PHP - Is This The Correct Way To Set A Session?

I am having trouble resolving an error.

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2

 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this:

                echo "<script>document.location.href='admin.php'</script>";
      echo "<script>'Content-type: application/octet-stream'</script>";

I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php.

Code: [Select]
<?php
  session_start();
  if(isset($_SESSION['user']))

                echo "<script>document.location.href='admin.php'</script>";
echo "<script>'Content-type: application/octet-stream'</script>";
?>

<div id="loginform">

<form action="dologin.php" method="post">
<table>
<tr>
<td><span>Username:</span></td>
<td><input type="text" name="username" /></td>
</tr>
<tr>
<td><span>Password:</span></td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td>
</tr>
</table>
</form>

</div>
I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this.

Any advice is greatly appreciated!

I'm making a simple login system with MySQL and PHP (very simple, I'm just starting with PHP). The MySQL portion is done, but I need to ensure only people who are logged in can see certain content.

To check if people are logged in, my website checks that they have the $_SESSION['user'] variable set. If it is set, then it lets them continue through the website, if not, it tells them to login. Is that enough security, or can people simply inject a session cookie into their browser to spoof that they are logged in?

My idea was to generate a session key cookie when they login (just a random string of letters and numbers) and store that in the database, then on every page, check to make sure their session key is the same thing that's in the database. Is this necessary? It seems expensive.

hi everyone.

i'm wondering what the best way is to create a session variable and pass it to an iframe.
i need to do something along these lines, but it doesn't seem to pass the ID. Any hints on how i should accomplish this?

Code: [Select]
session_start();
  $_SESSION['ID']=$_GET['ID']; // id from previous page
$ID=session_id();

 <iframe src="iframepage.php?ID=<?php echo $ID; ?>" style="width:680px; height:200px;" noresize="noresize" frameborder="0" border="0" scrolling="Yes" allowtransparency="true" /> </iframe>

Evening!

I've been iffing and ahhing over this and well im not too sure, hence the post.

Code: [Select]
// Redirects if there is no session id selected and echos the error on the previous page
if(!isset($_GET['get']) || ($_GET['getget'])){
header("Location: #.php?error");
}
So it should simply check if get is set if it isnt then see if getget is set?

If not redirect and show the error.

Now ive tried it and even when get/getget is set it still redirects, probably something silly. Care to share anyone?

Harry.

Just curious how other people feel about this.  I am working on an application where a lot of info is pulled from MySQL and needed on multiple pages.     Would it make more sense to...   1.  Pull all data ONCE and store it in SESSION variables to use on other pages    2.  Pull the data from the database on each new page that needs it   I assume the preferred method is #1, but maybe there is some downside to using SESSION variables "too much"?   Side question that's kind of related:  As far as URLs, is it preferable to have data stored in them (i.e. domain.com/somepage.php?somedata=something&otherdata=thisdata) or use SESSION variables to store that data so the URLs can stay general/clean (i.e. domain.com/somepage.php)?   Both are probably loaded questions but any possible insight would be appreciated.   Thanks! Greg
Edited by galvin, 04 November 2014 - 10:30 AM.

hi i would like to know why this doesnt work .the problem is that it doesnt give me multiple  tr-s like td-s.it only works for one tr and multiple td-s. help apreciated

  <html><head>
</head>
<body>
<?php


function myt($border,$column,$row,$words){
$table="<table border='".$border."'>";
if($column==1){
$table.='<tr>';
for($i=1;$i<=$row;$i++){
$table.="<td>".$words."</td>";




};//end of for
$table.='</tr>';
}//end of if
else{
for($i=1;$i<=$column;$i++){
$table.="<tr border='".$border."'>";
for($i=1;$i<=$row;$i++){
$table.='<td>'.$words.'</td>';
}
$table.='</tr>';
};//end of column for
};//end of else
$table.="</table>";


return $table;


};//end of function
//echo myt (1,1,10,'word'); WORKS!!!
echo myt(1,2,4,'lalalala');




?>
</body>
</html>

Edited by Maq, 16 May 2014 - 02:18 PM.

Hi,

Is this the correct way to go by setting cookies for my login 'remember' functionality?, I've posted the relevant login and logout code.

Login:

<?php
session_start();

//some code...

if (isset($_POST['remember'])) {

$expire = time() + 1728000; // Expire in 20 days

$site_domain = 'phpfreaks.com'; //example

$_SESSION['username'] = $_POST['username']; //don't worry this has been validated :D

$username = $_SESSION['username'];

//some sql query to fetch code..

$code = $row['code'];

setcookie('username', $username, $expire, NULL,  ".$site_domain", NULL, TRUE);

setcookie('code', $code, $expire, NULL, ".$site_domain", NULL, TRUE);

}
?>


Logout:

<?php
session_start();

if (isset($_COOKIE['username'])) {

$expire = time() - 1728000; // Expire in 20 days

$site_domain = 'phpfreaks.com'; //example

$username = $_SESSION['username'];

//some sql query to fetch code..

$code = $row['code'];

setcookie('username', $username, $expire, NULL, ".$site_domain", NULL, TRUE);

setcookie('code', $code, $expire, NULL, ".$site_domain", NULL, TRUE);

}

unset($_SESSION['username']);

$_SESSION = array();

session_destroy();
?>


Please tell me if it looks good to go and/or any improvements.

PS:

I want it accessible on all areas of the domain (including subdomains and paths etc.), and HTTP ONLY (so js can't access it) - I believe I've set the right parems?

What is the correct way to use the backslash here?  I am using an ftp script and retrieving the brand directory name through url.  I want to catch it if they try to use \ in the url to list all directories.

Code: [Select]
elseif($_GET[f]=="\")
{
echo "You have entered an invalid vendor.";

$_SESSION['brand_path'] = "INVALID";
}

I have a foreach() that I want to run and I want to check before I test it out if this is even possible or how I would do this correctly if it isn't. I have 3 arrays that all pull data from a database earlier in the script. These three all "match" so that they all belong to the same product, but they are from different queries. I want a foreach() to extract data from all 3 of them and insert that into a database until the arrays run out of data.


foreach (($titles_list as $title) && ($prices_list as $price) && ($services_list as $service_id)) {
mysql_query("INSERT INTO product_invoices (name, invoice_id, price, quantity, date_time, service_id) VALUES('$title', '$invoice_id', '$price', '$today_slashes', '$service_id')") or die(mysql_error());
}


Hopefully you see where I'm going with this.

Hi,

Im pretty much self taught when it comes to php, never read any books just picked things up as i go, and im looking for some advice on how i build my pages as i believe im not approaching it correctly.

Basically i build an index.php, this contains my header, footer, and any menus i may have, then for my content pages, in this case products, contact, about us i use use an include so these content pages just have content.

Now by doing this my address bar looks like this index.php?location=contact.php

for the sake of google and search results and so on, am i limiting my ability to be found by not using a differant file for each page? should i include a header, footer, menu etc within my content pages rather than the other way around?

Thanks in advance for any advice.

Hi,   I have upgraded my server from PHP 5.3.3 to version 5.5 and I'm now having a few problems with some code.   This line gives a fatal error of:   Call to undefined function session_is_registered()  

if (session_is_registered("isAuthenticated") && ($_SESSION ['isAuthenticated'] = "loggedIn")) 

  It appears this is depreciated?  How can I solve this?    

$qID = '';
$question = 'Question not set';
$answerA = 'unchecked';
$answerB = 'unchecked';
$answerC = 'unchecked';
$answerD = 'unchecked';
$answerE = 'unchecked';



?>

<html>
<head>
<script type="text/javascript">
function show_alert()
{
alert("Please Click OK to proceed!");
                 
}
</script>
</head>
<form action="Process1.php" method="POST">
<table>
<tr>
<td>
<?php

$SQL = "SELECT stu_satisfaction_tblquestions.question_id, stu_satisfaction_tblquestions.question, answer_type.answer1, answer_type.answer2, answer_type.answer3, answer_type.answer4, answer_type.answer5 FROM stu_satisfaction_tblquestions INNER JOIN answer_type ON stu_satisfaction_tblquestions.answers_id=answer_type.answers_id
";
$result = mysql_query($SQL);
while($db_field = mysql_fetch_assoc($result)){

   $qID = $db_field['question_id'];
   $question = $db_field['question'];
   $A = $db_field['answer1'];
   $B = $db_field['answer2'];
   $C = $db_field['answer3'];
   $D = $db_field['answer4'];
   $E = $db_field['answer5'];
   print $question;
?>
</td>
</tr>
<tr>
<td>
<INPUT TYPE = 'Radio' Name ='q'  value= 'A' <?PHP echo $answerA; ?>><?PHP echo $A; ?>
<INPUT TYPE = "Hidden" Name = "h"  VALUE = <?PHP print $qID; ?>>
<?php echo $qID;?>
</td>
</tr>
<tr>
<td>
<INPUT TYPE = 'Radio' Name ='q'  value= 'B' <?PHP echo $answerB; ?>><?PHP echo $B; ?>
<?php echo $qID;?>
</tr>
</td>
<tr>
<td>
<INPUT TYPE = 'Radio' Name ='q'  value= 'C' <?PHP echo $answerC; ?>><?PHP echo $C; ?>
</tr>
</td>
<tr>
<td>
<INPUT TYPE = 'Radio' Name ='q'  value= 'D' <?PHP echo $answerD; ?>><?PHP echo $D; ?>
</tr>
</td>
<tr>
<td>
<INPUT TYPE = 'Radio' Name ='q'  value= 'E' <?PHP echo $answerE; ?>><?PHP echo $E; ?>
<br>
<?php }  mysql_close(); ?>
</tr>
</td>
<tr>
<td>


Please add any comments you may have:</br>
 <textarea rows="3" cols="60" name="comments" id="comments">
 </textarea>

</td>
</tr>


</table>

<input type="submit" onclick="show_alert()" value="Submit" />
</form>

</html>

I ran to some problems here. After filling every question up with the answers. When i process the form, i only managed to get QID of 20 and the answer of 1st question as my database have only 20questions. How do i go about in solving, so that i'm able to retrieve all result and update my database correctly

      $selected_radio = $_POST['q'];
      
      
      $qID = $_POST['h'];

      echo $selected_radio;
      
      echo $qID;
         
         $SQL = "UPDATE answers SET $selected_radio = $selected_radio + 1 WHERE question_id='$qID'";
         $result = mysql_query($SQL);
         mysql_close();
         print "Thanks for voting!";


?>
THis is my process page, and i echo out the answer to be B and qid as 20.

Hello all,
I'm trying to write a joomla page that will import LinkShare banners into the banner component.  The problem I'm having is that LinkShare doesn't seem to always have the correct image size listed.  If I use their dimensions, the images come out skewed and bad looking.
So I'm trying to use getimagesize, to get the real dimensions, and it's still not working.

Please take a look, and let me know if you have any suggestions.
Code: [Select]
<?php
define('_JEXEC', 1);
define('JPATH_BASE', dirname(__FILE__));
define('DS', DIRECTORY_SEPARATOR);
require_once(JPATH_BASE . DS . 'includes' . DS . 'defines.php');
require_once(JPATH_BASE . DS . 'includes' . DS . 'framework.php');
$mainframe =& JFactory::getApplication('site');
$user =& JFactory::getUser();
If (($user->gid) === '25') {
    $token      = "mylinksharetoken"; // required
    $status     = "approved"; //application status name
    $mid        = $_POST['mid'];
    $cat        = $_POST['cat'];
    $size       = $_POST['size']; //optional, use -1 as the default value.
    $campaignID = "-1"; //optional, use -1 as the default value
    $page       = "1"; //optional, use 1 as a default value
    $startdate  = ""; //formatted MMDDYYYY - optional, use an empty set as the default value (//).
    $enddate    = ""; //formatted MMDDYYYY - optional, use an empty set as the default value (//).
    
    if (isset($_POST['submit'])) {
        $feed     = simplexml_load_file("http://lld2.linksynergy.com/services/restLinks/getBannerLinks/{$token}/{$mid}/{$cat}/{$startdate}/{$enddate}/{$size}/{campaignID}/{$page}");
        $children = $feed->children('http://endpoint.linkservice.linkshare.com/');
        $entries  = $children->return;
        
        foreach ($entries as $entry) {
            $sourcecode=GetImageFromUrl($details->imgURL);
            $name=md5(mt_rand());
            $path = '/home/mysite/tmp/imgtmp/';
            $savefile = fopen($path.$name, 'w');
            fwrite($savefile, $sourcecode);
            list($realwidth, $realheight) = getimagesize($path.$name);
            $details = $entry->children('http://endpoint.linkservice.linkshare.com/');
            $image = "<a href=\"{$details->clickURL}\" target=\"_NEW\">";
            $image .= "<img src=\"{$details->imgURL}\" border=\"'0\" height=\"{$realheight}\" width=\"{$realwidth}\" title=\"{$details->name}\" alt=\"{$details->name}\" />";
            $image .= "</a><img border=\"0\" height=\"1\" width=\"1\" src=\"{$details->showURL}\" />";
echo $image . "<br>\n";
            fclose($savefile);
@unlink($path.$name);
        }
        
