Is this valid:
$_SESSION['pictures']['rateAlbum']['_POST'] = $_POST;
I want to save all of the POST data in the session in one shot.
edit: oh and what about the other way around:
$_POST = $_SESSION['pictures']['rateAlbum']['_POST'];
views:
302answers:
2
+1
A:
yes you can...
if you save $_POST in $_SESSION in session you'll have the same array as post...
You can also do the other way and save something to $_POST..
you can also do that (or, using $_SESSION):
$_POST = array('field1' => 'val1',
'field1' => 'val1',
'field1' => 'val1',
'fieldn' => 'valn');
$_SESSION=$_POST;
or
$test="hi";
$_SESSION['field1']="test";
echo $$_SESSION['field1']; //this print hi
PHP is really flexible and let you do almost everthing, obviously pay attention on security problem...
Marcx
2010-03-12 01:49:38
A:
you can use directly write below
$_SESSION['input_array']=$_POST[];
and if your $_POST['username']='Hello';
then $_SESSION['input_array']['username'] would display 'hello'
and if $_POST['birthday']['year']='2002' then
$_SESSION['input_array']['birthday']['year'] would display 2002
diEcho
2010-03-12 05:35:18
Assume we're not using this $_POST or $_SESSION to access a database query (SQL Injection) or output data (XSS) is there anything they can $_POST that becomes a security issue? This is a real question as I've not seen anything about how maybe the PHP core can be compromised by blindly setting $_POST variables as a $_SESSION['somevar'] = 'somevalue' -> unless they can trigger an EXEC or something.
niggles
2010-03-12 11:16:11
use `mysql_real_escape_string($_POST)` RECURSIVELY before assigning it to $_session
diEcho
2010-03-12 11:43:56