|
PHP - Session Lost Problem Its Urgent
hello everyone....i need your help
i face session lost problem so many times and every times i just find out other logic to implement the code in different ways. but i don't get a perfect solution.Please help me to resolve this............why it was happened..... i searched google for it.........this is the common problem but i dont get any proper solution.............. recently i write a code to fetch tweets from twitter..but when returning back from .i lost my session value......... supp this is my page page.php when user click on button........i just check the form submitted like this session_start(); $_SESSION['id']=$id; //supp $id=10 if($_POST['submit']) { header("Location:tweet.php "); } i already included session_start() at the top of every page. in tweet.php i just generate a token and send user to twitter for authorization. in tweet.php i checked session started i check it with Print_r($_SESSION); in this page i used session like this session_start(); if($_SESSION['id']) { header("Location:$url") //$url will be authoritarian url generated by twitter oauth.. }else { header("Location:index.php") } after returning from twitter some times session variable are not lost.but sometimes i lost my session.this really irritates me....if logic is wrong then every time session destroyed............... i check my php.ini file configuration.. session_save.path=/tmp; //by default register global are off................. any help is appreciated................ Similar TutorialsHello all, I just wrote a php website to communicate with a database and it has a login based on the users email and password, they login on the first page and then the php checks for every page they visit if they indeed logged in before and not just found out what php file to open to get where they want to be. For this I used session variables to store both e-mail and password. The login info gets posted from the 1st(login) site to the 2nd site where it is checked for the first time, after that the login info isn't posted to the next page anymore, but just checked, this works for the 3rd page but when the user hits for the 4th page the variables are lost(I can't echo them either). However if I'd go from the 2nd page directly to the 4th page the page will load, however the 5th will then get my security-msg. So offcourse, I am wondering how this might have happened and how to fix this problem, here's some of the code I wrote: This is the check for the logininfo: <?php include('SessionStart.php'); include('logindata.php'); $db = mysql_connect($host, $user, $pw); if (!$db) { echo "<br />Helaas, u heeft geen verbinding met de database."; exit(); } else { mysql_select_db("teammanagementtool", $db); $sql24 = "SELECT * FROM leidinggevenden"; $allesarray = mysql_query($sql24); $i = 0; while ($mails = mysql_fetch_array($allesarray)) { $mailtjes[$i] = $mails['lg_mailadres']; $i = $i+1; } echo "...".$_SESSION['sessie']['email']."...".$_SESSION['sessie']['password']."...".$session_name."..."; if (in_array($_SESSION['sessie']['email'],$mailtjes)) { $sql25 = "SELECT lg_wachtwoord FROM leidinggevenden WHERE lg_mailadres = '".$_SESSION['sessie']['email']."'"; $pass = mysql_query($sql25); $pasje = mysql_fetch_array($pass); if ($_SESSION['sessie']['password'] != $pasje['lg_wachtwoord']) { echo "<script>alert('U bent hier op incorrecte manier terecht gekomen!');</script>"; echo "<meta http-equiv='refresh' content='0;URL=index.php' />"; exit(); } else if ($_SESSION['sessie']['password'] = "" || $_SESSION['sessie']['email'] = ""){ echo "<script>alert('U bent hier op incorrecte manier terecht gekomen!');</script>"; echo "<meta http-equiv='refresh' content='0;URL=index.php' />"; exit(); } else { } } else { echo "<script>alert('U bent hier op incorrecte manier terechtgekomen!');</script>"; echo "<meta http-equiv='refresh' content='0;URL=index.php' />"; exit(); } ?> And this is the code in my SessionStart.php: <?php $session_name = 'sessie'; $session_exp_time = 10000 ; $previous_name = session_name($session_name); ini_set('session.gc_maxlifetime', $session_exp_time); ini_set('session.gc_probability', '1'); ini_set('session.gc_divisor', '1000'); ini_set('session.name', $session_name); ini_set('session.cookie_domain', ''); ini_set('session.cookie_lifetime', 0 ); session_set_cookie_params($session_exp_time, '/', ''); session_start(); if (isset($_COOKIE[$session_name])) setcookie($session_name, $_COOKIE[$session_name], 2147483647 , ''); ?> the includes are at the start of all of my pages, I only do a session_unset() at my index.php(the login page). and my 2nd page gets: $_SESSION['sessie']['email'] = $_POST['email']; $_SESSION['sessie']['password'] = $_POST['password']; from the login. I could really use some help here, thanks in advance. Well i have a session['rmanr'] a have set after a submit containing the date and unique id.
I have to be able to do multiple submits on that same form but if they submit multiple times the same rmanr have to be used...
I tried the following:
$date = date("Y-m-d");
$datestrip = str_replace("-", "", $date);
$lastdetid = $dbh->lastInsertId();
if(!isset($_SESSION['rmamr'])){
$rmanr = $datestrip;
$rmanr .= $lastdetid;
$_SESSION['rmanr'] = $rmanr;
} else {
$rmanr = $_SESSION['rmanr'];
}
$uprmastmt = $dbh->prepare("UPDATE rma SET r_nr = '$rmanr' WHERE r_id = ?");
$uprmastmt->bindParam(1, $lastid);
$uprmastmt->execute();
But i keep getting a new rmanr every time i submit... Could it be that my form submit reset my SESSION?
Hi, I have a feeling that this is going to be an easy miss but I've been over is a good few times and cannot see what it could be. Essentially, when I post the form in the first set of code (I've got rid of a load of unecessary html) the SESSION variables are not loaded into the second piece of code. Any ideas? Code: [Select] <?php session_start(); require ("connect.php"); $timeout = 1800; $logout_redirect_url = "login.php"; if (isset($_SESSION['start_time'])) { $elapsed_time = time() - $_SESSION['start_time']; if ($elapsed_time >= $timeout) { session_destroy(); header("Location: $logout_redirect_url"); } } $_SESSION['start_time'] = time(); ?> <div id="leftlink"> <a href="logout.php">Logout</a> </div> <table align="center" width="600px" cellpadding="0" cellspacing="0"> <tr> <td> <h2 align="center"><a href="index.php"><img src="images/logo.jpg" border="0" /></a> <br /> Emergency</h2> <hr /> </td> </tr> </table> </head> <body> <form action="post_reset.php" method="post" name"passre"> <table width="500" border="0" align="center" cellpadding="2" cellspacing="1"> <tr> <td width="230"><div align="right">E-mail Address : </div></td> <td width="40"> </td> <td width="230"><div align="left"> <input name="email" readonly="readonly" value="<?php echo ($_SESSION['email']) ; ?>" /></div></td> </tr> <tr> <td colspan="3"><div align="center"><input type="submit" name="submit" value="Submit" /></div></td> </tr> </table> </form> </body> </html> Code: [Select] <?php session_start; echo ($_SESSION['start_time']); require ("connect.php"); if (isset($_POST['submit'])){ $email = $_POST['email']; $getde = "SELECT * FROM users WHERE email = '$email'"; $getder = mysql_query($getde, $conn); $getdere = mysql_fetch_array($getder) Thanks Gareth Some code from my pages ,
Page1 ( Redirecting page )
<html> <title>login_redirect.</title> body> <form name="redirect" action="http://mysite/page2.php" method="post"> <input type="hidden" name="mac" value="$(mac)"> </form> <script language="JavaScript"> <!-- document.redirect.submit(); //--> </script> </body> </html>Page 2 ( select product )
<?php
session_start();
ini_set('display_errors',1);
error_reporting(E_ALL);
include '../lib/config.php';
include '../lib/opendb.php';
// get user mac adres from redirect post page1
$_SESSION['macid'] = $_POST['mac'];
// set $macid for other use ( maybe not needed, am learning )
$macid = $_SESSION['macid'];
// echo $macid does show mac adress, so variable is not empty here
if (!empty($_POST["submit"]))
{
$product_choice = $_POST['accounttype'];
$query= "SELECT AccountIndex, AccountCost, AccountName FROM AccountTypes WHERE AccountIndex='$product_choice'";
$result = mysql_query($query) or die('Query failed. ' . mysql_error());
while($row = mysql_fetch_array($result))
{
$_SESSION['AccountIndex'] = $row['AccountIndex'];
$_SESSION['AccountCost'] = $row['AccountCost'];
$_SESSION['AccountName'] = $row['AccountName'];
}
header('Location: page3.php');
}
// did leave out the other/html/form stuff here
Page 3 ( show Session variables )
<?php
ini_set('display_errors',1);
error_reporting(E_ALL);
session_start();
print_r($_SESSION);
?>
Now, on page 3 i do see the right session varables, only the "macid" is empty.
why ?
Hi, I"m trying to make an external link to a web page. Them problem is that when my user clicks on the link they are taken to the destination web page, but they see an error "Your session has expired". At that point, they must either refresh the browser or exit out and click again in order to see the page. My question is, how can I go around this problem in my code? If at all possible, I like to be able to add something to the URL so that this does not happen. Any help or guidance is appreciated. Hi Guys, I am developer and relatively new to php although I have written a few scripts. I have a site which runs on linux/unix platform. I am facing a weird problem: - I have a php script (e.g. site.com/test/test.php) which takes a input from url, and creates a session and opens a wordpress php in another folder (e.g. site.com/wp/index.php) - I wrote a small php code in that wp/index.php which checks if session exists or not. if yes, then no problem, if not then die and show a message. Now the problem is when I run the script, it opens the wp/index.php and the page opens. Good. But when I click on any link in that page e.g about or so, then I get message which I wrote that session not found and so on... I don't know why this is happening. So if you guys can help me with this it would be great. Alternatively, I thought if I protect the wp folder (using protect folder thru cpanel) and write a php script outside which call the php inside the wp folder with a hardcoded uname & pw, then i can run the php inside without anyone knowing what the actual uname or pw is. This way if a user directly tries to access it , he wont be able to do so as uname & password box will appear. But I dunno how to call a php inside protected folder. I tried to redirect but the uname & pw box appeared. I would be grateful if anyone can help me. Thanks a lot, Cheers, GR I'm writing a shopping cart type of application for booking something. The cart will holds items as arrays in the session. The problem i'm i'm having is i can store 5 items in my cart and then once i try to store any more, it just won't. I'm not getting any php errors. I'm using the codeigniter framework, so it may be a codeigniter session storage problem. Hopefully you guys can look at it and can see if you spot any bad logic that i'm overlooking. Code: [Select] <?php //generates random unique 32 character string $booking_hash = random_string('unique'); //set items foreach night foreach($room['date_rate'] as $date => $rate) { //produces random sha1 16 char length string $sha1 = random_string('sha1', 16); $session['items'][$sha1] = array( 'code' => $room['code'], 'id' => $room_id, 'title' => $room['title'], 'date' => date("n/j/Y",strtotime($date)), 'price' => $rate, 'tax_one' => money_format('%i',$room['tax_one'] * $rate), 'tax_two' => money_format('%i',$room['tax_two'] * $rate), 'sales_tax' => 0, 'guests' => $num_guests, 'booking' => $booking_hash, 'deposit' => $deposit, ); } $existing_items = $this->session->userdata('items'); if(!empty($existing_items)) { $session['items'] = $existing_items + $session['items']; } $this->session->set_userdata($session); ?> I just read some codeigniter session documentation. It says the cookie it's using can hold 4KB of data. I have no idea how much text 4KB can hold... This is my first post here. G'day everyone. I'm having trouble with getting a session recognized from one page to another. I did a search and used the advice but I'm still having trouble. I have a page called checklogin.php that processes the information submitted for a member to login, and redirect it to login_success.php if the login was successful. The problem I have is when I test the session in the second page it tells me there is no session. Here's my code (I omitted the db connection code): Code: [Select] <?php // username and password sent from form $myusername=$_POST['user']; $mypassword=$_POST['pass']; ?> <? // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" $_SESSION['myusername']=$myusername; $_SESSION['mypassword']=$mypassword; header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ?> after I am redirected to login_success.php: Code: [Select] <?php session_start(); $_SESSION['myusername']; if (isset($_SESSION['myusername'])) { $loggedin = TRUE; return $loggedin; echo "logged in."; } else echo "not logged in"; ?> It echoes "not logged in". I've struggled with this for days and I don't know what's wrong. Thanks in advance. I have this error, and I cann't find soluiton: Code: [Select] Notice: Undefined index: ime in C:\wamp\www\web\login_public.php on line 26 Notice: Undefined index: ime in C:\wamp\www\web\login_public.php on line 27 This is the code: Code: [Select] <?php require_once("public/includes/session.php"); ?> <?php require_once("public/includes/connection.php"); ?> <?php if(!$_POST['submit']){ header('refresh:0; url=index.php');} else { $korisnik = $_POST['korisnicko_ime']; $lozinka = $_POST['lozinka']; $lozinka_db = sha1($lozinka); if ($korisnik && $lozinka){ $query = mysql_query("SELECT * FROM korisnik WHERE korisnicko_ime = '$korisnik' "); $numrow = mysql_num_rows($query); if($numrow != 0){ while ($row = mysql_fetch_assoc($query)){ $korisnik_db = $row['korisnicko_ime']; $db_lozinka = $row['lozinka']; $ime = $row['ime']; } if ($korisnik == $korisnik_db && $lozinka_db == $db_lozinka){ echo "Uspesno ste ulogovani"; $_SESSION['ime'] == $ime; echo $_SESSION['ime']; } else { echo "Lozinka je netacna"; } } else {die("Korisnik ne postoji");} } } ?> What seems to be the problem Hello Everyone! I have 2 problems with sessions that I'd like some assistance with. 1. The session often ends after clicking any link after logging in. (sometimes it remains alive, and in those cases it stays alive until browser is closed.) 2. The function that should start a session if a cookie is found (and correct) is not working, so if the browser is closed and re-opened the session won't start the session. I'll include the code that I think is relevant. The odd part is that these problems occur in every browser, I have tried multiple tutorials (so different scripts) to creating a login form but somehow the same result appears every time. function login($username, $password, $remember = false) { $sql = mysql_query("SELECT * FROM users WHERE password = '" . md5($password) . "' AND username = '" . $username . "' LIMIT 1"); // If there are no matches then the username and password do not match if($sql === false) { return false; } else { while($u = mysql_fetch_array($sql)) { // Check if user wants account to be saved in cookie if($remember == true) { // Generate new auth key for each log in (so old auth key can not be used multiple times in case // of cookie hijacking) $cookie_auth= rand_string(10) . $username; $auth_key = session_encrypt($cookie_auth); $auth_query = mysql_query("UPDATE