|
PHP - I Need To Fix Session Code
In order to keep data on the browser , so I use session to keep post data. I try to turn the page. I does not work , I do not know how to fix it. Please tell me . Thank you very much.
session_start(); $_SESSION['brand']=$_POST['brand']; $_SESSION['type']=$_POST['type']; $_SESSION['sort']=$_POST['sort']; include("connection.php"); if (isset($_GET["page"])) { $page = $_GET["page"]; } else { $page=1; }; $start_from = ($page-1) * 18; $select="select * from $chun where brand = '$_SESSION[brand]' or sort='$_SESSION[sort]' or type ='$_SESSION[type]' LIMIT $start_from, 18"; $result2=mysql_query($select, $connection) or die (mysql_error()); <?php while ($row=mysql_fetch_array($result2)) { ?> <tr> <td><?php echo $row['item'];?></td> <td><?php echo $row['oempart'];?></td> <td><?php echo $row['compatibility'];?></td> <td><?php echo $row['colorful'];?></td> <td><?php echo $row['comprice']; ?></td> <td><?php echo $row['oemprice']; ?></td> </tr> <?php }; ?> </table> <?php $sql = "select count(*) from $chun where brand = '$_SESSION[brand]' or type ='$_SESSION[type]' or sort='$_SESSION[sort]' "; $rs_result = mysql_query($sql,$connection); $row = mysql_fetch_row($rs_result); $total_records = $row[0]; $total_pages = ceil($total_records / 18); for ($i=1; $i<=$total_pages; $i++) { ?> <div class="trunpage"><a href='table2.php?page=<?php echo "$i" ; ?>&id=<?php echo $_SESSION['brand'];?>&cd=<?php echo $_SESSION['type'];?>&td=<?php echo $_SESSION['sort'];?>' ><?php echo "$i" ; ?></a> </div> <?php } ?> Similar TutorialsI use session code to keep post data. It does not work well . I have put the program on the web site. This is the link . http://www.ptiimaging.ca/xx.php The program is for the whole web page. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <link rel="stylesheet" type="text/css" href="mainpage.css" /> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>无标题文档</title> </head> <body> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <link rel="stylesheet" type="text/css" href="mainpage.css" /> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>无标题文档</title> </head> <body> <div class="block"> <div class="logo"> <img src="images/ptiwci_logo_btrfly.jpg" /> <div class="boxlog"> <strong><p class="name">Nizar Goa</p></strong><br /> <em class="wordsinlogo">Managing Director</em><br /> <p class="details">#101, 17873-106A Avenue</p><br /> <p class="details">Edmonton,AB T5S 1V8</p><br /> <p class="details">PH (780) 452-3801</p><br /> <p class="details">FAX (780) 452-3832</p><br /> <p class="details">Cell (780)498-2072</p><br /> <p class="details">ptican@telus.net</p> </div> <p class="lastwords">Toners . Inkjets . Ribbons . Datamedia . Printers</p> </div> <div id="navcontainer"> <ul> <li><a href="index.php">Home</a></li> <li><a href="company.php">Company</a></li> <li><a href="product.php">Product</a></li> <li><a href="contract.php">Contract us</a></li> <li><a href="bestseller.php">Top seller</a></li> <li><a href="new.php">New product</a></li> </ul> </div> <div class="searchbox"> <form action="table3.php" method="post"> <input type="submit" name="submit" value="submit" /> <input type="text" name="search" /> </form> <p>Please search by OEM number</p> </div> <div class="clear"></div> <div class="rollingpicture left"> <object id="bcastr4" data="bcastr4.swf?xml=bcastr.xml" type="application/x-shockwave-flash" width="610.584" height="220"> <param name="movie" value="bcastr4.swf" /> </object> </div> <div class="xsnazzy"> <b class="xtop"><b class="xb1"></b><b class="xb2 color_a"> </b><b class="xb3 color_a"></b><b class="xb4 color_a"></b></b> <div class="xboxcontent"> <h1 class="color_a">search</h1> <form action="xx.php" method="post"> <select name="brand"> <option >brand</option> <option value="Apple">Apple</option> <option value="brother">Brother</option> <option value="Canon">Canon</option> <option value="Dell">Dell</option> <option value="Epson">Epson</option> <option value="HP">HP</option> <option value="lexmark">Lexmark</option> <option value="Samsung">Samsung</option> <option value="Sharp">Sharp</option> <option value="IBM">IBM</option> <option value="Lenovo">Lenovo</option> <option value="Konica-Minolta">Konica-Minolta</option> <option value="okidata">okidata</option> <option value="Mita">Mita</option> <option value="Ricoh">Ricoh</option> <option value="Source technology">Source technology</option> <option value="Standard Register">Standard Register</option> <option value="Tally Genicom">Tally Genicom</option> <option value="Tektronix">Tektronix</option> <option value="Toshiba">Toshiba</option> <option value="Unisys">Unisys</option> <option value="Xerox">Xerox</option> <option value="Xerox Ink Stricks">Xerox Ink Sticks</option> <option value="kyocera">kyocera</option> <option value="Postage Meters">Postage Meters</option> </select> <br /> <select name="sort"> <option >kind</option> <option value="Copier Toner">Copier Toner</option> <option value="Laser Toner">Laser Toner</option> <option value="MICR Toner">MICR Toner</option> <option value="Inkjet">Inkjet</option> </select><Br /> <select name="type"> <option >for</option> <option value="PC">Photo copier</option> <option value="Fax">Fax</option> <option value="Copier">Copier</option> <option value="Cheque">Cheque</option> <option value="Print">Printer</option> <option value="Copier/Fax">Copier/Fax</option> </select> <br /> <input type="submit" value="submit" name="submit" /> </form> </div> <b class="xbottom"><b class="xb4"></b><b class="xb3"></b> <b class="xb2"></b><b class="xb1"></b></b> </div> <div class="leftlist left"> <div class="nextbox"><strong> <center> Inkjet </center> </strong></div> <ul> <li><a href="table.php?id=<?php echo "Brother" ;?>&cd=<?php echo "Inkjet"; ?>">Brother</a></li> <li><a href="table.php?id=<?php echo "Kodak" ;?>&cd=<?php echo "Inkjet"; ?>">Kodak</a></li> <li><a href="table.php?id=<?php echo "PitenyBowes-PostageMeter&Franking system" ;?>&cd=<?php echo "Inkjet"; ?>">PitenyBowes-PostageMeter</a></li> <li><a href="table.php?id=<?php echo "Canon" ;?>&cd=<?php echo "Inkjet"; ?>">Cannon</a></li> <li><a href="table.php?id=<?php echo "Dell" ;?>&cd=<?php echo "Inkjet"; ?>">Dell</a></li> <li><a href="table.php?id=<?php echo "HP" ;?>&cd=<?php echo "Inkjet"; ?>">HP</a></li> <li><a href="table.php?id=<?php echo "Lexmark" ;?>&cd=<?php echo "Inkjet"; ?>">Lexmark</a></li> <li><a href="table.php?id=<?php echo "Samsung" ;?>&cd=<?php echo "Inkjet"; ?>">Samsung</a></li> <li><a href="table.php?id=<?php echo "sharp" ;?>&cd=<?php echo "Inkjet"; ?>">sharp</a></li> <li><a href="table.php?id=<?php echo "Xerox" ;?>&cd=<?php echo "Inkjet"; ?>">Xerox</a></li> </ul> <div class="nextbox"><strong> <center> Laser/MICR/Fax/TFR </center> </strong></div> <ul> <li><a href="table.php?id=<?php echo "Apple" ;?>&cd=<?php echo " Toner"; ?>">Apple</a></li> <li><a href="table.php?id=<?php echo "Brother" ;?>&cd=<?php echo " Toner"; ?>">Brother</a></li> <li><a href="table.php?id=<?php echo "Canon" ;?>&cd=<?php echo " Toner"; ?>">Canon</a></li> <li><a href="table.php?id=<?php echo "Dell" ;?>&cd=<?php echo " Toner"; ?>">Dell</a></li> <li><a href="table.php?id=<?php echo "Epson" ;?>&cd=<?php echo " Toner"; ?>">Epson</a></li> <li><a href="table.php?id=<?php echo "HP" ;?>&cd=<?php echo " Toner"; ?>">HP</a></li> <li><a href="table.php?id=<?php echo "IBM/Lenovo" ;?>&cd=<?php echo " Toner"; ?>">IBM/Lenovo</a></li> <li><a href="table.php?id=<?php echo "Kyocera/Mita" ;?>&cd=<?php echo " Toner"; ?>">Kyocera/Mita</a></li> <li><a href="table.php?id=<?php echo "Konica-Minolta/Minolta QMS " ;?>&cd=<?php echo " Toner"; ?>"> Konica-Minolta/Minolta QMS </a></li> <li><a href="table.php?id=<?php echo "Konica" ;?>&cd=<?php echo " Toner"; ?>">Konica</a></li> <li><a href="table.php?id=<?php echo "Lexmark" ;?>&cd=<?php echo " Toner"; ?>">Lexmark</a></li> <li><a href="table.php?id=<?php echo "Minolta" ;?>&cd=<?php echo " Toner"; ?>">Minolta</a></li> <li><a href="table.php?id=<?php echo "Okidata" ;?>&cd=<?php echo " Toner"; ?>">Okidata</a></li> <li><a href="table.php?id=<?php echo "Ricoh" ;?>&cd=<?php echo " Toner"; ?>">Ricoh</a></li> <li><a href="table.php?id=<?php echo "Samsung" ;?>&cd=<?php echo " Toner"; ?>">Samsung</a></li> <li><a href="table.php?id=<?php echo "TallyGenicom" ;?>&cd=<?php echo " Toner"; ?>">Tally Genicom</a></li> <li><a href="table.php?id=<?php echo "Tektronix" ;?>&cd=<?php echo " Toner"; ?>">Tektronix</a></li> <li><a href="table.php?id=<?php echo "Toshiba" ;?>&cd=<?php echo " Toner"; ?>">Toshiba</a></li> <li><a href="table.php?id=<?php echo "Unisys" ;?>&cd=<?php echo " Toner"; ?>">Unisys</a></li> <li><a href="table.php?id=<?php echo "Xerox" ;?>&cd=<?php echo " Toner"; ?>">Xerox</a></li> <li><a href="table.php?id=<?php echo "Xero Ink Sticks" ;?>&cd=<?php echo " Toner"; ?>">Xerox Ink Sticks</a></li> <li><a href="table.php?id=<?php echo "Gestetner" ;?>&cd=<?php echo " Toner"; ?>">Gestetner</a></li> <li><a href="table.php?id=<?php echo "Lanier" ;?>&cd=<?php echo " Toner"; ?>">Lanier</a></li> <li><a href="table.php?id=<?php echo "TROY" ;?>&cd=<?php echo " Toner"; ?>">TROY</a></li> <li><a href="table.php?id=<?php echo "Lexmark/Troy" ;?>&cd=<?php echo " Toner"; ?>">Lexmark/Troy</a></li> <li><a href="table.php?id=<?php echo "Okidata" ;?>&cd=<?php echo " Toner"; ?>">Okidata</a></li> <li><a href="table.php?id=<?php echo "Sharp" ;?>&cd=<?php echo " Toner"; ?>">Sharp</a></li> <li><a href="table.php?id=<?php echo "Piteny Bowes /Imagistics" ;?>&cd=<?php echo " Toner"; ?>">Piteny Bowes /Imagistics</a></li> <li><a href="table.php?id=<?php echo "Panasonic" ;?>&cd=<?php echo " Toner"; ?>">Panasonic</a></li> <li><a href="table.php?id=<?php echo "Savin" ;?>&cd=<?php echo " Toner"; ?>">Savin</a></li> <li><a href="table.php?id=<?php echo "HP/ Troy" ;?>&cd=<?php echo " Toner"; ?>">HP/ Troy</a></li> <li><a href="table.php?id=<?php echo "Source Technologies" ;?>&cd=<?php echo " Toner"; ?>">Source Technologies</a></li> <li><a href="table.php?id=<?php echo "Ricoh/SindoRicoh" ;?>&cd=<?php echo " Toner"; ?>">Ricoh/SindoRicoh</a></li> <li><a href="table.php?id=<?php echo "Royal Copystar/Copystar" ;?>&cd=<?php echo " Toner"; ?>"> Royal Copystar/Copystar</a></li> <li><a href="table.php?id=<?php echo "Source Technologies" ;?>&cd=<?php echo " Toner"; ?>"> Standard Register</a></li> </ul> </div> <div class="boxright right"> <?php include("connection.php"); session_start(); $_SESSION['brand']=$_POST['brand']; $_SESSION['type']=$_POST['type']; $_SESSION['sort']=$_POST['sort']; if (isset($_GET["page"])) { $page = $_GET["page"]; } else { $page=1; }; $start_from = ($page-1) * 23; $select="select * from $chun where brand = '$_SESSION[brand]' or sort='$_SESSION[sort]' or type ='$_SESSION[type]' LIMIT $start_from, 18"; $result2=mysql_query($select, $connection) or die (mysql_error()); ?> <h1 >Inkjet and Toner Cartridges for the printing device </h1> <p class="writeword">PTi is a leading Remanufacturer and distributor of compatible cartridges and orginal product. We also offer the most comprehensive selection of remanufactured ink cartridges for HP printers at low prices. Along with our 100% Quality Guaranteed HP toner cartridges, we also offer high quality compatible inkjet cartridges for many printers at highly competitive prices. All our products are proudly manufactured in the U.S.A. Enter your search criteria at the top of the page to view details on a specific cartridge. For our award winning customer service, call (780) 4523801 </p> <table class="tableinsert"> <tr> <th>Pti Item#</th> <th>OEM Part#</th> <th>Machine Compatibilty</th> <th>Color</th> <th>Dealer price</th> <th>OEM Price</th> </tr> <?php while ($row=mysql_fetch_array($result2)) { ?> <tr> <td><?php echo $row['item'];?></td> <td><a href="ddl.php?wd=<?php echo $row['id'] ;?>"><?php echo $row['oempart'];?></a></td> <td><?php echo $row['compatibility'];?></td> <td><?php echo $row['colorful'];?></td> <td>$<?php echo $row['comprice']; ?></td> <td><?php echo $row['oemprice']; ?></td> </tr> <?php }; ?> </table> <?php $sql = "select count(*) from $chun where brand = '$_SESSION[brand]' or type ='$_SESSION[type]' or sort='$_SESSION[sort]' "; $rs_result = mysql_query($sql,$connection); $row = mysql_fetch_row($rs_result); $total_records = $row[0]; $total_pages = ceil($total_records / 23); for ($i=1; $i<=$total_pages; $i++) { ?> <div class="trunpage"><a href='table2.php?page=<?php echo "$i" ; ?>&id=<?php echo $_SESSION['brand'];?>&cd=<?php echo $_SESSION['type'];?>&td=<?php echo $_SESSION['sort'];?>' ><?php echo "$i" ; ?></a> </div> <?php } ?