $_SESSION["{$row['Field']}"]
    But in this case, you could/should just do:

    Code:
    $_SESSION[$row['Field']]

    Thanks mate!

    This is not really correct is it ?
    PHP Code:
    $sql "SHOW COLUMNS FROM users";
    $result mysqli_query($conn,$sql);
    while(
    $row mysqli_fetch_array($result)){
        
    $_SESSION[$row['Field']]."<br>";

    So doing this now:
    PHP Code:
    $sql "SHOW COLUMNS FROM users";
    $result mysqli_query($conn,$sql);
    while(
    $row mysqli_fetch_array($result)){
        $
    $row['Field'] = $_SESSION[$row['Field']]."<br>";

    Is it ok to have 2 $$ ?
    Remember, I want to replace these by shortening them the way I mentioned in my previous post:
    PHP Code:
        $username $_SESSION["username"]; 
        
    $first_name $_SESSION["first_name"]; 
        
    $middle_name $_SESSION["middle_name"]; 
        
    $surname $_SESSION["surname"]; 
        
    $gender $_SESSION["gender"]; 
        
    $date_of_birth $_SESSION["date_of_birth"]; 
        
    $age_range $_SESSION["age_range"]; 
        
    $religion $_SESSION["religion"]; 
        
    $education $_SESSION["education"]; 
        
    $profession $_SESSION["profession"]; 
        
    $marital_status $_SESSION["marital_status"]; 
        
    $working_status $_SESSION["working_status"]; 
        
    $home_town $_SESSION["home_town"]; 
        
    $home_borough $_SESSION["home_borough"]; 
        
    $home_city $_SESSION["home_city"]; 
        
    $home_county $_SESSION["home_county"]; 
        
    $home_region $_SESSION["home_region"]; 
        
    $home_state $_SESSION["home_state"]; 
        
    $home_country $_SESSION["home_country"]; 
    I am getting this error:

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: date_&_time in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: account_activation_code in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: id_verification_video_file_url in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: password in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: passport_size_photoh_image in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: title in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: skin_complexion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: height in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: weight in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: sexual_orientation in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: bio in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Array to string conversion in C:\xampp\htdocs\test\grab_column_names.php on line 22



    Do you reckon my code was ok ? Ok, I am getting error about undefined index but that is likely another issue which I am looking into now.
    Current code that is showing the error:
    PHP Code:
    <?php 

    //Required PHP Files.
    include 'config.php';
    include 
    'header.php';

    //Check if User is already logged-in or not. Get the login_check() FUNCTION to check. 
    if (login_check() === FALSE)
    {
        
    //Redirect User to Log-in Page immediately.
        //header("refresh:0; url=login.php");
        
    header("location:login.php");
        exit();
    }
    else
    {
        
    $user $_SESSION["user"];
        
        
    $sql "SHOW COLUMNS FROM users";
        
    $result mysqli_query($conn,$sql);
        while(
    $row mysqli_fetch_array($result)){
        $
    $row['Field'] = $_SESSION[$row['Field']]."<br>";
    }

    }

    ?>
    EDIT:
    I got rid of the double $$ and now the error looks like this:

    Notice: Undefined index: date_&_time in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: account_activation_code in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: id_verification_video_file_url in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: password in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: passport_size_photoh_image in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: title in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: skin_complexion in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: height in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: weight in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: sexual_orientation in C:\xampp\htdocs\test\grab_column_names.php on line 22

    Notice: Undefined index: bio in C:\xampp\htdocs\test\grab_column_names.php on line 22
    Last edited by UniqueIdeaMan; April 3rd, 2018 at 12:37 PM.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    830
    Rep Power
    0
    Originally Posted by DSmabismad
    The only user value that you should store in a session variable is the user id, to identify who the logged in user is. You should query on each page request for any other user data and store it in an array variable, such as $user, then reference the elements of that array variable in the rest of the code.

    This will do two things -

    1) Insure that any changes made to the user data will take effect, using the least amount of code (storing the values in session variables will require that the user logout and back in again for the values to take effect or it will take more code to modify the session variables in addition to the source data in the database table.) Keep It Simple - KISS.

    2) By storing the set of user data in an array variable (arrays are for sets of data that you will be operating on in the same/similar way), you can add or subtract pieces of data without going through EVERY place in the code and add or subtract code for every possible value. You will only have to modify the Create. Read. Update, Delete (CRUD) code dealing with the source data in the database table and the final code that uses the data (which should be using a template), not all the code in between.

    Unfortunately, the php mysqli extension that you insist on using is not conducive to fetching data as a set into an array from a prepared query (the person(s) who designed and wrote the mysqli extension had apparently never actually used php to query for and fetch data using any sort of general purpose reusable dynamic method that is used in developing applications.)

    If you are concerned about reducing the amount of code you have, switch to use the php PDO extension. This will simplify and reduce ALL the database dependent code.

    BTW - you have already been told this, but no one likes to wait around for web pages to do things. The header() redirect should be immediate, not wait 2 seconds. You have also been told to not write code testing if Boolean values are equal or not equal to TRUE/FALSE values. Boolean values exist for a reason, so that you can test them directly in logic statements.
    Ok, let me explain my code to you and lobe.
    After my login.php authenticates you and forwards you to your account home.php, the home.php queries the users tbl and grabs all your data which you submitted during registration. It creates session variables based on these data (username, first name, surname, gender, date of birth (dob), etc.
    And then when you go from page to page then instead of querying the tbl again on each page to gather your data, the script forwards you the data from the session instead. This measurement was in place to put less strain on the mysql or server side. It's like javascript. It works on client-side to put less traffic on the server. I tried doing something like that so your data pulling occurs on your side (client). Tried to be clever!
    But I now realize that you are right. For you to see data update from db, you will have to log-out and then re-login. Mmm. I overlooked this aspect. Good thing I always pester you guys with my lengthy codes, I always get valuable feed-back!
    Ok, I will keep things as they are with the sessions on those pages where the data updates are not really necessary for you to see. Wherever, it is necessary for you to see data updates, then I'll substitute the session data with the tbl query data. Good idea!
    Yeah, I know. You guys are wondering, what kind of page am I gonna build that does not require the tbl queried for data update and old data from sessions would be ok ? Well, at this instant, I don't know the answer myself. Let me think. I have a feeling, I will have to call this a bad idea at the end and just get every page to query the tbl on every different page load (like you guys want). You know how it is: You've been there, done this and that whereas we're just starting. Soon, will come around your way (at the end after learning things the hard way!).

    You know, I've read about CRUD here and there but I really have no experience about it. Do you mind showing a code sample of what you mean on your suggestion number 2 ? I've read it twice so far and understood very little what you mean. Gonna have to re-read 3-4 times before I catch what you mean, even a little.
    Last edited by UniqueIdeaMan; April 3rd, 2018 at 12:30 PM.
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    830
    Rep Power
    0
    Yes Dsmabismad! I have now IMMEDIATELY changed the 2 secs wait to 0 secs on the redirection to login.php on about 10 files like Benanamen or someone suggested once upon a time.
    You have a good memory and remember what has been suggested to me in the past by others! Good work!!!
    I'll was wondering recently to dump all that "redirect to login if session not available" part of the code to header.php (and call it via require or include) so I don't have to add those lines of code on every single page.
    Yeah, you are right, have to build a template to reuse the code. A template to reuse the session and the db queries on the pages. I've never built a template. Thinking of dumping template data and then calling the template on the concerned pages via require or include function. Which function is more suitable you deem ? How you do things with templates ?
    Am I on the right track with the template thingy ?
    Yes, I will have to build a design template to with the html and css design layouts. But, I'm leaving the design till the end. Let's finish the php stuffs first. The hard stuffs.
    Last edited by UniqueIdeaMan; April 3rd, 2018 at 12:35 PM.
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    830
    Rep Power
    0
    Guys, looking at my last part of the code in my previous post and looking at the errors I am getting, how do you suggest I proceed ?
    I know it is saying I have not set values to variables and so it's not counting them as variables but index instead. But, you know why I am doing things the way I am by not setting values manually to variables as I am trying to get the script to create variables and sessions by naming them equally matching the mysql table column names without me having to name the variables and sessions to cut short on coding and file size.
    This is an interesting topic. But, I'm really stuck here!
    Have you ever tried this sort of thing before and how did you code it ? Let's see your sample.

