I'm new to OOP and am writing one of my first classes. I work for an insurance broker and am trying to use a Class to store things about a quote, and store the Object as a session variable.
Thing is, when I view the session variables, I get:
sessionName
__PHP_Incomplete_Class Object
(
[__PHP_Incomplete_Class_Name] => myClass
[brokerId] =>
Can anyone tell me why it's showing incomplete class name?
Make sure that either the class definition is present before session_start() is called, e.g.
require_once 'class.MyClass.php';
session_start();
or set an unserialize_callback_func that will try to load the class definition as described at http://docs.php.net/function.unserialize.
edit: this can also be done via spl_autoload_register(). E.g.
spl_autoload_register(function($name) {
// only a demo ...this might be insecure ;-)
require_once 'class.'.$name.'.php';
});
session_start();
echo '<pre>';
var_dump($_SESSION);
echo '</pre>';
I managed to fix it all by myself, not sure how though.
I ensured that the page displaying the values was structured like:
require_once("Class.php");
session_start();
$_SESSION['myObject']->printVariables();
And that the page constructing the object was like:
# Include the class
require_once($_SERVER['DOCUMENT_ROOT'] . "/Class.php");
# Instantiate a new policy
$_SESSION['myObject'] = new quote('54');
$_SESSION['myObject']->printVariables();
I also made sure that the page displaying calling the object did not use any serialize functions, as they seemed to only cause errors.
I am using this
if (!is_object($_SESSION)) $_SESSION = new ArrayObject();
Related
I have two files say file1.php and file2.php. I have one php file named form in which class form has been defined.
I have created an object in file1.php as follow:
require_once('form.php');
$x=$_GET['field'];
$form = new Form("", "");
$personal = new Block("");
$address = new TextArea("address", $x, "", 3, 30);
$personal->add($address);
$form->add($personal);
echo $form;
now i want to use this object $form and $personal in another file file2.php which is as follow:
$personal = new Block("");
$name = new Text("name",$x);
$personal->add($name);
$form->add($personal);
echo $form;
how can i use these objects in php. please help.
If you include one PHP file into the other, there is no problem, as the code in both will get merged to the scope of the including code.
Otherwise, if you wish to us re-use the objects at different positions in your code, you can use a registry (see also: How is testing the registry pattern or singleton hard in PHP?) to store the instantiated object.
If you plan to re-use the same objects on the next page load you need to serialize them, store the serialized object in the session/cache (or elsewhere) and unserialize it after loading the next page. In that case you'll also need some mechanism to set up a database connection or perform other required tasks (see: __wakeup()).
Usually, you'll have to make a new instance of the object for each time a script is run.
If not, you could serialize the object, which puts it into a string format, then unserialize it when you need it, but you'll have to store the string somewhere. It's usually easier just to declare a new class.
In most cases like this, you'll use your object to modify values in a database. When the new instance is created (on page reload), it looks at the database to get the modified values. This way, the same instance doesn't have to persist across reloads.
Your class would use getters and setters ("accessors" and "modifiers") to work with the values you need - $address, for example.
first include file1.php
then just call the instances:
require_once('file1.php');
$name = new Text("name",$x);
$personal->add($name);
$form->add($personal);
echo $form;
keeping in mind that the instances of $form and $personal are already created in file1.php
Maybe I'm just not seeing it, but is there any other way to access a previously created session namespace, other than calling $_SESSION directly? Besides the fact that I really don't want to do this, the Zend documentation also advises against this:
while $_SESSION is still available in
PHP's global namespace, developers
should refrain from directly accessing
it, so that Zend_Session and
Zend_Session_Namespace can most
effectively and securely provide its
suite of session related
functionality.
The Zend_Session_Namespace class doesn't have a static method for getting a namespace, and although the now deprecated namespaceGet method in Zend_Session instructs me to use Zend_Session_Namespace#getIterator, that method is not static.
So that means I need to initialize a new namespace, using the new keyword. The problem is, this doesn't include previously set variables:
$ns = new Zend_Session_Namespace('foo');
$ns->foo = 'bar';
On a subsequent request, this:
print_R(new Zend_Session_Namespace('Foo'));
...prints this:
Zend_Session_Namespace Object
(
[_namespace:protected] => Foo
)
which seems obvious.
So how am I supposed to fetch the previously created namespace, without using $_SESSION['Foo']?
The case of your two code examples doesn't match (foo vs. Foo), I'm not sure if that was just a typo or not. Zend_Session_Namespace is just a wrapper for $_SESSION, so all you need to do is create a namespace object with the same key and then all your data should be available.
$ns = new Zend_Session_Namespace('foo');
$ns->foo = 'bar';
and then on another page:
$ns = new Zend_Session_Namespace('foo');
echo $ns->foo; // should output bar
if this doesn't work then there is a problem with your session configuration.
Hay guys. I'm kinda new to OOP in PHP. I've learnt how to write and create objects. Is there a way to take an object and pass it to another script? either using GET or POST or SESSION or whatever. If there isn't how would i assign an object some variables on one page, then assign the same object more variables on another page?
Thanks
You can store objects in the session but you need to include the file which contains the class definition before calling session_start() (or use class autoloading and set this up before you start the session). For example:
On every page:
//include class definition
require('class.php');
//start session
session_start();
1st page:
$object = new class();
$object->someProperty = 'hello';
//store in session
$_SESSION['object'] = $object;
Subsequent pages:
$object = $_SESSION['object'];
//add something else, which will be stored in the session
$object->anotherPropery = 'Something';
Here is an example with autoloading in respect to the answer by Tom Haigh:
Before you start the session:
function __autoload($className) {
$file = PATH_TO_FOLDER_WITH_ALL_CLASS_FILES."/".$className.'.php';
if(file_exists($file)) {
require_once $file;
}
}
session_start();
Page passing the object:
$object = new class();
$object->someProperty = 'hello';
//store in session
$_SESSION['object'] = $object;
Page receiving the object:
$object = $_SESSION['object'];
//add something else, which will be stored in the session
$object->anotherPropery = 'Something';
The autoload method will automatically load the objects while you retrieve data from session.
You could store the object in a SESSION.
You can serialize the object and pass through GET or POST.
If you want the object to persist across the site, then SESSION is probably your best bet.
You can use the $_SESSION. but it will only be for that session.
Using an object on multiple 'scripts':
First, you have to decide what kind of structure your OOP application has.
If you use something like MVC pattern, you do not have to this by using SESSION or REQUEST, because you can 'plug' the objects you want to use into 'one'.
What does this mean?
A quick example:
User A enters your site index.php
Now you can load the content from a static index.html,
but if you want to check whether the user is authenticated to see specific contents e.g. the 'Admin Login', you can use include_once('Authentication.php') and initiate a class from this file, e.g. <?php $Auth = new Auth_Handler; ?>
This will make the Auth class also available in the index.php or any other file you want to include this class.
If you want to pass the authentication class' return value to another file e.g. 'register.php' you can use the SESSION or any other Cache.
Passing whole objects is not recommend due to their size.
Including and initiating the wanted classes at the beginning of files is much better.
And passing the returns by SESSION uses less space.
It really depends one which framework or API you want to use, or what project you want to create.
I'm getting an error I don't know how to fix so I wondering if I could get some help.
This is the error
Fatal error: process_form() [<a href='function.process-form'>function.process-form</a>]: The script tried to execute a method or access a property of an incomplete object. Please ensure that the class definition "Template" of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide a __autoload() function to load the class definition in /home/twinmeddev/html/template_add.php on line 44
I get this error in the process_form() function. So what I get out of this is that, its thinking I didn't load the class for the template. Which in fact I did up at the top. The include 'inc/item.class.php'; Do I have to re-include it in the function?
Here's the code for the particular page with the error. You can see I have everything included like it should be. Where have I gone wrong?
<?php
include 'inc/prep.php';
include 'inc/header.class.php';
include 'inc/item.class.php';
include 'inc/template.class.php';
include 'inc/formhelper.class.php';
include 'inc/formvalidator.class.php';
include_once( 'inc/config/config.php' ) ;
include_once( 'inc/DBE.class.php' ) ;
include_once( 'inc/GenFuncs.php' ) ;
include_once( 'inc/Search.class.php' ) ;
session_start();
//Verify that user is logged in.
VerifyLogin($_SERVER['PHP_SELF'] . "?" . $_SERVER['QUERY_STRING']);
if(array_key_exists('_submit',$_POST)) {
if($fv_errors = validate_form()) {
show_form($fv_errors);
} else {
process_form();
}
}
else {
// The form wasn't submitted or preview was selected, so display
show_form();
}
function validate_form(){
}
function process_form(){
global $mysqli;
echo var_dump($_SESSION);
$Template = $_SESSION['template'];
$Template->name = $_POST['name'];
$Template->descript = $_POST['descript'];
$Template->user = $_SESSION['User'];
$Template->customer = $_SESSION['CustID'];
$Template->status = $_POST['status'];
$Template->insert();
//header("Location: template.php");
}
It's missing the serialize/unserialize of your template class.
Take a look here for an working example I gave on another question of yours.
For instance, you probably want this:
<?php
$_SESSION['template'] = serialize($template);
?>
and
<?php
$template = unserialize($_SESSION['template']);
?>
Edit:
reading your comment about moving it to the top gives one hint.
The automatic serialization/unserialization occurs when you call session_start().
That means the order in which you include your files and call the session_start() is very important.
For example:
This would be wrong:
<?php
session_start();
include 'inc/template.class.php';
?>
While this would be correct:
<?php
include 'inc/template.class.php';
session_start();
?>
Now, I see in your example that it is in the CORRECT order, but I also notice you do many other includes before including template.class.php
Would it be possible that one of those includes (perhaps prep.php or header.class.php) does call start_session() too?
If yes, that was your issue (session_start() being called before your template.class.php).
When you session_start() in php $_SESSION array is populated with corresponding objects. This means that all interfaces must be available (require). If the session has already been started previously by another script (eg framework) that had no visibility on the interfaces, objects in $ _SESSION will be incomplete, and do it again session_start() is useless because the session has already been started. One possible solution is to use the method session_write_close(), then session_start() which starts again populate $_SESSION, but with visibility into interface, so your object in $_SESSION will be good.
I have posted my answer on a similar question, posting it again 'cause it answers this one as well.
PHP serializes its sessions using the built-in serialize and unserialize methods. serialize of PHP has the ability to serialize PHP objects (aka class instances) and convert them to string. When you unserialize those strings, It converts them back those same classes with those values. Classes who have some private properties and want to encode/decode that or do something complex in their serialization/deserialization implement the Serializable class and add serialize and unserialize methods to the class.
When PHP's unserialize tries to unserialize a class object, but the class name isn't declared/required, instead of giving a warning or throwing an Exception, it converts it to an object of __PHP_Incomplete_Class.
If you don't want your session objects to convert to __PHP_Incomplete_Class, You can do it by either requiring the class files before you invoke session_start, or by registering an autoload function.
How big are the objects that you are putting in the session? I got a similar error once when my objects were larger than the space we had allotted for the session in the php.ini file. If the object was too large, it would come back as being empty when it shouldn't have been.
After that, I just started storing the object's PK in the Session and looking it up if I needed it instead of carrying around the entire object itself.
You could also increase the size of the session in the INI file and see if that makes a difference.
Please ensure that the class definition "Template" of the object you are trying to operate on was loaded before...I guess include 'inc/template.class.php'; is supposed to load the definition of the class Template?
Then maybe the include failed. Try require instead.<?php
require 'inc/prep.php';
require 'inc/header.class.php';
require 'inc/item.class.php';
require 'inc/template.class.php';
require 'inc/formhelper.class.php';
require 'inc/formvalidator.class.php';
require_once( 'inc/config/config.php' ) ;
require_once( 'inc/DBE.class.php' ) ;
require_once( 'inc/GenFuncs.php' ) ;
require_once( 'inc/Search.class.php' ) ;
if ( !class_exists('Template') ) {
die('No. Those include/requires did not define the class "Template"');
}
session_start();
i tried to store objects in session variable too. and yes i experienced the same problem as MackDaddy. and its solved by moving the include of the class to the first.
so..
require_once("class.someclass.php");
require_once("display.php");
worked
but not...
require_once("display.php");
require_once("class.someclass.php");
hmm...wonder whats the rational? and what if we have 2 or more different objects? which one comes first?
In my case, order in which I included my files and called the session_start() was incorrect, as Carlos mentioned in his answer.
But I could not fix the order.
This workaround worked for me:
$_SESSION["template"] = unserialize(serialize($_SESSION["template"]))
I've got a site setup that, on page load, turns all user submitted strings into SafeString objects. For those unfamiliar with SafeString, it basically forces the user to echo out sanitized data preventing XSS and whatnot..
Anyways, there's a problem. My $_SESSION array is being filled with __PHP_Incomplete_Class Object. From what I've read, this is due to not initializing the class before the session and then storing class objects in the session.
Here's my code:
require_once __WEBROOT__ . '/includes/safestring.class.php';
$temp = array
(
&$_SERVER, &$_GET, &$_POST, &$_COOKIE,
&$_SESSION, &$_ENV, &$_REQUEST, &$_FILES,
&$HTTP_SERVER_VARS, &$HTTP_GET_VARS,
&$HTTP_POST_VARS, &$HTTP_COOKIE_VARS,
&$HTTP_POST_FILES, &$HTTP_ENV_VARS
);
function StringsToSafeString(&$array)
{
foreach ($array as $key => $value)
{
if (is_string($array[$key]))
{
$array[$key] = new SafeString($value);
}
if (is_array($array[$key]))
{
StringsToSafeString($array[$key]);
}
}
}
StringsToSafeString($temp);
unset($temp);
I can't think of a way to rewrite this which would solve the problem :/
Any ideas?
When you're accessing $_SESSION, you're not just changing the current script's copy of the data read from the session, you're writing SafeString objects back into the active session.
But putting custom objects in the session is dodgy and something I would generally try to avoid. To be able to do it you have to have defined the class in question before calling session_start; if you don't, PHP's session handler won't know how to deserialise the instances of that class, and you'll end up with the __PHP_Incomplete_Class Object.
So avoid frobbing the session. If you must take this approach, make a copy of the data from $_SESSION into a local $mysession array. However, I have to say I think the whole idea of a SafeString is dangerous and unworkable; I don't think this approach is ever going to be watertight. Whether a string of raw text is ‘safe’ is nothing to do with where it came from, it is a property of how you encode it for the target context.
If you get another text string from a different source such as the database, or a file, or calculated within the script itself, it needs exactly the same handling as a string that came from the user: it needs to be htmlspecialcharsed. You're going to have to write that escape anyway; the safestring gains you nothing. If you need to send the string to a different destination format, you would need a different escape.
You cannot encapsulate all string processing problems into one handy box and never think about them again; that's just not how strings work.
I know it's been years since this was asked, but I'm posting my answer because none of the answers above actually explain to the OP what is actually wrong.
PHP serializes its sessions using the built-in serialize and unserialize methods. serialize of PHP has the ability to serialize PHP objects (aka class instances) and convert them to string. When you unserialize those strings, It converts them back those same classes with those values. Classes who have some private properties and want to encode/decode that or do something complex in their serialization/deserialization implement the Serializable class and add serialize and unserialize methods to the class.
When PHP's unserialize tries to unserialize a class object, but the class name isn't declared/required, instead of giving a warning or throwing an Exception, it converts it to an object of __PHP_Incomplete_Class.
If you don't want your session objects to convert to __PHP_Incomplete_Class, You can do it by either requiring the class files before you invoke session_start, or by registering an autoload function.
You just have to include the safestring.class.php before you call session_start() when you want to read the SafeString objects from $_SESSION variable:
<?php
require_once __WEBROOT__ . '/includes/safestring.class.php';
session_start();
print_r($_SESSION);
and yeah, if you are using PHP framework that (most probably) calls session_start() internally, make sure you require_once the class file beforehand (use hooks or whatever mechanisms that the framework provides).
I solved the problem using json_encode and json_decode function.
This is where I wanted to assign the value to session.
$user_json = json_encode($user);
$_SESSION['user'] = $user_json;
This is where I show the user after decoding the json
session_start();
$user_json= $_SESSION['user'];
$user = json_decode($user_json);
This solves my problem but I am not sure about performance or security. I haven't checked them.
Lukman's answer is correct. But you already mention that in your question, so apparently you can't instantiate the class before the session starts, for some reason.
You may want to check if sessions start automatically in the php config:
http://www.php.net/manual/en/session.configuration.php#ini.session.auto-start
If they are and yu cant help that, you may want to check if you can have your classes autoloaded prior to that:
http://php.net/manual/en/language.oop5.autoload.php
If all else fails, you can still serialize the objects before you store them in a session, and unserialize them each them you retrieve them:
http://php.net/manual/en/function.serialize.php
I dont see in your code where you store your variables, but it would be something like
$mystuff = unserialize($_SESSION["mystuff"]);
$mystuff->dostuff();
$_SESSION["mystuff"] = serialize($mystuff);
Be sure to load the class definition before you unserialize your variables
$2c,
*-pike
I just dealt with something like this. Took me hours to finally find how my order was screwed.