> </div> <div class="lineone"></div> <div class="footer"> <p>Copyright 2007-2010 www.ptiimaging.ca Inc. Canada All rights reserved. You can reach us at : By Mail: 17873 106a ave, Unit 101 Edmontn Alberta T5S 1V8 By phone: 1-780-452-3801 By Fax: 1-780-452-3832 By email: ptican@telus.net </p> </div> </div> </body> </html> Hello, for some reason I am unable to get the following code to work: Code: [Select] <?php echo "<h1>Login</h1>"; if ($_SESSION['uid']) { echo " You are already logged in, if you wish to log out, please <a href=\"./logout.php\">click here</a>!\n"; } else { if (!$_POST['submit']) { echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n"; echo "<form method=\"post\" action=\"./login.php\">\n"; echo "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td></tr>\n"; echo "<tr><td>Password</td><td><input type=\"password\" name=\"password\"></td></tr>\n"; echo "<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Login\"></td></tr>\n"; echo "</form></table>\n"; }else { $user = addslashes(strip_tags(($_POST['username']))); $pass = addslashes(strip_tags($_POST['password'])); if($user && $pass){ $sql = "SELECT id FROM `users` WHERE `username`='".$user."'"; $res = mysql_query($sql) or die(mysql_error()); if(mysql_num_rows($res) > 0){ $sql2 = "SELECT id FROM `users` WHERE `username`='".$user."' AND `password`='".md5($pass)."'"; $res2 = mysql_query($sql2) or die(mysql_error()); if(mysql_num_rows($res2) > 0){ $query = mysql_query("SELECT locked FROM `users` WHERE `username`='".$user."'"); $row2 = mysql_fetch_assoc($query); $locked = $row2['locked']; $query = mysql_query("SELECT active FROM `users` WHERE `username`='".$user."'"); $row3 = mysql_fetch_assoc($query); $active = $row3['active']; $query = mysql_query("SELECT email FROM `users` WHERE `username`='".$user."'"); $row3 = mysql_fetch_assoc($query); $email = $row3['email']; if ($active ==1){ if ($locked == 0){ $date = date("j")."<sup>".date("S")."</sup> ".date("F, Y"); mysql_query("UPDATE users SET last_login='$date' WHERE username='$user'"); $row = mysql_fetch_assoc($res2); $_SESSION['uid'] = $row['id']; $previous = $_COOKIE['prev_url']; echo " You have successfully logged in as " . $user . "<br><br><a href='" . $previous . "'>Click here</a> to go to the previous page.\n"; }else { echo "Your acount has been locked out due to a violation of the rules, if you think there has been a mistake please <a href='contact.php'>contact us</a>."; } } else { echo "You need to activate your account! Please check your email ($email)"; } }else { echo " Username and password combination are incorrect!\n"; } }else { echo " The username you supplied does not exist!\n"; } }else { echo " You must supply both the username and password field!\n"; } } } ?> It says that I have logged in successfully but the session is not created. You can find the script here and log in with the username "test" and the password "testing". I'm not sure what more information I should add. Thanks, Cameron Registration.php Code: [Select] <html> <head> <script type="text/javascript"> function a() { var x = document.login.username.value; var y = document.login.pass.value; if(x==""&& y=="") { alert("Please insert all message!"); return false; } if(x=="") { alert("Please insert an username!"); return false; } if(y=="") { alert("Please insert an password!"); return false; } } </script> </head> <?php session_start(); mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("cute") or die(mysql_error()); //session_start(); $username = $_POST['username']; $password = $_POST['pass']; if (isset($_POST["submit"])) { $log = "SELECT * FROM regis WHERE username = '$username'"; $login = mysql_query($log); $number = mysql_num_rows($login); if ($number == 0) { print "That user does not exist in our database. <a href=registration.php><input type='button' value='Register'></a>"; } if ($number > 0) { $_SESSION['is_logged_in'] = 1; } if(!isset($_SESSION['is_logged_in'])) { } else { echo "<meta http-equiv='refresh' content='0; url=form2.php'>"; } } else { ?> <body> <table border="0"> <form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" onsubmit="return a()"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td> <td><input type="text" name="username" maxlength="40"></td></tr> <tr><td>Password:</td> <td><input type="password" name="pass" maxlength="50"></td></tr> <tr><td><input type="submit" name="submit" value="Register"></a></td> <td><input type="submit" name="submit" value="Login"></td></tr> </form> </body> <?php } ?