    }
?>
<form name="form1" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post">
Categories<select name="cat">
<option value="-1">All Categories</option>
<option value="17">Business & Career</option>
<option value="150">B-to-B</option>
<option value="151">Employment</option>
<option value="152">Real Estate</option>
<option value="18">Department Store</option>
<option value="153">Clothing</option>
<option value="154">Gifts</option>
<option value="155">Home</option>
<option value="247">Jewelry</option>
<option value="19">Family</option>
<option value="156">Baby</option>
<option value="157">Education</option>
<option value="158">Entertainment</option>
<option value="159">Pets</option>
<option value="21">Telecommunications</option>
<option value="211">Equipment</option>
<option value="212">Long Distance</option>
<option value="213">Wireless</option>
<option value="1">Hobbies & Collectibles</option>
<option value="101">Art</option>
<option value="102">Auctions</option>
<option value="103">Collectibles</option>
<option value="2">Auto</option>
<option value="104">Accessories</option>
<option value="105">Cars</option>
<option value="106">Rentals</option>
<option value="3">Clothing & Accessories</option>
<option value="207">Children</option>
<option value="107">Accessories</option>
<option value="108">Men</option>
<option value="109">Women</option>
<option value="246">Jewelry</option>
<option value="4">Computer & Electronics</option>
<option value="110">Hardware</option>
<option value="111">Consumer</option>
<option value="112">Software</option>
<option value="5">Entertainment</option>
<option value="113">Books/Magazines</option>
<option value="114">Music</option>
<option value="115">Videos</option>
<option value="6">Financial Services</option>
<option value="116">Banking/Trading</option>
<option value="117">Credit Cards</option>
<option value="118">Loans</option>
<option value="7">Food & Drink</option>
<option value="218">Candy</option>
<option value="119">Cigars</option>
<option value="120">Gourmet</option>
<option value="121">Wine</option>
<option value="8">Games & Toys</option>
<option value="122">Children</option>
<option value="123">Educational</option>
<option value="124">Electronic</option>
<option value="9">Gift & Flowers</option>
<option value="125">Gifts</option>
<option value="126">Flowers</option>
<option value="127">Greeting Cards</option>
<option value="10">Health & Beauty</option>
<option value="229">Prescription</option>
<option value="128">Bath/Body</option>
<option value="129">Cosmetics</option>
<option value="130">Vitamins</option>
<option value="11248">Medical Supplies & Services</option>
<option value="11">Home & Living</option>
<option value="232">Improvement</option>
<option value="131">Bed/Bath</option>
<option value="132">Garden</option>
<option value="133">Kitchen</option>
<option value="12">Mature/Adult</option>
<option value="134">Apparel</option>
<option value="135">Books</option>
<option value="136">Entertainment</option>
<option value="13">Office</option>
<option value="137">Equipment</option>
<option value="138">Home Office</option>
<option value="139">Supplies</option>
<option value="14">Sports & Fitness</option>
<option value="140">Clothing</option>
<option value="141">Collectibles</option>
<option value="142">Equipment</option>
<option value="15">Travel</option>
<option value="245">Vacations</option>
<option value="143">Airline</option>
<option value="144">Car</option>
<option value="145">Hotel</option>
<option value="16">Internet & Online</option>
<option value="149">Programs</option>
<option value="146">Services</option>
<option value="147">Development</option>
<option value="148">Hosting</option>
<option value="16249">Online Dating</option>
<option value="20">Miscellaneous</option>
<option value="210">Other, Other Products/Services</option>
</select>
<?php
    $merchantlist = simplexml_load_file("http://lld2.linksynergy.com/services/restLinks/getMerchByAppStatus/{$token}/{$status}");
    $children2    = $merchantlist->children('http://endpoint.linkservice.linkshare.com/');
    $entries2     = $children2->return;
    echo "Manufacturers: <select name=\"mid\">\n";
    echo "<option selected value=\"-1\">All Manufacturers</option>\n";
    foreach ($entries2 as $entry2) {
        $details2 = $entry2->children('http://endpoint.linkservice.linkshare.com/');
        echo "<option value=\"{$details2->mid}\">{$details2->name}</option>\n";
    }
    echo "</select>";
?>Size:
<select name="size">
<option selected value="-1">Any Size</option>
<option value="1">468x60 - Full Banner
<option value="2">392x72 - Mid Banner</option>
<option value="9">160x600 - Wd Skyscrp</option>
<option value="10">120x600 - Skyscraper</option>
<option value="11">180x150 - Rectangle</option>
<option value="12">336x280 - Large Rect</option>
<option value="3">234x60 - Half Banner</option>
<option value="13">300x250 - Med Rect</option>
<option value="14">250x250 - Sq Pop-up</option>
<option value="15">240x400 - Vert Rect</option>
<option value="4">125x125 - Sq Button</option>
<option value="5">120x90 - Button 1</option>
<option value="6">120x60 - Button 2</option>
<option value="7">88x31 - Micro Bar</option>
<option value="8">120x240 - Vert Banner</option>
<option value="0">0x0 - Other</option>
<option value="16">728x90 - Leader-board</option>
<option value="17">720x300 - Pop-Under</option>
<option value="18">550x480 - Pop-Up Large</option>
<option value="19">300x600 - Half Page Ad</option>
<option value="20">305x64 - X-Large</option>
<option value="21">215x64 - Large</option>
<option value="22">167x30 - Medium</option>
<option value="23">112x20 - Small</option>
</select>
<input name="submit" type="submit" value="submit" />
</form>
<?php
} else {
    echo "not logged in";
die();
}
 function GetImageFromUrl($link)
{
$ch = curl_init(); 
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch,CURLOPT_URL,$link);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_BINARYTRANSFER,1);
curl_setopt($ch, CURLOPT_HEADER, 0);
$result=curl_exec($ch);
curl_close($ch);
return $result;
}
?>

Hi, just a quick question. Should functions really be used for tasks such as in my example below? I’m attempting to use some for smaller tasks to improve readability and reduce code repetition. Or should they be used for larger tasks?   functions.php

function accessDenied(){

$_SESSION[‘error’] = "You cannot view that page, you wally";
header(‘location: error.php’);
exit;

}

page.php

if(!$loggedin){ accessDenied(); }

Edited by paddy_fields, 12 August 2014 - 08:44 AM.

$ error = trim( strip_tags($_GET['error']) );
VS
$strip_error = strip_tags($_GET['error']) ;
$trim_error = trim($strip_error);

Which method is correct way? Also  I am first striping and trimming is it wright way.   could you please advice me.   Thank you
Edited by thilakan, 16 October 2014 - 05:50 AM.