I had a file being called asynchronously.
myFile.php
that file contained the following..
$result = include ("myOtherFile.php");
return $result;
Myotherfile.php has something like this
require_once "lib/myClassLibs.php";
require_once "webconfig.php";
the webconfig.php had the session_start() call in it.
The lib/myClassLibs has all the class info init. If you check before the webconfig call, you can see that the class is available.
If you check before the webconfig call, you will also see that the session has started already. If you check before the lib/myClassLibs.php, you will see the session is already started.
Checking in myFile.php before you include MyOtherFile.php, you find the session has not started.
This represented legacy code that has worked for the last 8 years without me fiddling with it. I pulled the includes out of the "MyOtherFile.php". Now my sessions are synching properly.
I solved this problem by including the __autoload function at the top of my php file. So it looks like this:
<?php
require_once("path/to/include.inc");
//Needed for serialization/deserialization
function __autoload($class_name) {
include "path/to/". $class_name . '.php';
}
In PHP 5, this function isn't be needed but I was stuck until I used this function. Hope this helps someone else!
I know this is a really old question but I ran into this problem. After more research and experimenting I came up with a what I think is an acceptable alternative to storing classes in the session. It might be a bit hackish, but works for my current project.
NOTE: this work-around works for me because I start a session when a user logs in and don't want to include every possible class the user might, or might not encounter during the session. Including all the classes doesn't seem practical or efficient (but maybe this isn't any better ???).
First, my base class contains the following code that populates the object attributes from a given array, automatically.
class BaseClass {
public function __construct($properties=[]){
if (!empty($properties)) {
array_walk($properties, function ($val, $key) {
$this->fromArray($key, $val);
});
}
}
public function fromArray($property, $value){
return (property_exists($this, $property)) ? $this->$property = $value : null;
}
public function toArray(){
return get_object_vars($this);
}
}
The Work-Around:
I use the toArray() method to convert a class instance to an array before it goes into the session, then create a new instance of the class when fetching it from the session.
$_SESSION['user'] = $userInstance->toArray();
// ... do stuff ...
$userInstance = new User($_SESSION['user']);
This is also really handy for writing classes to a database and converting to JSON. Both of which are made easier when working with a PHP array.
Like I said above, this may or may not be the most efficient way to handle this problem. It also raises the question, "should I be using PHP classes if I'm just going to convert to arrays?"
I run into the same problem and the solution was inspired by #bobince answer
To be able to do it you have to have defined the class in question before calling
session_start
First, my session was set like this:
$_SESSION["customer"] = $customerObj;
Then before calling the session_start(), I have to load or defined the class first by importing it and then call session_start() right after
require 'entity/Customer.php';
ob_start();
session_start();
$customer = new Customer();
if (isset($_SESSION["customer"]))
{
$customer = $_SESSION["customer"];
echo $customer->getCustomerName();
}
My mistake was sending the user to a PHP page without including the class in that page, only in the original page.
Looked something like this:
index.php
include __DIR__.'AirInfo.php';
session_start();
$plan = new Plan();
header('Location: session.php');
session.php
// Should have put include __DIR__.'AirInfo.php' here
session_start();
My mistake here was that I had set the session.auto_start setting to on. The session would then be initialized before any line of code (including the autoloader) will be called.
I have the same problem with Google Photo API When Try to Authenticate my app and Access Photo API.
Solve it by just use session_start() after include and all use statements.
Here my complete code:
include "./vendor/autoload.php";
use Google\Auth\Credentials\UserRefreshCredentials;
use Google\Photos\Library\V1\PhotosLibraryClient;
use Google\Photos\Library\V1\PhotosLibraryResourceFactory;
use Google\Auth\OAuth2;
session_start();
//rest of code comes here
Short version of #bobince's excellent answer, if you're using an MVC framework and a classmap or psr-4 autoloading etc...
[front controller]
//Do this before session start because session has an object that will not work
// if the class has not been loaded already
require_once('vendor/autoload.php');
//Start a session after your autoload
session_start();
You might just be calling,
session_start();
session_start();
twice in your code. Call it once. Check required php classes for repeats. This was the fix for me.