In my PHP app, I'm trying to differentiate between cases where an unset session variable is due to an actual bug or due to something that's not my 开发者_StackOverflowfault (ie. the user logged out or manually typed a URL). Obviously, I want to record bugs only. Right now I'm recording errors for both and I can't tell which is which.
Are there some generally accepted ways of dealing with this sort of thing? I am curious to hear how others out there have approached this situation.
Thanks, Brian
Set all session variables to a sane default when the session is created. If at any later point you find an unset session variable, it's a bug.
If the user logs out, that does not mean they don't have a session (or it should not mean that, if your session handling is anything like most implementations). The same goes for manually typing a URL. At some point, your app's internal framework is necessarily doing session_start()
for all page views. That's a good place to inject defaults.
Injecting defaults is dead easy with the array union operator:
$defaults = array(
'userid' => null,
'lang' => 'en',
);
session_start();
$_SESSION['userid'] = 42;
$_SESSION += $defaults; // will not overwrite existing values
print_r($_SESSION);
See it in action (and please ignore the warnings related to not being able to set the session cookie etc).
精彩评论