> </html> form2.php Code: [Select] <?php session_start(); if (!isset($_SESSION['is_logged_in'])) { header("Location:login.php"); die(); // just to make sure no scripts execute } ?> <?php mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("cute") or die(mysql_error()); $message=$_POST['message']; $n=$_POST['username']; if(isset($_POST['submit'])) //if submit button push has been detected { if(strlen($message)>1) { $message=strip_tags($message); $IP=$_SERVER["REMOTE_ADDR"]; //grabs poster's IP $checkforbanned="SELECT IP from ipbans where IP='$IP'"; $checkforbanned2=mysql_query($checkforbanned) or die("Could not check for banned IPS"); if(mysql_num_rows($checkforbanned2)>0) //IP is in the banned list { print "You IP is banned from posting."; } else { $thedate = date("U"); //grab date and time of the post $insertmessage="INSERT into chatmessages (name,IP,postime,message) values('$n','$IP','$thedate','$message')"; mysql_query($insertmessage) or die("Could not insert message"); } } } ?> <html> <head> <script type="text/javascript"> function addsmiley(code) { var pretext = document.smile.message.value; this.code = code; document.smile.message.value = pretext + code; } function a() { var x = document.smile.message.value; if(x=="") { alert("Please insert an message!"); return false; } } </script> <style type="text/css"> body{ background-color: #d8da3d } </style> </head> <body> <form name="smile" method="post" action="form2.php" onSubmit="return a()" > Your message:<br><textarea name='message' cols='40' rows='2'></textarea><br> <img src="smile.gif" alt=":)" onClick="addsmiley(':)')" style="cursor:pointer;border:0" /> <img src="blush.gif" alt=":)" onClick="addsmiley('*blush*')" style="cursor:pointer;border:0" /> <input type="hidden" name="username" value="<?php echo $n;?>"> <input type='submit' name='submit' value='Send' class='biasa' ></form> <br> <br> </body> </html> My problem is after i login it redirect to login page although im had put after login page its need to go to form2.php page may i know which problem because now only im learning session Dear Friends I want to execute a php code when my session has been destroy or demoinshed, I need a help regarding this kindly help me. Best Regards Habib I have the following session timeout code which should redirect users of a website to a page (session_expired.php) which prints out a message telling the user that his session has expired. I include this code at the top of every page in the website, that requires user authentication. Code: [Select] <?php //address error handling ini_set ('display_errors', 1); error_reporting (E_ALL & ~E_NOTICE); if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 1800)) { // last request was more than 30 minates ago session_destroy(); // destroy session data in storage session_unset(); // unset $_SESSION variable for the runtime header("location: session_expired.php"); } $_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp ?> The session_expired.php page which I will include below, has a login link, which takes the user to a login page (access_denied.php) Code: [Select] <?php //address error handling ini_set ('display_errors', 1); error_reporting (E_ALL & ~E_NOTICE); //Set the page title before the header file $title = 'Session Expired'; require ('header.php'); //need the header ?> <div id="content" class=""> <div id="left_content" class=""> </div> <!--closes left content--> <div id="right_content" class=""> <div id= "right_content_inner_border"> <h5 style ="position:relative;left:660px;top:1px;"> <a style="text-decoration:none" href="access_denied.php">[Login]</a> </h5> <h3 style ="position:relative;left:110px;top:100px; font-color:blue;"> You Session Expired Due to Inactivity! </h3> </div> <!--closes right content inner border--> </div> <!--closes right content--> </div> <!--closes content--> <?php require ('footer.php'); //need the footer ?> Now here lies the problem. When i set the session timeout to say 60 seconds to test the code, everything seems to work perfectly. The authenticated page gets redirected to session_expired.php after 1 minute and when the user clicks on the login link, he is taken back to the login page(access_denied.php). However, when I replace the time with 1800 seconds, the page notice that when I leave the page idle for JUST about 5 minutes, it gets redirected NOT even to the expected session_expired.php page but strangely, directly to the login page(access_denied.php). What could be going wrong here? Any hint is appreciated. I have several pages on my site using the exact same code at the very top, which works fine except for one page: <?php include_once("../members/dbinfo.php"); The top of dbinfo looks like this: <?php session_start(); And then the connection strings for the database However it is giving me this error on this one page: Quote Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\Inetpub\WebSites\premierathome_com\products\FrenchTalkingDictionary.php:1) in C:\Inetpub\WebSites\premierathome_com\members\dbinfo.php on line 1 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\Inetpub\WebSites\premierathome_com\products\FrenchTalkingDictionary.php:1) in C:\Inetpub\WebSites\premierathome_com\members\dbinfo.php on line 1 Now the session does actually start and doesn't prevent anything from working, I just get those messages. I'm at a loss as to why a different page with the exact same code, save for searching the database for a different product version would have this problem. I have had this code in place as well which works fine on other pages but doesn't help my problem at all: if(!isset($_SESSION['OK'])){ session_start(); } OK being a variable I set up during log in. I'm at a loss, is anyone able to help me out with this? I have a strange problem. When a guest visits my contact-user.php page, they get a message telling them the must login before viewing the page. After the guest logs in, they view the same page and it tells them they have to login again (keeps on looping). But if they manually refresh that page with the "you must be logged in" message, it recognizes the login and lets them in. How can I get this page to immediately recognize that the user is logged in and not require them to refresh the page manually? Here is my code for contact-user.php <?php session_start(); header("Cache-Control: private, max-age=10800, pre-check=10800"); header("Pragma: private"); header("Expires: " . date(DATE_RFC822,strtotime("+2 day"))); include("connection.php"); mysql_select_db("database"); if (isset($_SESSION['username'])) { ******** MY HTML PAGE CONTENT ******** } else { echo "<meta http-equiv='REFRESH' content='2;url=http://www.mysite.com/login.php'> <center><font color='#EE0000'><p>You must be logged in before negotiating. You will now be redirect to the login page.</p></font></center>"; } ?> Here is my code for login.php script: <?php include("connection.php"); mysql_select_db("database"); session_start(); if(isset($_POST['login'])){ $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $tUnixTime = time(); $sGMTMySqlString = gmdate("Y-m-d H:i:s", $tUnixTime); if (!$username || !$password) { print "Please fill out all fields."; exit; } $logres = mysql_num_rows(mysql_query("SELECT * FROM members WHERE username = '$username' and password = '$password'")); if ($logres <= 0) { print "Login failed. If you have not already, please signup. Otherwise, check your spelling and login again."; exit; } else { $_SESSION['username'] = $username; if (isset($_SESSION)) { echo'You are now logging in'; mysql_query("UPDATE members SET activity = '$sGMTMySqlString' WHERE username = '$username'"); } else { echo "You are not logged in!"; } echo'<html><head><meta http-equiv="REFRESH" content="1;url=http://www.mysite.com/members/' . $_SESSION['username'] . '/"></head><body></body></html>'; exit; } } ?> in this page http://maximaart.com/newscp/ i have this problem Code: [Select] Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2 my source code is <?php session_start(); include_once("config.php"); include_once("functions.php"); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") { // the user id and password match, $_SESSION['basic_is_logged_in'] = true; require("main.php"); exit;?> I am trying to create an index page which contains registration and login field the problem that i get is on successful login a warning is displayed session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235 This is the login part of my index.php this tag is inside an html table below the login form I also have a registration form and its php code above the login form Code: [Select] <?php if (isset($_REQUEST['pass'])) { $id=$_POST['id']; $pass=$_POST['pass']; $conn =mysql_connect("localhost","root",""); if (!$conn) { die('Could not connect: ' . mysql_error()); } /* checking connection....success! */ $e=mysql_select_db('test', $conn); if(!$e) { die(''.mysql_error()); } else { echo 'database selected successfully'; } if (isset($_REQUEST['id']) || (isset($_REQUEST['pass']))) { if($_REQUEST['id'] == "" || $_REQUEST['pass']=="") { echo "login fields cannot be empty"; } else { $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'"); $count=mysql_num_rows($sql); if($count==1) /* $count checks if username and password are in same row */ { session_start(); $_SESSION['id']=$id; echo "</br>Login Successful</br>"; } else { echo "</br>invalid</br>"; echo "please try to login again</br>"; } } } } ?> Any help or suggestion would be appreciated I am having trouble resolving an error. Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this: echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php. Code: [Select] <?php session_start(); if(isset($_SESSION['user'])) echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; ?> <div id="loginform"> <form action="dologin.php" method="post"> <table> <tr> <td><span>Username:</span></td> <td><input type="text" name="username" /></td> </tr> <tr> <td><span>Password:</span></td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td> </tr> </table> </form> </div> I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this. Any advice is greatly appreciated! I'm making a simple login system with MySQL and PHP (very simple, I'm just starting with PHP). The MySQL portion is done, but I need to ensure only people who are logged in can see certain content. To check if people are logged in, my website checks that they have the $_SESSION['user'] variable set. If it is set, then it lets them continue through the website, if not, it tells them to login. Is that enough security, or can people simply inject a session cookie into their browser to spoof that they are logged in? My idea was to generate a session key cookie when they login (just a random string of letters and numbers) and store that in the database, then on every page, check to make sure their session key is the same thing that's in the database. Is this necessary? It seems expensive. hi everyone. i'm wondering what the best way is to create a session variable and pass it to an iframe. i need to do something along these lines, but it doesn't seem to pass the ID. Any hints on how i should accomplish this? Code: [Select] session_start(); $_SESSION['ID']=$_GET['ID']; // id from previous page $ID=session_id(); <iframe src="iframepage.php?ID=<?php echo $ID; ?>" style="width:680px; height:200px;" noresize="noresize" frameborder="0" border="0" scrolling="Yes" allowtransparency="true" /> </iframe> Evening! I've been iffing and ahhing over this and well im not too sure, hence the post. Code: [Select] // Redirects if there is no session id selected and echos the error on the previous page if(!isset($_GET['get']) || ($_GET['getget'])){ header("Location: #.php?error"); } So it should simply check if get is set if it isnt then see if getget is set? If not redirect and show the error. Now ive tried it and even when get/getget is set it still redirects, probably something silly. Care to share anyone? Harry. Just curious how other people feel about this. I am working on an application where a lot of info is pulled from MySQL and needed on multiple pages.
Would it make more sense to...
1. Pull all data ONCE and store it in SESSION variables to use on other pages
2. Pull the data from the database on each new page that needs it
I assume the preferred method is #1, but maybe there is some downside to using SESSION variables "too much"?
Side question that's kind of related: As far as URLs, is it preferable to have data stored in them (i.e. domain.com/somepage.php?somedata=something&otherdata=thisdata) or use SESSION variables to store that data so the URLs can stay general/clean (i.e. domain.com/somepage.php)?
Both are probably loaded questions but any possible insight would be appreciated.
Thanks!