    Thanks!
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    830
    Rep Power
    0
    I have now come to the conlusion that it is not possible to name a variable after a column name in a mysql table.
    Is my conclusion incorrect ?
  16. #9
  17. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2016
    Posts
    136
    Rep Power
    65
    This activity falls under needlessly creating variables. Creating a bunch of bespoke session variables, that you have to edit every time the definition of the user data gets changed, and suffers from a problem of not holding the current values if the data gets edited, and then copying all those session variables to other variables are both wastes of time.

    Instead, do this -

    1) In the login code, at the point that the username/password have been verified, store the user id in a session variable. Simple.

    2) On each page request, at the point that you need the user data/user permissions for the logged in user, query for them and retrieve the row of data into an array variable named $user. Reference elements in the $user variable in the rest of the code. Simple, done. Note: if you are selecting most or all the columns from a normalized database table(s), you might as well select all of them and then remove/filter out the ones you don't want in the fetched data.

    BTW - if you read the php,net documentation for variable variables, you will find out how to make your current code work.
    Last edited by DSmabismad; April 4th, 2018 at 10:34 AM.
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    830
    Rep Power
    0
    Originally Posted by DSmabismad
    This activity falls under needlessly creating variables. Creating a bunch of bespoke session variables, that you have to edit every time the definition of the user data gets changed, and suffers from a problem of not holding the current values if the data gets edited, and then copying all those session variables to other variables are both wastes of time.

    Instead, do this -

    1) In the login code, at the point that the username/password have been verified, store the user id in a session variable. Simple.

    2) On each page request, at the point that you need the user data/user permissions for the logged in user, query for them and retrieve the row of data into an array variable named $user. Reference elements in the $user variable in the rest of the code. Simple, done. Note: if you are selecting most or all the columns from a normalized database table(s), you might as well select all of them and then remove/filter out the ones you don't want in the fetched data.

    BTW - if you read the php,net documentation for variable variables, you will find out how to make your current code work.
    DSmabismad,

    Thanks mate!
    I will look into the variable variable you mentioned. That is currently the most important issue over here.
    As for querying the tbl on each page load and then dumping the fetched data onto an array and then use those data from the array whenever needed. Isn't that the same as dumping the fetched data onto sessions and then using those data from the sessions ? Seems like the same thing to me one way or another ? What's the real difference apart from that arrays save the data onto the server-side while sessions on the client-side ? I mean, what's the real risk of dumping the db fetched user data and pulling it to/from sessions compared to/from array ? I have a feeling there are some risks involved in the session which I don't quite know and best to learn them from you guys. How does the array eliminate the risks involved with the sessions when dealing with account user's user data ?
    One other thing, let's say you logged-into your account and I created a session under your id in order to make queries with that id. Now, is it possible for you to go into your hdd where sessions are stored and replace your id with another's id such as your competitions (who has an account at my membership site) ? If that is possible then let's say you went into another page such as reading messages and that page fetches the messages from db using the session id, it would now query the db for your competition's messages. Thus, you will access your competition's messages such as customer messages. Right ? Mmm. Or, is session values tamper proof on the client-side ? maybe session data can only be read but not tampered with ? I mean, they do teach not to store account passwords onto sessions.
    Why do I get the feeling you will now reply that I answered my previous question when I asked what is the risk of doing things with the session value over the array value. I hope I will learn more than this which I already sort of know. Want to learn something new from you (if there is anything new in this issue to learn, that is).

    Anybody else are welcome to pour light on this end of the tunnel on this subject!


    EDIT:

    Btw, originally I used to do things your way as you suggested (excluding the array part):
    "1) In the login code, at the point that the username/password have been verified, store the user id in a session variable. Simple.

    2) On each page request, at the point that you need the user data/user permissions for the logged in user, query for them and retrieve the row of data into an array variable named $user."


    But then to give the server a break from too many queries (queries on each page load), I resorted to dumping sessions on each and every page.
    Seems like it was a bad idea.
    Last edited by UniqueIdeaMan; April 4th, 2018 at 11:26 AM.
  20. #11
  21. No Profile Picture
    Contributing User
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jul 2003
    Posts
    4,451
    Rep Power
    652
    Originally Posted by DSmabismad
    if you read the php,net documentation


    Horrors! Bite your tongue.
    There are 10 kinds of people in the world. Those that understand binary and those that don't.
  22. #12
  23. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    830
    Rep Power
    0
    Originally Posted by gw1500se
    Horrors! Bite your tongue.
    Yeah! Bite your tongue before your cat snatches it or you accidently swallow it!
    How good is this link to a newbie without showing any examples ?
    PHP: mysqli_stmt::$field_count - Manual
    I am now gonna have to open another thread on this new topic.
  24. #13
  25. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    830
    Rep Power
    0
    Dsmabismad,

    Found it:
    PHP: Variable variables - Manual
    Reading it now.

