0

I wanted to transfer value from 1 page to another or in another meaning, available to all page, I tried using global, it doesn't seems to work, I know I can use $_SESSION, but my superior asks me not to use $_SESSION as it may not work on some phone. I need to implement function that enables that variable that holds the value available in all page.

My page process:

Choose a prize > enter email (The values keeps into variable from here) > goes through database checking and so on (cannot change anything here as this stage is a secure page, it is prohibitive to edit anything to prevent any security issues > thanks page (The value will be used here)

Sorry, I can't post any code here as it is secret. I am really sorry about it. I have tried using GLOBAL, $_GET and $_REQUEST, so are there any methods I can use?

Furry
  • 340
  • 1
  • 4
  • 22
  • 1
    There's no reason a session won't work on a phone – Adam Plocher May 09 '13 at 03:51
  • 1
    Why wouldn't it work on some phone? As long as it supports cookies to store the session ID, the session is controlled completely server-side. The http client shouldn't matter. – Adam Plocher May 09 '13 at 03:55
  • 1
    fighting against a universal standard due to arbitrary imposed restriction will never get you far. –  May 09 '13 at 03:56
  • 1
    you don't even need cookies, session ids can propagate in the url as well as in a cookie –  May 09 '13 at 03:57
  • For one of the reason is such as very old phone like Nokia 3310? It may not function well. – Furry May 09 '13 at 04:01
  • There's no reason an old phone won't support sessions. Sessions are controlled completely server side and the client is issued a session ID (so the server can identify which session data is related to the client). The session ID is typically stored in a cookie, but as Dagon mentioned, it can also be stored as a GET var. The server should be smart enough to handle the session ID automatically. Really, there's no reason it won't work. – Adam Plocher May 09 '13 at 04:02
  • Really the only valid reason I could think of for not using sessions is if you're using large amounts of data and have lots of concurrent users, and a weak server. The suggested answer below that says "use cookies" forgets that if you can support cookies (or not if it uses a querystring var), you can support sessions. And session vars are going to be FAR easier to work with. – Adam Plocher May 09 '13 at 04:05
  • 1
    @AdamPlocher I forgotten to mention it is WAP based, so do you think it will work? – Furry May 09 '13 at 04:07
  • I posted an answer. I'm reading a little bit about WAP browser cookies support. Seems a little iffy, but the URL approach should still work. Check out my answer below. – Adam Plocher May 09 '13 at 04:14
  • Do you need to support all WAP browsers, or just the WAP browser on the Nokia 3310? If you just need to support that, and can get your hands on one of those phones, I would recommend just throwing together a simple test page and see if a cookie works. – Adam Plocher May 09 '13 at 04:16
  • all WAP browser preferable. – Furry May 09 '13 at 04:17
  • http://stackoverflow.com/questions/8952613/how-to-set-a-global-variable-accessible-throughout-the-application – Javad Shareef May 09 '13 at 04:19
  • @JavadShareef that is not user-specific data... – Adam Plocher May 09 '13 at 04:23
  • $_SESSION is on the server, not on the device – chuckieDub May 09 '13 at 04:56

3 Answers3

1

If you're using COOKIEs, you can absolutely use sessions. Session ID's, by default are stored in a cookie on the browser. If for some reason the browser doesn't support cookies, you can still use the query string to transfer the session ID, but there are some security concerns around that (such as session hijacking).

By default, I believe PHP will always try to use a COOKIE for the session ID.

To enable URL-based session IDs, take a look at the PHP.INI option use_trans_sid:

http://www.php.net/manual/en/session.configuration.php#ini.session.use-trans-sid

If you really can't use sessions, your only other options would really be to use $_GET or $_POST.

Using $_POST would require you to have everything wrapped around a <FORM> tag and submit that form for every action on your site.

Using $_GET would require you to append a query string on the URL for every link / action on the site. You will be limited on the amount of data you can store a query string, though.

Adam Plocher
  • 13,994
  • 6
  • 46
  • 79
0

You could do it with a cookie... in jquery:

$.cookie('some_key','some_value');

or in vanilla javascript:

somekey = 'some_key'l
someval = 'some_val';
document.cookie=somekey+'='+someval;

and get to it in php

<?php
echo $_COOKIE["some_key"];
?>
Matthew Graves
  • 3,226
  • 1
  • 17
  • 20
-2

it's going to be tough not having any code but to answer your question, you have 4 choices, get, post session and cookies. if your superiors dont want you using sessions, then i doubt they want cookies (sessions TYPICALLY USE cookies). I would seriously talk to your boss about using get and post variables because if your trying to keep it secure then passing a post/get variable is very insecure and can be altered in between steps. Session variables can not be.

what I would also check if you are trying to use a post variable is that the secured page in the middle has a form with the value as a hidden field otherwise it will be lost going to the third page because post values are only submitted as part of a form

bkdude
  • 201
  • 1
  • 6
  • yes i know sessions are not cookies but the session key for the user is saved as a cookie on the users computer. – bkdude May 09 '13 at 04:16
  • no, that's one of two options for the session key. you can have sessions with out cookies. –  May 09 '13 at 04:25