.htaccess to enable sessions

Hello.

I want to get this blasted .htaccess file sorted out, so I can have
sessions without register_globals being on.

I have looked everywhere for info on this and I mean everywhere
including the php.net manual.

In the manual it said to include something like the following:

php_flag register_globals off;
php_value session.save_path C:\home\user\siteroot\sess\users
php_value session.cookie_time 3600
php_value session.gc_maxlifetime 3600
php_value include_path .;C:\home\user\siteroot\sess
php_value auto_prepend C:\home\user\siteroot\sess\path_file.php

I did that and then someone in here said that it was wrong and I
needed to include all these other things and have other files in
different places as well.

To start with, I was informed in this group that all I needed was a
..htaccess file nothing else.

I am running locally, I have Windows XP Pro. I have Apache 2.0.49, PHP
4.37.

What exactly do I need to have in this .htaccess file (and elsewhere)
to get sessions to work? What am I doing wrong? All I have done is
followed what people in here and the advice in the manual said.

Is asp or coldfusion as complicated and troublesome to use as php is?

Are there any "good php" books that have recently been published that
explain clearly how to enable sessions without register_blobals being
on? This book I am working through is pretty new, it is for learning
asp, coldfusion or php with mysql in dreamweaver mx 2004! It has only
recently been published but is still going with the old method of
globals being on! I have four other books on php as well, and none of
them deal with this.

Help please before I pull all my hair out! (whats left of it!)

John

On Sun, 01 Aug 2004 16:14:12 +0100, John wrote:

> Hello.
>
> I want to get this blasted .htaccess file sorted out, so I can have
> sessions without register_globals being on.
>

I use sessions with register_globals off and without any .htaccess file at
all. (I am running Linux so perhaps things are somewhat different on
Windows.)

It took me a little while to work out the changes needed with the newer
PHP and with register_globals set to "Off". It is reasonably well
described on the php web site:

http://www.php.net/manual/en/function.session-start.php
http://www.php.net/manual/en/functio...n-register.php
...and other pages...

The key idea is to use the $_SESSION superglobal array. Here is a
simplified example from the php web site:

<?php
// page1.php
session_start();
echo 'Welcome to page #1';
$_SESSION['favcolor'] = 'green';

// Works if session cookie was accepted
echo '<br /><a href="page2.php">page 2</a>';

// Or maybe pass along the session id, if needed
echo '<br /><a href="page2.php?' . SID . '">page 2</a>';
?>

<?php
// page2.php
session_start();
echo 'Welcome to page #2<br />';
echo $_SESSION['favcolor']; // green
?>

"John" <duc@ula.com> wrote in message
news:l42qg0llcofkv87dmko3k0npobl1h12sc9@4ax.com...
> Hello.
>
> I want to get this blasted .htaccess file sorted out, so I can have
> sessions without register_globals being on.
>
> I have looked everywhere for info on this and I mean everywhere
> including the php.net manual.
>
> In the manual it said to include something like the following:
>
> php_flag register_globals off;
> php_value session.save_path C:\home\user\siteroot\sess\users
> php_value session.cookie_time 3600
> php_value session.gc_maxlifetime 3600
> php_value include_path .;C:\home\user\siteroot\sess
> php_value auto_prepend C:\home\user\siteroot\sess\path_file.php
>
> I did that and then someone in here said that it was wrong and I
> needed to include all these other things and have other files in
> different places as well.
>
> To start with, I was informed in this group that all I needed was a
> .htaccess file nothing else.
>
> I am running locally, I have Windows XP Pro. I have Apache 2.0.49, PHP
> 4.37.
>
> What exactly do I need to have in this .htaccess file (and elsewhere)
> to get sessions to work? What am I doing wrong? All I have done is
> followed what people in here and the advice in the manual said.
>
> Is asp or coldfusion as complicated and troublesome to use as php is?
>
> Are there any "good php" books that have recently been published that
> explain clearly how to enable sessions without register_blobals being
> on? This book I am working through is pretty new, it is for learning
> asp, coldfusion or php with mysql in dreamweaver mx 2004! It has only
> recently been published but is still going with the old method of
> globals being on! I have four other books on php as well, and none of
> them deal with this.
>
> Help please before I pull all my hair out! (whats left of it!)
>
> John

Most default PHP installs I see have sessions enabled already. What does
phpinfo() say when you don't have any .htaccess file in place? What evidence
do you have that sessions are not working? You haven't shown any code where
you attempt to use sessions, so it may well be that you simply aren't coding
correctly and your configurations are correct.

Show a short and complete example that demonstrates the problem, describe
the symptoms, and perhaps we can help you retain a few hairs.

As pointed out by Bob the primary key is to use $_SESSION array to access
session variables. That, and issue a session_start() function call at the
beginning of your script.

- Virgil