[FX.php List] Multiple windows with Session Variables

Gjermund Gusland Thorsen ggt667 at gmail.com
Wed Dec 10 09:37:30 MST 2008 

Hmm, I have never bumped into this problem however my $_SESSION rolls
one level deeper.

$_SESSION[$projectKey][$applicationname]= array();

ggt

2008/12/10 David Ness <dness at bondedbuilders.com>:
> Dear fx.php associates,
>
>
>
> I've just discovered that I might have a problem with my fx.php solution,
> and wanted to know if anyone else has faced this and developed a workaround.
>
>
>
> My online solution allows users to enter, save, edit and 'finalize'
> application forms online. During the entry and processing of the form,
> several pages are loaded and the form data is saved and retrieved in various
> ways and at various points in the process. I save the record ID of the
> FileMaker record into a $_SESSION variable ($_SESSION['application_recid'],
> along with a whole bunch of other $_SESSION variable values) in order keep
> track of the record I'm working with. After the application reaches a
> certain status (finalized), the record is no longer available for editing,
> only review.
>
>
>
> My problem is that I've discovered some users were able to overwrite a
> previously finalized record with a new record. Upon interviewing the user,
> he mentioned he commonly opened a window with a previous record to reference
> when entering a new record in another window or tab within the same browser.
>
>
>
> My theory is that one array of $_SESSION variables is being 'shared' among
> windows, and this is the root cause of my problem. So my question is: are
> the $_SESSION variables shared among windows, or is a separate set of
> $_SESSION variables created for each window? If the $_SESSION variables
> *are* shared, what methods do you use to prevent the unwanted co-mingling of
> variables?
>
>
>
> A little Googling seems to confirm this. Multiple windows seem to share the
> same $_SESSION variables. Yikes! This fundamental construct flaw in my
> program would initially seem to be really hard to work around, as I would
> need to carry forward lots and lots of variables using some other method.
>
>
>
> Ideas or comments?
>
>
>
>
>
> David Allen Ness
>
> Database Systems Programmer
>
> Web Applications Developer
>
>
>
>
>
>
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
>
>

More information about the FX.php_List mailing list