$_SESSION getting lost

**nathj** · Jul 20 '07, 10:02 AM

Hi,

Further to my last post, which I left for the sake of completeness, I have decided not to use the captcha image on my application.reg istration form.

Basically, I discovered that the $_SESSION variable was one item behind when it was visible as well as not being visible where I needed it. All most peculiar.

Any way, the form is over three pages and has client and server side validation plus ther eis a final step of anual applicant approval due to the very specific target audience and the potential sensitivity of topics discussed.

However, I will be usin the Captcha idea when users post reviews, discussion topics and bolgs. So that content cannot be added by a bot.

I know this is a very brief description of what is going on but I would appreciate any feedback or advice in light of this descision.

Many thanks
nathj

**adamalton** · Jul 20 '07, 01:05 PM

Can you post up some code to show what you tried for the captcha thing? I made one for the first time the other day and it seemed to work, I'll dig it out and stick it up if you like?

I don't know if this is true because I haven't tested it fully yet, but I have a suspicion that if you have a $_SESSION['variable'] and a normal $variable with the same name then the $_SESSION one over rides the other one.

**pbmods** · Jul 21 '07, 04:03 AM

Originally posted by adamalton

I don't know if this is true because I haven't tested it fully yet, but I have a suspicion that if you have a $_SESSION['variable'] and a normal $variable with the same name then the $_SESSION one over rides the other one.

This occurs when register_global s is turned on.

**nathj** · Jul 21 '07, 05:07 PM

Thanks for all the help, I'll double check the register globals thing when I get beack to work on Monday.

As for the code, I have now removed the captcha image from the form. As the application process involves a stage of manual approval it's not that vital.

The trouble was that I was using AJAX to validate the form. I don't want users to submit the form before it is completely valid.

I did some further tests with the code and discovered that the $_SESSION variable was storing the previuos value so if I kept refreshing the page the $_SESSION was always one step behind. It was all very peculiar.

Many thanks
nathj

**adamalton** · Jul 21 '07, 09:04 PM

Thanks pbmods! That's useful to know.

**pbmods** · Jul 21 '07, 09:09 PM

We aim to please.

**kovik** · Jul 21 '07, 09:44 PM

Originally posted by nathj

Thanks for all the help, I'll double check the register globals thing when I get beack to work on Monday.

As for the code, I have now removed the captcha image from the form. As the application process involves a stage of manual approval it's not that vital.

The trouble was that I was using AJAX to validate the form. I don't want users to submit the form before it is completely valid.

You should validate prior to submission as well, because it is possible to bypass client-side validation. Very much so.

Originally posted by nathj

I did some further tests with the code and discovered that the $_SESSION variable was storing the previuos value so if I kept refreshing the page the $_SESSION was always one step behind. It was all very peculiar.

That's likely due to you storing the session variable too late in your script.

**nathj** · Jul 23 '07, 09:03 AM

Thanks for all the help and pointers.

I have managed to get this to work. It turns out that the $_SESSION variable was being set to early in the code that generates the captcha image.

I moved this to as soon as the code is created and hey presto it all works lovely.

Thanks to everyone for all your help. I really appreciate it.

Cheers
nathj

**pbmods** · Jul 23 '07, 01:47 PM

Heya, nathj.

Glad to hear you got it working! Good luck with your project, and if you ever need anything, post back anytime :)

$_SESSION getting lost

$_SESSION getting lost

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment