Re: object persistence within a session

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Stan schreef:
> If this is the wrong forum, please point me at the correct forum.
> 
> I am new to PHP but have 40 years experience programming.

cool. we're you around when they programmed with Rocks[tm]? :-)
(stick around a while and you'll get to know that inside joke)

> My initial effort includes a class definition which needs to persist for the duration of a WWW session.  The code (this snippet is the beginning of Default.php)
> 
>   <?PHP
>    session_start();
>    require_once 'CSSFrames_Includes/Classes.inc';

a few people already mentioned ... class definitions of session-serialized
objects need to be loaded before the session is started.

but nobody has yet mentioned that storing objects in the session
is kinda bad practice, from a performance POV. have a think about
whether you could:

a. do away with the class/object altogether, i.e. do you really need
an object? .. objects a relatively 'heavy' in terms of construction & deserialization.

b. recreate the object each request and have it automatically retrieve
it's persistent data from the session in the constructor i.e. store
scalars/array (like 'page ID') in the session instead of the complete
object.

now a bit more theoretical ...

is CSSFrame a project name? or
does it refer per chance to the use of <FRAMES>? <FRAMES> Suck[tm] and
are generally frowned upon (granted usually by web2.X afficiandos that
don't mind pumping half a meg of javascript down the tube on each request
but there you have it ;-).

you're using $_SERVER['QUERY_STRING'] and parsing it, have you
considered using the $_GET superglobal instead?

try: <?php var_dump($_GET); ?>

more importantly, every bit of input your script recieves is tainted,
we live in the world of CSRF, SQL-Injection, XXS, etc. you really need
to get into the habit of validating and cleansing every peice of input
data before you use it. for the ID query string parameter in your
example code something like so will suffice:

if (isset($_GET['ID'])
	$id = (int)$_GET['ID'];
else
	$id = 0;

if ($id > 0)
	$navigator->set_page_ID($id);

here endeth the 'lesson' (we help you with php/web specific madness,
you return the favor and shower some of your CS wisdom on us self-taught
web-hacks now and again ... I figure with 40 years of programming you
could probably teach me a thing or two about CS :-D)

rgds,
jochem


>    if (!isset($_SESSION["navigator"]))
>     {
>     $_SESSION["navigator"] = new CSSFrames_Navigator;
>     }
>    else
>     {
>     parse_str($_SERVER['QUERY_STRING'], $queryString);
>     foreach ($queryString as $key => $value)
>      {
>      switch($key)
>       {
>       case "ID":
>        $_SESSION["navigator"]->set_page_ID($value);
>        break;
>       default:
>        break;
>       }
>      }
>     }
> initially works ... $_session["navigator"] does exist and methods do function correctly.  When, however, I click a link and cause the script (Default.php) to be reentered, I get the following
> 
> Fatal error: main() [<a href='function.main'>function.main</a>]: The script tried to execute a method or access a property of an incomplete object. Please ensure that the class definition &quot;MyClass_defined&quot; of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide a __autoload() function to load the class definition in /MyWebSite.com/Default.php on line 16
> 
> which I understand to mean that my class definition (file?) has not been loaded.  What I do not understand is why has not the class definition been loaded?  Did storing the object reference not also store the class definition?  What must I do to retain the class definition as part of the session data?
> 
> Thanks,
> Stan  


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux