PHP - Displaying All Sessions

I have a simple php script that starts sessions. On every page, I include :

if(isset($_SESSION['sessionname'])){
//The rest of the page
}
else
{
die("Not logged in");

}
I always include the session start and always regenerate the session id after <?php. The code works fine withevery browser except for a certain version of Internet Explorer 8. Even though the browser does enable cookies, it doesn`t seem to allow the ones in my script. In fact, every time I change page, it ives the error message "Not logged in". I have tried it on two different compters with the exact same version of IE and the result was the same.

Thank you for your time!

Kind of a n00b here.

on my main table (users) i named a column as "id", set it to auto-increment and as the primary key and created it like this:

CREATE TABLE `users` (
`id` int(20) NOT NULL auto_increment,
`full_name` varchar(200) collate latin1_general_ci NOT NULL default '',
`user_name` varchar(200) collate latin1_general_ci NOT NULL default '',
`user_pwd` varchar(200) collate latin1_general_ci NOT NULL default '',
`user_email` varchar(200) collate latin1_general_ci NOT NULL default '',
`activation_code` int(10) NOT NULL default '0',
`joined` date NOT NULL default '0000-00-00',
`country` varchar(100) collate latin1_general_ci NOT NULL default '',
`user_activated` int(1) NOT NULL default '0',
PRIMARY KEY (`id`)
)

On the second table i created it like this:

CREATE TABLE about_me
(
about_id int NOT NULL,
nick_name varchar(255),
descript varchar(255),
aim varchar(255),
cell varchar(255),
school varchar(255),
music varchar(255),
aspire varchar(255),
City varchar(255),
id int,
PRIMARY KEY (about_id),
FOREIGN KEY (id) REFERENCES users(id)
)

I believe i imported the key correctly into my new table (about_me).

Well I expected the id column to cascade down into this new table automatically which it didn't. RIght now if you log into my site and use the about me form, it posts to the new table "about_me" but it doesn't identify the user on the table with the primary key assigned to him from the first table (users). How do I use PHP sessions to identify the user by his/her id from the primary key in the table.

I attached the whole site. The php for the log in is a prefab and I'm attempting to do the about me part on my own, I'm having alot of trouble with the whole sessions thing.

I'm not really sure if I'm doing this correctly. so yeah any point in the right direction would be awesome!
-Mike

I got a log-in form with database, it only logs if such username and password exists. I was told that if i wanna make a log-out button once logged-in, i need to add sessions to my code and idk how..

this is my code that checks if username/password exists, and if so it lets u log in, if not it displays a msg:

if(isset($_POST['loginsubmit'])){
if($username !="" && $password !="") {


///////////////////////////////Check for username/pass in database////////////////////////////
$nameexists = false;
$passexists = false;
$result = pg_query("SELECT name FROM duom WHERE name='".$username."'");
while ($row = pg_fetch_array($result)) {
if($row['name'] != ""){
$nameexists = true;
}
} if($nameexists) {
$result = pg_query("SELECT pass FROM duom WHERE name='".$username."'");
while ($row = pg_fetch_array($result)) {
if($row['pass'] == $password){
$passexists = true;
echo "Prisijungimas pavyko, jusu vartotojo vardas - ".$username."";
include"loggedinform.php";
} else {
echo "Slaptazodis netinka!";
}
/////////////////Starts session if password is correct////////////////////////////////////////////
if ($passexists){
//Here i want it to start the session if password is correct
}
//////////////////////////////////////////////////////////////////////////////////////////////////////////
} 
} else {
echo "Tokio vartotojo nera!";
}
//////////////////////////////////////////////////////////////////////////////////////////////////////////


} else {
echo "Uzpildykite visus duomenys!";
}
}


Cant i just make smth like this?

if ($passexists){
session_start();
}

Hello,
Is there a problem in destroying a session and then starting it in the same file, for example:


session_name();
session_start();

session_destroy();



And lastly, if I create a variable $_SESSION['user'] under a session called 'one' i.e. session_name("one") and then create another variable $_SESSION['user'] under a session called 'two' i.e. session_name("two").
Are these two variables the same?

I am trying to create a blog and visitor log, where I should be able to log in as admin and add the item and see the visitor log.
I want a password protected administration section and I want to use sessions on the administration section.

When I for example click on add post, I want it to log in and go to page addpost.php where I can enter my text.

This is what I've done so far. I would like to know what I have done wrong and how I should do to accomplish what I have mentioned above.




<?php
session_start(); 
if(isset($_POST['btnLogin']) || isset($_POST['addpost'])){
$txtUserId = $_REQUEST['txtUserId'];

$txtPassword = $_REQUEST['txtPassword'];

if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {

if ($_POST['txtUserId'] === 'admin' && $_POST['txtPassword'] === 'abc123') {

//$_SESSION['basic_is_logged_in'] = true;

echo "you are logged in";

}

elseif (empty($txtUserId) || empty($txtPassword))

{
echo "fill in username and password";
}  
elseif ($_POST['txtUserId'] != 'admin'){

echo "wrong username";

}

elseif ($_POST['txtPassword'] != 'abc123'){
echo "wrong password";

}
}
}
?>
<?php
//if (!isset($_SESSION['basic_is_logged_in']) 
//   || $_SESSION['basic_is_logged_in'] !== true) 
  
?>


<html>
<head>
<title>Main User Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>

<form method="post" name="frmLogin" id="frmLogin" action="main.php">
<table width="400" border="1" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="150">User Id</td>
<td><input name="txtUserId" type="text" id="txtUserId"></td>
</tr>
<tr>
<td width="150">Password</td>
<td><input name="txtPassword" type="password" id="txtPassword"></td>
</tr>
<tr>
<td><input type="submit" name="btnLogin" value="Login"></td>
</tr>
<tr>
<td><input type="submit" name="addpost" value="add post" /></td>
</tr>
<tr>
<td><input type="submit" name="showstat" value="Show visitors log" /></td>
</tr>
<tr>
<td><input type="submit" name="blogg" value="To blog (logout)" /></td>
</tr>

</table>
</form>


</body>
</html>

hey on my page a list of people get listed by a category u choose

if u choose a category and click ok, u are sent to the same page,
and i get the category with POST

      if(isset ($_POST['type']))
   {
   $gameholder = $_POST['game'];
   $typeholder = $_POST['type'];
   }

this works ...
the list of people is 30 members / page
when u click on page 2, the post doesnt work anymore, and i get errors, logic ...

now i want to get around this with making a session emediatly when the vars get out of POST

      if(isset ($_POST['type']))
   {
   $gameholder = $_POST['game'];
   $typeholder = $_POST['type'];
   $_session['gameholder'] = $gameholder;
   $_session['typeholder'] = $typeholder;
   print $_session['gameholder'];
   }

this also works
now i want when people click on page 2, the needed vars will come out of the Sessions, and not out of POST
so i did this

   if(!isset ($_POST['type']))
   {
   $gameholder = $_session['gameholder'];
   $typeholder = $_session['typeholder'];

   }
but this is not working
theres nothing in $gameholder

also when i move the print session out of the if, it should show when someone clicks page 2
but its not ...

any suggestions on this?

thanks!

Hi

Something strange is happening and I can't understand it.

A user can access an availability page of accommodation and book ita room, this works fine, and goes from availability to the booking form and back quite well, carrying the room  id of the accommdation and room/s selected in a session.

If they close the browser down and open the availability page again all the rooms are there as before, but when they select a room and go to the booking form the session of the room  id  and the rooms selected are empty.

If I do a session destroy and open the browser up again everything works fine again.

I have tried this in Chrome and Firefox and it seems to work fine

Any help would be appreciated

Hi all,

What is the best practice when using Sessions for guest users?

So I am trying to set my session length, but it doesn't seem to be working.

session_set_cookie_params("84600");

session_start();

hey i think i may have stored session variables incorrectly
Code: [Select]
$_SESSION['tel'] = $_GET['Lat'];
$_SESSION['Lon'] = $_GET['Lon'];
$_SESSION['Lat'] = $_GET['Lat'];
is what i used to set the session variables with the data i then enter these into a table and they enter the correct information but two pages down the line i try to access them however i just get undefined variable when i set the variable is equal to the session.
Code: [Select]
$MyLon = $_SESSION['Lon'];
$MyLat = $_SESSION['Lat'];

the following is the errorr Quote

Notice: Undefined index: Lat in

Hi,

I have an admin area to update users detials etc..

I want this area to be secure so only admins can access it, Currently anyone and everyone can access the page.

Code: [Select]
<?PHP
session_start();
/* really need to use a session variable to insure authorized to be here */

include ('db.php');
 /*
========================================
99% of the time it is better to put your query in a string. It makes debugging much easier
========================================
*/
$query = "SELECT * FROM companies";
$result = mysql_query($query ) or die("SELECT Error: ".mysql_error());
$num_rows = mysql_num_rows($result);

/*
========================================
I find it easier to locate problems if I indent code properly
and drop out of PHP if there are large sections of html
========================================
*/
?>
<br><br><br>There are <?PHP echo $num_rows; ?> removalspace users so far.<P>
<table width="819" height="114">
<tr>
<th>Company Name</th>
        <th>Contact Name</th>
        <th>Contact Number</th>
        <th>Email</th>
        <th>Address Line 1</th>
        <th>Address Line 2</th>
      <th>Location</th>
<th>Postcode</th>
<th>Basic Members</th>
<th>Upgraded Users</th>
<th>Company Logo</th>
        <th>Approved</th>
       
  </tr>
<tr>
<td colspan="6"></td>
</tr>
<?PHP
while ( $row = mysql_fetch_array($result, MYSQL_ASSOC )) {
?>
<tr>
<td><?PHP echo $row['company_name']; ?></td>
            <td><?PHP echo $row['contact_name']; ?></td>
            <td><?PHP echo $row['phone']; ?></td>
            <td><?PHP echo $row['email']; ?></td>
            <td><?PHP echo $row['street1']; ?></td>
            <td><?PHP echo $row['street2']; ?></td>
<td><?PHP echo $row['location']; ?></td>
<td><?PHP echo $row['postcode']; ?></td>
<td><?PHP echo $row['basicpackage_description']; ?></td>
<td><?PHP echo $row['premiumuser_description']; ?></td>
<?PHP
/*
========================================
I presume you want to show the thumb version here
========================================
*/
?>
<td><img src="images/thumbs/<?PHP echo $row['upload']; ?>" alt="logo"/></td>
</tr>

<tr>
<td colspan="10">
<table>
<tr>
<td>Current level = <?PHP echo $row['approved']; ?></td>
<td><a href="admin02.php?id=<?PHP echo $row['id']; ?>&level=1">Level 1 - Free</a></td>
<td><a href="admin02.php?id=<?PHP echo $row['id']; ?>&level=2">Level 2 - Basic</a></td>
<td><a href="admin02.php?id=<?PHP echo $row['id']; ?>&level=3">Level 3 - Premium</a></td>
<td><a href="admin02.php?id=<?PHP echo $row['id']; ?>&level=0">Level 0 - Do Not Display</a></td>
</tr>
</table>
</tr>
<?PHP
}
echo "</table>";
?></table>

i know it's something like:

<?php

session_start();

if(isset($_SESSION " but dont know how to finish it correctly? "

?>

hello

i am makeing a forum and to post a new thread it has to check if the user is logged in, so i log into my website and i go to the post new topic but it says im not logged in here is the new_topic.php and also the login.php

new_topic.php
<?php
session_start();
include_once "../scripts/connect_to_mysql.php"; // Connect to the database
// Check to see if the user is logged in with session variables
if (!isset($_SESSION['userpass']) || $_SESSION['userpass'] == "") {

echo "Please log in...";

exit();
} else {

// Assume they are a member because they have a password session variable set

// Check the database to be sure that their ID, password, and email session variables all match in the database

$u_id = mysql_real_escape_string($_SESSION['id']);

$u_name = mysql_real_escape_string($_SESSION['username']);

$u_email = mysql_real_escape_string($_SESSION['useremail']);

$u_pass = mysql_real_escape_string($_SESSION['userpass']);

$sql = mysql_query("SELECT * FROM myMembers WHERE id='$u_id' AND username='$u_name' AND email='$u_email' AND password='$u_pass'");
    $numRows = mysql_num_rows($sql);
    if ($numRows < 1) {

    echo "ERROR: You do not exist in the system.";

    exit();
    }
}

////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Check to make sure the URL variables of "sid" and "title" are set
if (!isset($_POST['forum_id']) || $_POST['forum_id'] == "" || !isset($_POST['forum_title']) || $_POST['forum_title'] == "") {

echo "Important variables are missing";

exit();
} else {

// Acquire the variables and proceed to show them a form for creating a new topic

$forum_section_id = preg_replace('#[^0-9]#i', '', $_POST['forum_id']); 

$forum_section_title = preg_replace('#[^A-Za-z 0-9]#i', '', $_POST['forum_title']); 
}
///////////////////////////////////////////////////////////////////////////////////////////////////
$sql = mysql_query("SELECT * FROM forum_sections WHERE id='$forum_section_id' AND title='$forum_section_title'");
$numRows = mysql_num_rows($sql);
if ($numRows < 1) {

    echo "ERROR: That section deos not exist.";

    exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="style/style.css" rel="stylesheet" type="text/css" />
<title>Create New Topic</title>
<script type="text/javascript" language="javascript"> 
<!--
function validateMyForm ( ) { 
    var isValid = true;
    if ( document.form1.post_title.value == "" ) { 

    alert ( "Please type in a title for this topic" ); 

    isValid = false;
    } else if ( document.form1.post_title.value.length < 10 ) { 
            alert ( "Your title must be at least 10 characters long" ); 
            isValid = false;
    } else if ( document.form1.post_body.value == "" ) { 
            alert ( "Please type in your topic body." ); 
            isValid = false;
    }
    return isValid;
}
//-->
</script>
</head>
<body>
<?php include_once("template_header.php"); ?>
<table style="background-color: #F0F0F0; border:#069 1px solid; border-top:none;" width="900" border="0" align="center" cellpadding="12" cellspacing="0">
  <tr>
    <td width="731" valign="top">
    <div id="breadcrumbs"><a href="http://www.webintersect.com">Web Intersect Home</a> &larr; <a href="http://www.webintersect.com/forum">Forum Home</a> &larr; <a href="section.php?id=<?php echo $forum_section_id; ?>"><?php echo $forum_section_title; ?></a></div>
    <h2>Creating New Topic In the  <em><?php echo $forum_section_title; ?></em> Forum</h2>
    
    <form action="parse_post.php" method="post" name="form1">
    <input name="post_type" type="hidden" value="a" />
    Topic Author:<br /><input name="topic_author" type="text" disabled="disabled" maxlength="64" style="width:96%;" value="<?php echo $u_name; ?>" />
    <br /><br />
    Please type in a title for your topic he <br /><input name="post_title" type="text" maxlength="64" style="width:96%;" /><br /><br />
    Please type in your topic body:<br /><textarea name="post_body" rows="15" style="width:96%;"></textarea>
    <br /><br /><input name="" type="submit" value="Create my topic now!" onclick="javascript:return validateMyForm();"/>
    <input name="fsID" type="hidden" value="<?php echo $forum_section_id; ?>" />
    <input name="fsTitle" type="hidden" value="<?php echo $forum_section_title; ?>" />
    <input name="uid" type="hidden" value="<?php echo $_SESSION['id']; ?>" />
    <input name="upass" type="hidden" value="<?php echo $_SESSION['userpass']; ?>" />
    </form>
    
    </td>
    <td width="189" valign="top"><div style=" width:160px; height:600px; background-color: #999; color: #CCC; padding:12px;"> <br />
      <br />
      <br />
      <h3>Ad Space or Whatever</h3>
    </div></td>
  </tr>
</table>
<?php include_once("template_footer.php"); ?>
</body>
</html>

login.php
<?php
// Start Session to enable creating the session variables below when they log in
session_start();
// Force script errors and warnings to show on page in case php.ini file is set to not display them
error_reporting(E_ALL);
ini_set('display_errors', '1');
//-----------------------------------------------------------------------------------------------------------------------------------
// Initialize some vars
$errorMsg = '';
$email = '';
$pass = '';
$remember = '';
if (isset($_POST['email'])) {

$email = $_POST['email'];

$pass = $_POST['pass'];

if (isset($_POST['remember'])) {

$remember = $_POST['remember'];

}

$email = stripslashes($email);

$pass = stripslashes($pass);

$email = strip_tags($email);

$pass = strip_tags($pass);

// error handling conditional checks go here

if ((!$email) || (!$pass)) { 

$errorMsg = 'Please fill in both fields';

} else { // Error handling is complete so process the info if no errors

include 'scripts/connect_to_mysql.php'; // Connect to the database

$email = mysql_real_escape_string($email); // After we connect, we secure the string before adding to query

    //$pass = mysql_real_escape_string($pass); // After we connect, we secure the string before adding to query

$pass = md5($pass); // Add MD5 Hash to the password variable they supplied after filtering it

// Make the SQL query
        $sql = mysql_query("SELECT * FROM myMembers WHERE email='$email' AND password='$pass' AND email_activated='1'"); 

$login_check = mysql_num_rows($sql);
        // If login check number is greater than 0 (meaning they do exist and are activated)

if($login_check > 0){ 
    

while($row = mysql_fetch_array($sql)){

// Pleae note: Adam removed all of the session_register() functions cuz they were deprecated and

// he made the scripts to where they operate universally the same on all modern PHP versions(PHP 4.0  thru 5.3+)

// Create session var for their raw id

$id = $row["id"];   

$_SESSION['id'] = $id;

// Create the idx session var

$_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$id");
                    // Create session var for their username

$username = $row["username"];

$_SESSION['username'] = $username;

mysql_query("UPDATE myMembers SET last_log_date=now() WHERE id='$id' LIMIT 1");
        

//die($username);
    

} // close while

    

// Remember Me Section
    

if($remember == "yes"){
                    $encryptedID = base64_encode("g4enm2c0c4y3dn3727553$id");
    

    setcookie("idCookie", $encryptedID, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days

        setcookie("passCookie", $pass, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days

$_SESSION['username'] = $username;
    

} 
    

// All good they are logged in, send them to homepage then exit script
    

//die($_SESSION['username']);

$_SESSION['username'] = $username;

header("location: index.php?user=$username;"); 
    

exit();

} else { // Run this code if login_check is equal to 0 meaning they do not exist

    $errorMsg = "Incorrect login data, please try again";

}


    } // Close else after error checks

} //Close if (isset ($_POST['uname'])){

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="icon" href="favicon.ico" type="image/x-icon" />
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
<link href="style/main.css" rel="stylesheet" type="text/css" />
<script src="js/jquery-1.4.2.js" type="text/javascript"></script>
<title>Log In</title>
<style type="text/css">
<!--
body {

margin-top: 0px;
}
-->
</style></head>
<body>
<table width="400" align="center" cellpadding="6" style="background-color:#FFF; border:#666 1px solid;">
  <form action="login.php" method="post" enctype="multipart/form-data" name="signinform" id="signinform">
    <tr>
      <td width="23%"><font size="+2">Log In</font></td>
      <td width="77%"><font color="#FF0000"><?php print "$errorMsg"; ?></font></td>
    </tr>
    <tr>
      <td><strong>Email:</strong></td>
      <td><input name="email" type="text" id="email" style="width:60%;" /></td>
    </tr>
    <tr>
      <td><strong>Password:</strong></td>
      <td><input name="pass" type="password" id="pass" maxlength="24" style="width:60%;"/></td>
    </tr>
  <tr>
      <td align="right">&nbsp;</td>
      <td><input name="remember" type="checkbox" id="remember" value="yes" checked="checked" />
        Remember Me</td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input name="myButton" type="submit" id="myButton" value="Sign In" /></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td>&nbsp;</td>
    </tr>
    <tr>
      <td colspan="2">Forgot your password? <a href="forgot_pass.php">Click Here</a>
  <br /></td>
    </tr>
    <tr>
      <td colspan="2">Need an Account? <a href="register.php">Click Here</a><br />        <br /></td>
    </tr>
  </form>
</table>
<br />
<br />
<br />
</body>
</html>

hi im new to php i am making shopping cart i made a session variable to add products in cart when i run it gives this warning Notice: Undefined index: cart in C:\wamp\www\cart\public\views\layouts\shop.php on line 15
Notice: Undefined index: total_items in C:\wamp\www\cart\public\views\layouts\shop.php on line 16
Notice: Undefined index: total_price in C:\wamp\www\cart\public\views\layouts\shop.php on line 17
but when i click on add to cart it add product price and quanitity kindly help me my shop.php code is
<head>
    <title> Shopping Cart</title>
   <link href="stylesheets/cool_style.css" media="screen" rel="Stylesheet" type="text/css" />
</head>
<body>
<h1> products</h1>
<div class="cart">
    <p><b> Shopping Cart</b></p>
 print_r($_SESSION['cart']);
 echo $_SESSION['total_items'];
echo number_format($_SESSION['total_price'],2);

</div>
<hr />
</body>

</html>
and my index file is where i set session variables are
include('db_fns.php');
include("cart_functions.php");
session_start();
if(isset($_SEESION['cart']))   // if change this conditon if(!isset($_SEESION['cart'])) it gives not warning but does not //add products to the cart it does not do anything
{
   
    $_SESSION['cart']=array();
    $_SESSION['total_items']=0;
    $_SESSION['total_price']=0.00;

}

$view=empty($_GET['view'])?'index':$_GET['view'];

$controller='shop';

switch ($view){
   case "index";

$products = find_product();

   break;

   case "add_to_cart";
   
    $id=$_GET['id'];
    $add_item=add_to_cart($id);
    $_SESSION['total_items']=total_items($_SESSION['cart']);
     $_SESSION['total_price']=total_price($_SESSION['cart']);

 header('Location: index.php');
  

break;


   case "update_cart";



break;


   case "checkout";


       break;
}

  if change this conditon  if(!isset($_SEESION['cart'])) it gives not warning  file run correctly with no warning but does not add products to the cart and does not do anything
kindly help me please

So I'm trying to understand Sessions and how to store a variable within a session. What I want to t do, is start a session, check if variable is set, if not, set the variable. So with the code below, I start the session, i check the variable, if not set, i set it. But when i refrsh the page, it has the same session id but it didn't store the session variable from the previous load. Please, what am I missing?

Code: [Select]
<?php

session_start();
echo "Session ID: ".session_id()."<br>";

echo "<br>chktrack P  ".$_session['chktrack']."";

if ($_session['chktrack'] != 1){

$_session['chktrack']=1;

}

echo "<br>chktrack Post: ".$_session['chktrack']."";

echo "<br><a href='index.php'>Index</a>";

?>


Thanks in advance for your help.

Hello everyone,

By default when someone comes to my site, it is the unencrypted web page (http://www.mydomain.com).  I recently purchased a ssl certificate so when a user logs in, their password is encrypted (Posted to https://mydomain.com).  Once the form is posted, the session is set and the header("Location: http://www.mydomain.com"); function is executed to bring them back to the unencrypted version of the site.  However, now when a user tries to login, my site seems to drop the session when the location is set to the unencrypted version of the site.

How do sites go about using a secure login form and running on the regular version of the site?

Thanks!
weee