users SET auth_key = '" . $auth_key . "' WHERE username = '" . $username . "'"); setcookie("auth_key", $auth_key, time() + 60 * 60 * 24 * 7, "/", "mycorrectwebsite.com", false, true); } // Assign variables to session session_regenerate_id(true); $session_id = $u[id]; $session_username = $username; $session_level = $u[user_level]; $_SESSION['user_id'] = $session_id; $_SESSION['user_level'] = $session_level; $_SESSION['user_name'] = $session_username; $_SESSION['user_lastactive'] = time(); return true; } } } function initiate() { $logged_in = false; if(isset($_SESSION['user_name'])) { $logged_in = true; } // Check that cookie is set if(isset($_COOKIE['auth_key'])) { $auth_key = $_COOKIE['auth_key']; if($logged_in === false) { // Select user from database where auth key matches (auth keys are unique) $auth_key_query = mysql_query("SELECT username, password FROM users WHERE auth_key = '" . $auth_key . "' LIMIT 1"); if($auth_key_query === false) { // If auth key does not belong to a user delete the cookie setcookie("auth_key", "", time() - 3600); } else { while($u = mysql_fetch_array($auth_key_query)) { // Go ahead and log in login($u['username'], $u['password'], true); } } } else { setcookie("auth_key", "", time() - 3600); } } } And then in the header I start every page with: <?php session_start(); include("connect.php"); include("functions.php"); include("actions.php"); initiate(); ?> I'm using xampp and am trying to create a login session...these are the my php files login.php Code: [Select] <form action='login1.php' method='post'> Email: <input type='text' name='id'></br> Pass : <input type='password' name='pass'></br> <input type='submit' name='login' value='login'> login1.php Code: [Select] <?php $id=$_POST['id']; $pass=$_POST['pass']; $conn=mysql_connect("localhost","root",""); if (!$conn) { die('Could not connect: ' . mysql_error()); } $e=mysql_select_db('test', $conn); if(!$e) { die(''.mysql_error()); } else { echo 'database selected successfully'; } $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'"); $count=mysql_num_rows($sql); if($count==1) { session_start(); echo "</br>Login Successful</br>"; echo "Please wait 5 seconds "; /* redirct to the specified page */ header("refresh:5;url=empty.php"); } else { echo "please try to login again</br>"; echo "you will be redirected to the login page in 5 seconds"; /* redirct to the specified page */ header("refresh:5;url=login.php"); } mysql_close(); ?> empty.php Code: [Select] <?php session_start(); $logi=$_SESSION['id']; echo 'welcome '.$logi; ?> empty.php is supposed to display the email id from login.php I checked it about an hour ago and it was working fine but now it gives me an error Undefined index: id in C:\xampp\htdocs\littleprogress\empty.php on line 4 I didn't change anything after checking it. only cleared the history and cookies of my firefox browser what could be the problem Hi guys. Im making a script that stores different contents in sessions. And everything seems to be working fine. I previously had some problems with it, but managed to fix them. Now somehow a new problem have accrued for me. I did not do anything to it since it last worked. So i am a little confused. It keeps telling me that the session does not have any content. I think that the problem is within these two files he http://pastebin.com/T6sfzjWn and http://pastebin.com/BUAuFp6t It keeps giving me the error on line 24 from the second file. Can someone please help me and say what i am doing wrong? I use session code to keep post data. It does not work well . I have put the program on the web site. This is the link . http://www.ptiimaging.ca/xx.php The program is for the whole web page. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <link rel="stylesheet" type="text/css" href="mainpage.css" /> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>无标题文档</title> </head> <body> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <link rel="stylesheet" type="text/css" href="mainpage.css" /> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>无标题文档</title> </head> <body> <div class="block"> <div class="logo"> <img src="images/ptiwci_logo_btrfly.jpg" /> <div class="boxlog"> <strong><p class="name">Nizar Goa</p></strong><br /> <em class="wordsinlogo">Managing Director</em><br /> <p class="details">#101, 17873-106A Avenue</p><br /> <p class="details">Edmonton,AB T5S 1V8</p><br /> <p class="details">PH (780) 452-3801</p><br /> <p class="details">FAX (780) 452-3832</p><br /> <p class="details">Cell (780)498-2072</p><br /> <p class="details">ptican@telus.net</p> </div> <p class="lastwords">Toners . Inkjets . Ribbons . Datamedia . Printers</p> </div> <div id="navcontainer"> <ul> <li><a href="index.php">Home</a></li> <li><a href="company.php">Company</a></li> <li><a href="product.php">Product</a></li> <li><a href="contract.php">Contract us</a></li> <li><a href="bestseller.php">Top seller</a></li> <li><a href="new.php">New product</a></li> </ul> </div> <div class="searchbox"> <form action="table3.php" method="post"> <input type="submit" name="submit" value="submit" /> <input type="text" name="search" /> </form> <p>Please search by OEM number</p> </div> <div class="clear"></div> <div class="rollingpicture left"> <object id="bcastr4" data="bcastr4.swf?xml=bcastr.xml" type="application/x-shockwave-flash" width="610.584" height="220"> <param name="movie" value="bcastr4.swf" /> </object> </div> <div class="xsnazzy"> <b class="xtop"><b class="xb1"></b><b class="xb2 color_a"> </b><b class="xb3 color_a"></b><b class="xb4 color_a"></b></b> <div class="xboxcontent"> <h1 class="color_a">search</h1> <form action="xx.php" method="post"> <select name="brand"> <option >brand</option> <option value="Apple">Apple</option> <option value="brother">Brother</option> <option value="Canon">Canon</option> <option value="Dell">Dell</option> <option value="Epson">Epson</option> <option value="HP">HP</option> <option value="lexmark">Lexmark</option> <option value="Samsung">Samsung</option> <option value="Sharp">Sharp</option> <option value="IBM">IBM</option> <option value="Lenovo">Lenovo</option> <option value="Konica-Minolta">Konica-Minolta</option> <option value="okidata">okidata</option> <option value="Mita">Mita</option> <option value="Ricoh">Ricoh</option> <option value="Source technology">Source technology</option> <option value="Standard Register">Standard Register</option> <option value="Tally Genicom">Tally Genicom</option> <option value="Tektronix">Tektronix</option> <option value="Toshiba">Toshiba</option> <option value="Unisys">Unisys</option> <option value="Xerox">Xerox</option> <option value="Xerox Ink Stricks">Xerox Ink Sticks</option> <option value="kyocera">kyocera</option> <option value="Postage Meters">Postage Meters</option> </select> <br /> <select name="sort"> <option >kind</option> <option value="Copier Toner">Copier Toner</option> <option value="Laser Toner">Laser Toner</option> <option value="MICR Toner">MICR Toner</option> <option value="Inkjet">Inkjet</option> </select><Br /> <select name="type"> <option >for</option> <option value="PC">Photo copier</option> <option value="Fax">Fax</option> <option value="Copier">Copier</option> <option value="Cheque">Cheque</option> <option value="Print">Printer</option> <option value="Copier/Fax">Copier/Fax</option> </select> <br /> <input type="submit" value="submit" name="submit" /> </form> </div> <b class="xbottom"><b class="xb4"></b><b class="xb3"></b> <b class="xb2"></b><b class="xb1"></b></b> </div> <div class="leftlist left"> <div class="nextbox"><strong> <center> Inkjet </center> </strong></div> <ul> <li><a href="table.php?id=<?php echo "Brother" ;?>&cd=<?php echo "Inkjet"; ?>">Brother</a></li> <li><a href="table.php?id=<?php echo "Kodak" ;?>&cd=<?php echo "Inkjet"; ?>">Kodak</a></li> <li><a href="table.php?id=<?php echo "PitenyBowes-PostageMeter&Franking system" ;?>&cd=<?php echo "Inkjet"; ?>">PitenyBowes-PostageMeter</a></li> <li><a href="table.php?id=<?php echo "Canon" ;?>&cd=<?php echo "Inkjet"; ?>">Cannon</a></li> <li><a href="table.php?id=<?php echo "Dell" ;?>&cd=<?php echo "Inkjet"; ?>">Dell</a></li> <li><a href="table.php?id=<?php echo "HP" ;?>&cd=<?php echo "Inkjet"; ?>">HP</a></li> <li><a href="table.php?id=<?php echo "Lexmark" ;?>&cd=<?php echo "Inkjet"; ?>">Lexmark</a></li> <li><a href="table.php?id=<?php echo "Samsung" ;?>&cd=<?php echo "Inkjet"; ?>">Samsung</a></li> <li><a href="table.php?id=<?php echo "sharp" ;?>&cd=<?php echo "Inkjet"; ?>">sharp</a></li> <li><a href="table.php?id=<?php echo "Xerox" ;?>&cd=<?php echo "Inkjet"; ?>">Xerox</a></li> </ul> <div class="nextbox"><strong> <center> Laser/MICR/Fax/TFR </center> </strong></div> <ul> <li><a href="table.php?id=<?php echo "Apple" ;?>&cd=<?php echo " Toner"; ?>">Apple</a></li> <li><a href="table.php?id=<?php echo "Brother" ;?>&cd=<?php echo " Toner"; ?>">Brother</a></li> <li><a href="table.php?id=<?php echo "Canon" ;?>&cd=<?php echo " Toner"; ?>">Canon</a></li> <li><a href="table.php?id=<?php echo "Dell" ;?>&cd=<?php echo " Toner"; ?>">Dell</a></li> <li><a href="table.php?id=<?php echo "Epson" ;?>&cd=<?php echo " Toner"; ?>">Epson</a></li> <li><a href="table.php?id=<?php echo "HP" ;?>&cd=<?php echo " Toner"; ?>">HP</a></li> <li><a href="table.php?id=<?php echo "IBM/Lenovo" ;?>&cd=<?php echo " Toner"; ?>">IBM/Lenovo</a></li> <li><a href="table.php?id=<?php echo "Kyocera/Mita" ;?>&cd=<?php echo " Toner"; ?>">Kyocera/Mita</a></li> <li><a href="table.php?id=<?php echo "Konica-Minolta/Minolta QMS " ;?>&cd=<?php echo " Toner"; ?>"> Konica-Minolta/Minolta QMS </a></li> <li><a href="table.php?id=<?php echo "Konica" ;?>&cd=<?php echo " Toner"; ?>">Konica</a></li> <li><a href="table.php?id=<?php echo "Lexmark" ;?>&cd=<?php echo " Toner"; ?>">Lexmark</a></li> <li><a href="table.php?id=<?php echo "Minolta" ;?>&cd=<?php echo " Toner"; ?>">Minolta</a></li> <li><a href="table.php?id=<?php echo "Okidata" ;?>&cd=<?php echo " Toner"; ?>">Okidata</a></li> <li><a href="table.php?id=<?php echo "Ricoh" ;?>&cd=<?php echo " Toner"; ?>">Ricoh</a></li> <li><a href="table.php?id=<?php echo "Samsung" ;?>&cd=<?php echo " Toner"; ?>">Samsung</a></li> <li><a href="table.php?id=<?php echo "TallyGenicom" ;?>&cd=<?php echo " Toner"; ?>">Tally Genicom</a></li> <li><a href="table.php?id=<?php echo "Tektronix" ;?>&cd=<?php echo " Toner"; ?>">Tektronix</a></li> <li><a href="table.php?id=<?php echo "Toshiba" ;?>&cd=<?php echo " Toner"; ?>">Toshiba</a></li> <li><a href="table.php?id=<?php echo "Unisys" ;?>&cd=<?php echo " Toner"; ?>">Unisys</a></li> <li><a href="table.php?id=<?php echo "Xerox" ;?>&cd=<?php echo " Toner"; ?>">Xerox</a></li> <li><a href="table.php?id=<?php echo "Xero Ink Sticks" ;?>&cd=<?php echo " Toner"; ?>">Xerox Ink Sticks</a></li> <li><a href="table.php?id=<?php echo "Gestetner" ;?>&cd=<?php echo " Toner"; ?>">Gestetner</a></li> <li><a href="table.php?id=<?php echo "Lanier" ;?>&cd=<?php echo " Toner"; ?>">Lanier</a></li> <li><a href="table.php?id=<?php echo "TROY" ;?>&cd=<?php echo " Toner"; ?>">TROY</a></li> <li><a href="table.php?id=<?php echo "Lexmark/Troy" ;?>&cd=<?php echo " Toner"; ?>">Lexmark/Troy</a></li> <li><a href="table.php?id=<?php echo "Okidata" ;?>&cd=<?php echo " Toner"; ?>">Okidata</a></li> <li><a href="table.php?id=<?php echo "Sharp" ;?>&cd=<?php echo " Toner"; ?>">Sharp</a></li> <li><a href="table.php?id=<?php echo "Piteny Bowes /Imagistics" ;?>&cd=<?php echo " Toner"; ?>">Piteny Bowes /Imagistics</a></li> <li><a href="table.php?id=<?php echo "Panasonic" ;?>&cd=<?php echo " Toner"; ?>">Panasonic</a></li> <li><a href="table.php?id=<?php echo "Savin" ;?>&cd=<?php echo " Toner"; ?>">Savin</a></li> <li><a href="table.php?id=<?php echo "HP/ Troy" ;?>&cd=<?php echo " Toner"; ?>">HP/ Troy</a></li> <li><a href="table.php?id=<?php echo "Source Technologies" ;?>&cd=<?php echo " Toner"; ?>">Source Technologies</a></li> <li><a href="table.php?id=<?php echo "Ricoh/SindoRicoh" ;?>&cd=<?php echo " Toner"; ?>">Ricoh/SindoRicoh</a></li> <li><a href="table.php?id=<?php echo "Royal Copystar/Copystar" ;?>&cd=<?php echo " Toner"; ?>"> Royal Copystar/Copystar</a></li> <li><a href="table.php?id=<?php echo "Source Technologies" ;?>&cd=<?php echo " Toner"; ?>"> Standard Register</a></li> </ul> </div> <div class="boxright right"> <?php include("connection.php"); session_start(); $_SESSION['brand']=$_POST['brand']; $_SESSION['type']=$_POST['type']; $_SESSION['sort']=$_POST['sort']; if (isset($_GET["page"])) { $page = $_GET["page"]; } else { $page=1; }; $start_from = ($page-1) * 23; $select="select * from $chun where brand = '$_SESSION[brand]' or sort='$_SESSION[sort]' or type ='$_SESSION[type]' LIMIT $start_from, 18"; $result2=mysql_query($select, $connection) or die (mysql_error()); ?> <h1 >Inkjet and Toner Cartridges for the printing device </h1> <p class="writeword">PTi is a leading Remanufacturer and distributor of compatible cartridges and orginal product. We also offer the most comprehensive selection of remanufactured ink cartridges for HP printers at low prices. Along with our 100% Quality Guaranteed HP toner cartridges, we also offer high quality compatible inkjet cartridges for many printers at highly competitive prices. All our products are proudly manufactured in the U.S.A. Enter your search criteria at the top of the page to view details on a specific cartridge. For our award winning customer service, call (780) 4523801 </p> <table class="tableinsert"> <tr> <th>Pti Item#</th> <th>OEM Part#</th> <th>Machine Compatibilty</th> <th>Color</th> <th>Dealer price</th> <th>OEM Price</th> </tr> <?php while ($row=mysql_fetch_array($result2)) { ?> <tr> <td><?php echo $row['item'];?></td> <td><a href="ddl.php?wd=<?php echo $row['id'] ;?>"><?php echo $row['oempart'];?></a></td> <td><?php echo $row['compatibility'];?></td> <td><?php echo $row['colorful'];?></td> <td>$<?php echo $row['comprice']; ?></td> <td><?php echo $row['oemprice']; ?></td> </tr> <?php }; ?> </table> <?php $sql = "select count(*) from $chun where brand = '$_SESSION[brand]' or type ='$_SESSION[type]' or sort='$_SESSION[sort]' "; $rs_result = mysql_query($sql,$connection); $row = mysql_fetch_row($rs_result); $total_records = $row[0]; $total_pages = ceil($total_records / 23); for ($i=1; $i<=$total_pages; $i++) { ?> <div class="trunpage"><a href='table2.php?page=<?php echo "$i" ; ?>&id=<?php echo $_SESSION['brand'];?>&cd=<?php echo $_SESSION['type'];?>&td=<?php echo $_SESSION['sort'];?>' ><?php echo "$i" ; ?></a> </div> <?php } ?> </div> <div class="lineone"></div> <div class="footer"> <p>Copyright 2007-2010 www.ptiimaging.ca Inc. Canada All rights reserved. You can reach us at : By Mail: 17873 106a ave, Unit 101 Edmontn Alberta T5S 1V8 By phone: 1-780-452-3801 By Fax: 1-780-452-3832 By email: ptican@telus.net </p> </div> </div> </body> </html> I am having probelm in saving Session variables ALthough I'm writing session_start(); in the header of my php script and saving the values of Session array in the next page. It does not print the values or show right results. Code: [Select] session_start(); require_once ("functions.php"); $token=$_GET['t']; if(!isset($token)){ $name = stripslashes($_POST['username']); $email = stripslashes($_POST['email']); check_validate_input($name, $email); } if($token=='register') { show_registration_form(); } $my_model = new model(); $arr_info = $my_model->check_members($name,$email); if (($arr_info==NULL)&&($token!='register')) { echo '<p> Hello Guest</p><br />'; show_mailing_form(); } else if (($arr_info['role']=='user')||($arr_info['role'] == 'admin')) { $_SESSION['userId']=$arr_info['id']; $_SESSION['user_role']=$arr_info['role']; $_SESSION['user_name']=$arr_info['name']; print_r ($_SESSION);} here it does not print session array. hi i want to include session so that attendance.php can't be acess directly.. which is the best place to put this code : Code: [Select] if(isset($_SESSION['last_ip'])===false){ $_SESSION['last_ip']=$_SERVER['REMOTE_ADDR']; } if($_SESSION['last_ip']!==$_SERVER['REMOTE_ADDR']){ session_unset(); session_destroy(); } like this : Code: [Select] class session { public $user_on=false; public $user_id; function __construct(){ //make sure that javascript can not access session variable ini_set('session.cookie_httponly',true); session_start(); //set the last ip the user has logged on with if(isset($_SESSION['last_ip'])===false){ $_SESSION['last_ip']=$_SERVER['REMOTE_ADDR']; } if($_SESSION['last_ip']!==$_SERVER['REMOTE_ADDR']){ session_unset(); session_destroy(); } $this->check_login(); } private function check_login(){ if(isset($_SESSION['user_id'])){ global $user; $this->user_id=$_SESSION['user_id']; $this->user_on=true; $user->find_by_id($this->user_id); } else { unset($this->user_id); $this->user_on=false; } } } OR : Code: [Select] function __construct(){ //make sure that javascript can not access session variable ini_set('session.cookie_httponly',true); session_start(); $this->check_login(); } private function check_login(){ if(isset($_SESSION['user_id'])){ global $user; [b]//set the last ip the user has logged on with if(isset($_SESSION['last_ip'])===false){ $_SESSION['last_ip']=$_SERVER['REMOTE_ADDR']; } if($_SESSION['last_ip']!==$_SERVER['REMOTE_ADDR']){ session_unset(); session_destroy(); }[/b] elseif($_SESSION['last_ip']===$_SERVER['REMOTE_ADDR']){ $this->user_id=$_SESSION['user_id']; $this->user_on=true; $user->find_by_id($this->user_id); } } else { unset($this->user_id); $this->user_on=false; } } } Hi, I my first problem is hashing passwords to md5. My second problem is defining session on value from db. There is my code but not working. Code: [Select] mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $username=$_POST['username']; $password=$_POST['password']; $hash = md5($password); $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql="SELECT * FROM $tbl_name WHERE where username = '$username' and password = '$hash'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count==1){ $sql2="SELECT access FROM $tbl_name WHERE username='$username' and password='$password'"; $access=mysql_query("$sql2"); session_register("username"); session_register("password"); session_register("access"); $_SESSION["access"]=$access; header("location:success.php"); } else { echo "Invalid Username or Password";Thanks for any answers. hello all, I have a client that wants to protect their web page with a password protected landing page. Once the password is entered the user is directed to a "disclaimer" page that they have to agree to first before going into the site. I have put both the landing page and the disclaimer page in my root directory and then the site I put in a sub directory /cms/ in the main site index.php I check for the post password and then set a $_COOKIE for the user that will expire in 1 month <?php // this goes on the very top of the index.php file in the template you are using //check if user has entered password and needs cookie set if(isset($_POST['fpass']) && !isset($_COOKIE['fpass'])) setcookielive('fpass', $_POST['fpass'], strtotime( '+1 month' )); function setcookielive($name, $value='', $expire=0, $path='', $domain='', $secure=false, $httponly=false) { //set a cookie as usual, but ALSO add it to $_COOKIE so the current page load has access $_COOKIE[$name] = $value; return setcookie($name,$value,$expire,$path,$domain,$secure,$httponly); } The next thing I do is check if a user is trying to access the main site with having the COOKIE - if so I redirect the user to the landing page //check if user has not entered password if (!isset($_COOKIE['fpass']) || $_COOKIE['fpass'] == "") header('location: http://www.mypage.com'); This works fine up to this point. Now my problem is that I also need to check if a user has the month long cookie set but is trying to access the main page without viewing the disclaimer page first. I thought this would work: //check if the user has a cookie set but is on a new session if (isset($_COOKIE['fpass']) && !isset($_SESSION['fpass'])) header('location: http://www.mypage.com/disclaimer.php'); But this only throws the user into a loop of "disclaimer" -> "landing page" -> "disclaimer" etc. They can never get into the main site. How do I check for the cookie and whether the user has visited the disclaimer page - but then allow the user to continue once they go to the disclaimer page? NB: the $_SESSION is not set until the main site. Hello, I have the $_session code working, but after I destroy the session and I am asked to log in again, my browser doesn't ask me for my password and just logs me in. I don't understand because I have destroyed my session and I have deleted the data in $_SESSION and I have deleted the info in the cookie so it shouldn't log me in automatically. I thought it was something in my browser, but I erased my history and I never saved any password. Here's my code: This is the welcome page
<?php
require_once 'login.php';
$connection = new mysqli($db_hostname, $db_username, $db_password, $db_database);
if ($connection->connect_error) die($connection->connect_error);
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']))
{
$un_temp = mysql_entities_fix_string($connection, $_SERVER['PHP_AUTH_USER']);
$pw_temp = mysql_entities_fix_string($connection, $_SERVER['PHP_AUTH_PW']);
$query = "SELECT * FROM users WHERE username='$un_temp'";
$result = $connection->query($query);
if (!$result) die($connection->error);
elseif ($result->num_rows)
{
$row = $result->fetch_array(MYSQLI_NUM);
$result->close();
$salt1 = "qm&h*";
$salt2 = "pg!@";
$token = hash('ripemd128', "$salt1$pw_temp$salt2");
if ($token == $row[3])
{
session_start();
$_SESSION['username'] = $un_temp;
$_SESSION['password'] = $pw_temp;
$_SESSION['forename'] = $row[0];
$_SESSION['surname'] = $row[1];
echo "$row[0] $row[1] : Hi $row[0], you are now logged in as '$row[2]'";
die("<p><a href=continue.php>Click here to continue</a></p>");
}
else die("Invalid username/password combination");
}
else die("Invalid username/password combination");
}
else
{
header('WWW-Authenticate: Basic realm="Restricted Section"');
header('HTTP/1.0 401 Unauthorized');
die("Please enter your username and password");
}
$connection->close();
function mysql_entities_fix_string($connection, $string)
{
return htmlentities(mysql_fix_string($connection, $string));
}
function mysql_fix_string($connection, $string)
{
if (get_magic_quotes_gpc()) $string = stripslashes($string);
return $connection->real_escape_string($string);
}
?>
and this is the other page:
<?php
session_start();
if(isset($_SESSION['username']))
{
$username = $_SESSION['username'];
$password = $_SESSION['password'];
$forename = $_SESSION['forename'];
$surname = $_SESSION['surname'];
destroy_session_and_data();
echo "Welcome back $forename. <br>
Your full name is $forename $surname.<br>
Your username is '$username'
and your password is '$password'.";
}
else echo "Please <a href='authenticate2.php'>Click here</a> to log in.";
function destroy_session_and_data()
{
$_SESSION = array();
setcookie(session_name(), '', time() - 2592000,'/');
session_destroy();
}
?>
When I type the website in i first get prompt to enter my password, when I am authenticated the webpage says: You are now logged in click here to continue. When I do I am directed to another page which confirms that I am still logged in. Then I press refresh and the webpage asks me to "Click here to log in". I do, but it doesn't ask me for my password again. Why? My personal info should be destroyed. Thank you for responding. It's greatly appreciated
Hi Guys,
Here is the code, once logged in using known credentials it should display the content "welcome..." but it doesn't, instead it is showing "you are not authorized..." as if the session['username']); isn't being taken?
<?php
ini_set('display_errors',1);
error_reporting(E_ALL);
include_once 'includes/db_connect.php';
include_once 'includes/functions.php';
sec_session_start();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Secure Login: Protected Page</title>
<link rel="stylesheet" href="styles/main.css" />
</head>
<body>
<?php if (login_check($mysqli) == true) : ?>
<p>Welcome <?php echo htmlentities($_SESSION['username']); ?>!</p>
<p>
This is an example protected page. To access this page, users
must be logged in. At some stage, we'll also check the role of
the user, so pages will be able to determine the type of user
authorised to access the page.
</p>
<p>Return to <a href="index.php">login page</a></p>
<?php else : ?>
<p>
<span class="error">You are not authorized to access this page.</span> Please <a href="index.php">login or register</a>.
</p>
<?php endif; ?>
</body>
</html>
I am using WAMP and have made sure the username and password is in the database correctly, how do i debug this?
the error reporting has been switched on but it doesn't help me
is the problem with:
<?php if (login_check($mysqli) == true) : ?>I am trying to follow this guide: http://www.wikihow.c...n-PHP-and-MySQL Please could i get some help on how to make the login "detect" the username from my MySQL database and display the username Thanks Attached Files login_success.php.jpg 14.31KB 0 downloads |
|||||||