I have implemented a comment section in my site. After pressing the submit button the following process is followed through ajax aproach.
- The comment is saved in the database.
- Updates the comment log (still uses the DB) which keeps a record of the details of the comment. (Ex. "John Doe has commented on someone's post.")
- Reloads the comment section. The new comment can now be seen.
- Done.
The problem occurs at no.2 see the pseudocode below.
session_start();
//1. saves the comment in the database.
//2. this gets the current user who submitted the comment
// hence I used the $_SESSION variable
$log .= "$_SESSION['firstname'] $_SESSION['lastname'] "
. 'has commented on someone\'s wishlist.';
updateLog($log); // commits the log in the database.
Sometimes, the result goes:
John Doe has commented on someone's wishlist.
Other times the $_SESSION is empty and would result to:
has commented on someone's wishlist.
I don't know where the problem lies. But is it a good idea to pass the session details in the Ajax call instead? Like so (pseudocode):
$.ajax({
url: 'includes/request.php',
type: "POST",
data: {
firstname : $_SESSION['firstname'],
lastname : $_SESSION['lastname'],
//more details here.
success: function(result) {
// update the inner html of comment section
}
});
I have doubts on the solution above because it may not be the BEST PRACTICE in the market since $_SESSION variable is available everywhere in the php page. Speaking of, what is the best practice in this scenario anyway?
Lastly my domain name is masked by the network admin (illustration below):
from: comments.com
to: coolnamebynetad.com
Could the masking be the culprit? I guess not because $_SESSION variable worked some times and for some random reason it doesn't.