    Thanks again!
  26. #14
  27. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    830
    Rep Power
    0
    Php Gurus,


    Look at this code. Do you see a long list of sessions ? On my membership site project, I'm having to write or copy & paste this long list of sessions on each page like home.php, users_list.php, post.php, delete_post.php, edit_post.php, etc.
    Now, I want to cut short on the code.
    These session variables are labeled after my mysql tbl column names. Therefore, I reckon, if I write code for the script to grab the column names and then create sessions based on the column names then the code would be cut short on each page.
    I am stuck how to achieve this and so anybody's code sample would be most appreciated!

    Current lengthy code that needs shortening like the way I just described:
    PHP Code:
    <?php 

    //Required PHP Files.
    include 'config.php';
    include 
    'header.php';

    //Check if User is already logged-in or not. Get the login_check() FUNCTION to check. 
    if (login_check() === FALSE)
    {
        
    //Redirect User to Log-in Page after 2 secs.
        
    header("refresh:2; url=login.php");
        exit();
    }
    else
    {
        
    $user $_SESSION["user"];
        
        
    $id $_SESSION["id"]; 
        
    $account_activation_status $_SESSION["account_activation_status"]; 
        
    $id_video_verification_status $_SESSION["id_video_verification_status"]; 
        
    $id_video_verification_url $_SESSION["id_video_verification_url"]; 
        
    $sponsor_username $_SESSION["sponsor_username"]; 
        
    $recruits_number $_SESSION["recruits_number"]; 
        
    $on_day_number_on_7_days_wish_list $_SESSION["on_day_number_on_7_days_wish_list"]; 
        
    $primary_website_domain $_SESSION["primary_website_domain"]; 
        
    $primary_website_email $_SESSION["primary_website_email"]; 
        
    $username $_SESSION["username"]; 
        
    $first_name $_SESSION["first_name"]; 
        
    $middle_name $_SESSION["middle_name"]; 
        
    $surname $_SESSION["surname"]; 
        
    $gender $_SESSION["gender"]; 
        
    $date_of_birth $_SESSION["date_of_birth"]; 
        
    $age_range $_SESSION["age_range"]; 
        
    $religion $_SESSION["religion"]; 
        
    $education $_SESSION["education"]; 
        
    $profession $_SESSION["profession"]; 
        
    $marital_status $_SESSION["marital_status"]; 
        
    $working_status $_SESSION["working_status"]; 
        
    $home_town $_SESSION["home_town"]; 
        
    $home_borough $_SESSION["home_borough"]; 
        
    $home_city $_SESSION["home_city"]; 
        
    $home_county $_SESSION["home_county"]; 
        
    $home_region $_SESSION["home_region"]; 
        
    $home_state $_SESSION["home_state"]; 
        
    $home_country $_SESSION["home_country"]; 
        
    }

    ?>

    Here's my rough attempt but I'm stuck and drowning in the muddy puddle!

    PHP Code:
    <?php 

    //Required PHP Files.
    include 'config.php';
    include 
    'header.php';

    //Check if User is already logged-in or not. Get the login_check() FUNCTION to check. 
    if (login_check() === FALSE)
    {
        
    //Redirect User to Log-in Page after 2 secs.
        
    header("refresh:2; url=login.php");
        exit();
    }
    else
    {
        
    $sql "SHOW COLUMNS FROM browsing_histories";
    $result mysqli_query($conn,$sql);
    while(
    $row mysqli_fetch_array($result)){
        $
    $row['Field'] =  $_SESSION["$row['Field']"]."<br>";
    }

    ?>
    Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in C:\xampp\htdocs\test\grab_column_names.php on line ...

    Attempt 2
    PHP Code:
    <?php 

    //Required PHP Files.
    include 'config.php';
    include 
    'header.php';

    //Check if User is already logged-in or not. Get the login_check() FUNCTION to check. 
    if (login_check() === FALSE)
    {
        
    //Redirect User to Log-in Page after 2 secs.
        
    header("refresh:2; url=login.php");
        exit();
    }
    else
    {
        
    $sql "SHOW COLUMNS FROM browsing_histories";
    $result mysqli_query($conn,$sql);
    while(
    $row mysqli_fetch_array($result)){
        $
    $row['Field'] =  $_SESSION["\$row['Field']\"]."<br>";
    }

    ?>
    Parse error: syntax error, unexpected '>' in C:\xampp\htdocs\test\grab_column_names.php on line ...


