Having the following issue in a PHP shopping cart. A dump of my session looks like: Array ( [username] => test@test.com [key] => 1 ) The shopping cart has three buttons: <form name='cartForm' action='cart.php' method='post'> <input type='image' value='submit' name='continueshopping' src='x.jpg' /> <input type='image' value='submit' name='update' src='y.jpg' /> <input type='image' value='submit' name='checkout' src='z.jpg' /> whenever I press one of the buttons, the page re-loads and does what it needs to (ie remove or add an item)... but the session array gets changed to the following (depending on the button pushed) Array ( [username] => test@test.com [key] => continueshopping_y ) Array ( [username] => test@test.com [key] => update_y ) Array ( [username] => test@test.com [key] => checkout_y ) Is [key] a reserved word? Why would the value of $_SESSION['key'] be overwritten from a form that just POSTs everything? This is a problem for our project as we were storing user account IDs in [key], but the value is overwritten each time a button is pushed in the cart. The actual code is pretty long, and posting it here wouldn't be practical. Wouldn't know what to post, as the cart never interacts with the session other than to grab the session_id(). Really I'm just wondering if anyone has experienced anything similar. I can't re-create the problem on my local server (PHP5), only exists on the live server (PHP4). Thanks in advance.

Reputation: 51

PHP $_SESSION['key'] over-written with input button value. Why?

Having the following issue in a PHP shopping cart.

A dump of my session looks like:

Array ( [username] => [email protected] [key] => 1 )

The shopping cart has three buttons:

<form name='cartForm' action='cart.php' method='post'>
<input type='image' value='submit' name='continueshopping' src='x.jpg' />
<input type='image' value='submit' name='update' src='y.jpg' />
<input type='image' value='submit' name='checkout' src='z.jpg' />

whenever I press one of the buttons, the page re-loads and does what it needs to (ie remove or add an item)... but the session array gets changed to the following (depending on the button pushed)

Array ( [username] => [email protected] [key] => continueshopping_y )
Array ( [username] => [email protected] [key] => update_y )
Array ( [username] => [email protected] [key] => checkout_y )

Is [key] a reserved word? Why would the value of $_SESSION['key'] be overwritten from a form that just POSTs everything? This is a problem for our project as we were storing user account IDs in [key], but the value is overwritten each time a button is pushed in the cart.

The actual code is pretty long, and posting it here wouldn't be practical. Wouldn't know what to post, as the cart never interacts with the session other than to grab the session_id(). Really I'm just wondering if anyone has experienced anything similar. I can't re-create the problem on my local server (PHP5), only exists on the live server (PHP4).

Thanks in advance.

Upvotes: 5

Answers (2)

leepowers

Reputation: 38298

continueshopping_y, update_y, checkout_y - when using an image INPUT the browser will also send the x & y coordinates where the image was clicked. My guess would be there's some code present as follows:

foreach ($_POST as $key => $value) {
 .....
}

....
Many lines of code later ....
....

$_SESSION['key'] = $key;
// or,
session_register('key');

Upvotes: 0

AndreKR

Reputation: 33658

No, key is not reserved; there must be actual code that overwrites the entry.

Since it depends on the server configuration, I'd suggest, you check the register_globals setting and make sure it's turned off on both servers.

Upvotes: 1

PHP $_SESSION[&#39;key&#39;] over-written with input button value. Why?

Answers (2)

Related Questions

PHP $_SESSION['key'] over-written with input button value. Why?