Home/ Questions/Q 532349
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T09:23:43+00:00

Is this bad practice/can cause problems? $_SESSION[‘stuff to keep’] As opposed to calling str_replace()

  • 0

Is this bad practice/can cause problems?

$_SESSION['stuff to keep']

As opposed to calling str_replace() on the indices.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This is bad practice, but not because of the space. 

    // file foo.php
$_SESSION['stuff to keep'] = 42;

// file bar.php
if ($_SESSION['stufft o keep'] == 42) frobnicate();

    Here, your code is silently misbehaving, and the bug can take a while to be found. Good practice is to use a PHP-enforced name, such as a class constant: 

    $_SESSION[Stuff::TO_KEEP] = 42;

if($_SESSION[Stuff::TOO_KEEP] == 42) 
// error: no constant TOO_KEEP in class Stuff

    You may then define that constant to any constant you find interesting or readable, such as "stuff to keep" (with spaces). Of course, extract() and casting to object won’t work anymore, but you shouldn’t be doing that anyway with your session.

    Allowing user-entered text into session keys is, of course, a blatant security fault.

    • 0