    Remember, since the column names are like this:
    id
    username
    gender

    Then currently I got on my lengthy file, the sessions written like this:

    $id = $_SESSION["id"];
    $username = $_SESSION["username"];
    $gender = $_SESSION["gender"];

    I don't want to be writing lines of sessions like this to make the file size smaller and so need to write code so script fetches the column names and creates session variables under those fetched column names (or fetched labels or fetched fields).
    In short, on the above mentioned lengthy code, you see a variable "$id" followed by " = $_SESSION" then followed by "['id'] again. I don't want to be typing all these 'id' and so want the script to write them by grabbing the column field name since here the column field name is 'id'. You know what I want to do. And so, care to show a code sample how to do it ? I made a few attempts and no luck.

    Why did not my 1st attempt work ? See my following attempts:
    PHP Code:
    $sql "SHOW COLUMNS FROM users";
        
    $result mysqli_query($conn,$sql);
        while(
    $row mysqli_fetch_array($result)){
        ${
    $row['Field']} = $_SESSION["{$row['Field']}"]."<br>";
        } 
    PHP Code:
     
    I get errors on my 1st code:

    Notice: Undefined index: date_&_time in C:\xampp\htdocs\test\grab_column_names.php on line 6

    Notice: Undefined index: account_activation_code in C:\xampp\htdocs\test\grab_column_names.php on line 6

    Notice: Undefined index: id_verification_video_file_url in C:\xampp\htdocs\test\grab_column_names.php on line 6

    Notice: Undefined index: password in C:\xampp\htdocs\test\grab_column_names.php on line 6

    Notice: Undefined index: passport_size_photoh_image in C:\xampp\htdocs\test\grab_column_names.php on line 6

    Notice: Undefined index: title in C:\xampp\htdocs\test\grab_column_names.php on line 6

    Notice: Undefined index: skin_complexion in C:\xampp\htdocs\test\grab_column_names.php on line 6

    Notice: Undefined index: height in C:\xampp\htdocs\test\grab_column_names.php on line 6

    Notice: Undefined index: weight in C:\xampp\htdocs\test\grab_column_names.php on line 6

    Notice: Undefined index: sexual_orientation in C:\xampp\htdocs\test\grab_column_names.php on line 6

    Notice: Undefined index: bio in C:\xampp\htdocs\test\grab_column_names.php on line 6


    PHP: Variable variables - Manual

    Why did not my following attempts work ? See my following attempts:
    PHP Code:
    $sql "SHOW COLUMNS FROM users";
        
    $result mysqli_query($conn,$sql);
        while(
    $row mysqli_fetch_array($result)){
        ${
    $row['Field']} = $_SESSION["{$row['Field']}"]."<br>";
        } 
    PHP Code:
    $sql "SHOW COLUMNS FROM users";
        
    $result mysqli_query($conn,$sql);
        while(
    $row mysqli_fetch_array($result)){
        ${
    $row['Field']} = $_SESSION["{$row['Field']}"]."<br>";
        echo ${
    $row['Field']}."<br>";
        echo 
    $_SESSION["{$row['Field']}"]."<br>";
        } 
    Last edited by UniqueIdeaMan; April 4th, 2018 at 01:12 PM.
  28. #15
  29. Code Monkey V. 0.9
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Mar 2005
    Location
    A Land Down Under
    Posts
    2,411
    Rep Power
    2105
    Your system architecture is 100% wrong. There's no possible reason to keep all of that in a session. It's a complete waste of server resources, and will eat up memory way too fast.

    You only need to store the users ID in the session. To do it right, you'd create a user object from that ID, and load the data into that when the page loads, and you'll be able to pass it around any time that it's needed. While it's a tiny (very tiny) bit of extra processing work, you're only using the memory once when the page loads, and you're not storing piles of trash that you don't need to. You're aso encapsulating everything into it's own object so you know what it is and where it is at all times.

    And no. I'm not going to show you a "code sample".
Page 1 of 2 12 Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo