Home >Backend Development >PHP Tutorial >Things to note when using session for customer authentication_PHP tutorial
If register_globals = On in your php.ini, all post, get, cookie, and session variables with the same name will be mixed together. You can use $HTTP_*_VARS["username"] to determine which variable you want.
But even if the same name is used, variables_order = "GPCS" in php.ini will be judged according to the priority level. The lower level value cannot override the higher level value. Therefore, if you use session_register("username" from the beginning ) is wise, you can also use session_is_registered to determine whether the variable has been registered.
This is an example:
if (!session_is_registered("username")) {
$user_name= "";
session_register("username");
}
At the same time, ensure that in your php.ini, variables_order = "GPCS" (default) S means that session should be placed last and take priority.
register_globals = On is a waste of system resources and is turned off in the optimized configuration, which also avoids so-called vulnerabilities.