SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)

    New $_SESSION variable initialised automatically, huh?

    Hi

    I have searched through the manual but couldn't find any reference to this behaviour.

    If you accidentally try to use a session variable in a PDO PreparedStatement using bindParam() - say because you mistyped it or because you mistakenly tried to access a session variable you had not set, then that new variable is added to the session with a NULL value.

    So your session might have been started elsewhere with this:

    PHP Code:
    $_SESSION['person_name'] = "Dick"
    if you then unthinkingly later do this (where person_type has not been explicitly set)
    PHP Code:
    $stmt $PDO->prepare("insert into people  ? , ? ") ;
    $stmt->bindParam$_SESSION['person_name'] );
    $stmt->bindParam$_SESSION['person_type'] ); 
    your session will magically contain:
    PHP Code:
    $_SESSION['person_name'] = "Dick";
    $_SESSION['person_type'] = &NULL
    Which is something I wasn't expecting, and fooled me for a while (not hard to do, I admit).

    IIS6, PHP5.2.5, win2k, error_reporting (E_ALL) indicates nothing wrong.

    Whereas if you simply do this:

    PHP Code:
    $t $_SESSION['person_type'] ; 
    It DOES throw a Notice, and does not go on to create the session variable.

    I don't know about for you, but this behaviour may create problems somewhere else, say if you are inserting session vars into a table using some kind of sql query generator.

    Or would $_SESSION['person_type'] = &NULL; never be detectable?

  2. #2
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I have fairly limited experience of PHP but I thought putting an amperstand in front of the variable when passing it ommits any errors and simply passes null if it doesn't exist?

    If this is the case, then it may be possible that bindParam is doing this.

    Edit: I understand that using & infront of the variable (including $) passes the variable by reference, so it could be that your creating an empty reference and since it has no value, it has been set to null.


  3. #3
    SitePoint Enthusiast
    Join Date
    Jun 2006
    Location
    Italy
    Posts
    44
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This happens because "the variable is bound as a reference and will only be evaluated at the time that PDOStatement->execute() is called".

    Here is a sample PHP code that explain the behavior you are experiencing:

    PHP Code:
    <?php 

    function test(&$var NULL) {
        
    // stub
    }

    $array = array();

    test($array['undefined']);

    var_dump($array);

    ?>

  4. #4
    play of mind Ernie1's Avatar
    Join Date
    Sep 2005
    Posts
    1,252
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    hehe, good spot.
    my mobile portal
    ghiris.ro

  5. #5
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by Cups
    Hi

    I have searched through the manual but couldn't find any reference to this behaviour.
    Righto, all the signs were there eh? I even made a lovely Freudian slip.

    I had to look twice to make sure I saw the &NULL reference.

    Thanks for the feedback fillippotoso


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •