Craige, Marc, Nitsan,Bastien,
Thanks for your reply!
This is my understanding and comment from your replies:
(1) If the web server do have assign anonymous request ID to each HTTP
request from client browser, and assign $_POST to each request ID and works
within request ID scope, this is fine with session or without session.
(2) If the above is not the case, then session is required. However web
server still need to provide each session ID a $_POST array and works within
this scope.
(3) If the web server does not work in case(1) neither case(2), then include
user ID into $_POST is appropriate, e.g.
$_POST[userID][input_submitted_name][input_submitted_value]
instead of just
$_POST][input_submitted_name][input_submitted_value].
So, which of the 3 cases above is appropriate?
Thanks!
"Craige Leeder" <cleeder@xxxxxxxxx> wrote in message
news:4A2E85B3.401@xxxxxxxxxxxx
While yes $_POST is a supergloabal, even a superglobal has it's own scope.
The scope of $_POST is to the call of the user to the web server.
Therefor, no User A's information will not be overwritten by User B's
information.
Hope this helps. Let me know if you want any further clarification. This
was just a very simplified answer.
Keith wrote:
Let's say user A and user B submitting purchase order form with
"order.php" at the same time, with method=post action='confirmation.php'.
(1) Will $_POST['order'] submitted by user A replaced by
$_POST['order'] submitted by user B, and the both user A & B getting the
same order, which is made by user B? Why?
(2) Since $_POST['xxx'] is superglobal array, will $_POST['order']
read by users other than A & B? In shared hosting server environment, are
all domains hosted within that server using the same $_POST array? Can
$_POST array accessible by all domains even if not from the originating
domain?
Thx for clarification!
Keith
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