Greg
Edited by galvin, 04 November 2014 - 10:30 AM. Hello, I am interested in how the php can recognise a certain session when everytime i start session new id is created. For example i made this small script: session_start(); if( isset( $_SESSION['test'] ) ) { echo "test is set"; } else { $_SESSION['test'] = 'test'; echo "test is not set"; } My browser is closed. All files from /tmp folder where php default sessions files are stored in wamp are deleted. So i start the browser and it of course echoes "test is not set", then i check the folder and new session file is created. I then refresh the page and it normally echoes "test is set" but no new session files are created in /tmp folder. So now i close the browser and start it again. New file is created in /tmp although i used same browser. Now this new file has a different name than one previously created. So this time again it says "test it not set" and when i refresh the page it says "test is set" so my question is what logic is used by php to determine from which session file in /tmp folder to load session on page refresh when it creates a new id every time session is started ( browser opened ) even though the browser and ip are same. Thanks Pls tell me what is wrong? <?PHP include("dba.php"); function hvataj ($trazi, $id) { $upit = mysql_query ('select * from administrator where member_id = '.$id.''); return ( $row = mysql_fetch_assoc ($upit) ) ? $row[$trazi] : mysql_error (); } ?> I have parse error here on this line when I want to echo it: <?PHP echo "<img src='images/korisnik_slike/".hvataj('slika',$_SESSION['member_id']."' />"; ?> hello all, What I want to do is, make the session ID clickable in a url here Code: [Select] Login Successful <a href="user.php">Conitnue</a> so when a user logs in, his ID gets in the link of Continue so he can only see his information so for example, if his id is 10, then the url would be ....user.php?id=10 To my understanding, a session is created and then stored on the server with its assigned value and a unique id. So, if that is correct I should be able to somehow locate a particular session on the server based on it's assigned value. Well, I was hoping to use this concept to keep multiple people from logging in under the same account at the same time. I figured that I could check this in my login script by declaring the customer's id as the session value when they login. Then, I could check for a session variable equal to the cusotmer's id when they try to login. My (untested) code is below. Am I going about this right, and how would I check to see if a user's session is currently set on the server? Code: [Select] <?php // initiate session and redirect logged in users session_start(); if(isset($_SESSION['customer_id'])) { header('location:my_videos.php'); } // if login button was pressed if(array_key_exists('login', $_POST)) { // initalize error array and check that user supplied a username and password $error = array(); $username = trim($_POST['username']); $password = trim($_POST['password']); if(empty($username)) { $error['username'] = 'Please enter your username.'; } if(empty($password)) { $error['password'] = 'Please enter your password.'; } // if username and password supplied then proceed if(!$error) { // connect to the database require_once('includes/connect.php'); // filter data for query $username = mysql_real_escape_string($username); $password = md5(mysql_real_escape_string($password)); $queryUser = mysql_query("SELECT customer_id, customer_username, customer_password FROM customer WHERE customer_username = '$username' AND customer_password = '$password'", $connect) or die(mysql_error()); $dataUser = mysql_fetch_assoc($queryUser); $rowsUser = mysql_num_rows($queryUser); $customerId = $dataUser['customer_id']; // determine if the user is a valid customer if($rowsUser == 1) { // see how many IP addresses the customer has used to login with in the past 24 hours $queryIP = mysql_query("SELECT COUNT(DISTINCT log_ip) AS ip FROM log WHERE log_customer_id = $customerId AND log_timestamp IN((DATE_SUB(NOW(), INTERVAL 1 DAY)), NOW())") or die(mysql_error()); $dataIP = mysql_fetch_assoc($queryIP); if($dataIP['ip'] > 3) { $error['ip'] = 'This customer account has reached the maximum number of IP addresses allowed. If you feel this is a system error please send us an email via the Contact Us form.'; exit; } else { // see if the customer is already logged in $queryLogged = mysql_query("SELECT customer_id, customer_logged_in FROM customer WHERE customer_logged_in = 1 AND customer_id = '$customer_id'", $connect) or die(mysql_error()); $dataLogged = mysql_fetch_assoc($queryLogged); $rowsLogged = mysql_num_rows($queryLogged); if($rowsLogged == 1) { // if database shows the customer is already logged in // if there is also a session variable set that matches their customer id on the server if($_SESSION['customer_id'] == $customerId) { // i need to somehow find this session value on the server first // this means the user is trying to login from two different locations header('location:bad_login.php'); exit; // if no session variable for customer id is set on the server } else { // this means user lost connection without logging out // set a customer id session variable $_SESSION['customer_id'] = $customerId; // log customer activity $ip = $_SERVER["REMOTE_ADDR"]; $queryLog = mysql_query("INSERT INTO log (log_timestamp, log_ip, log_customer_id) VALUES (NOW(), '$ip', '$customerId')", $connect)or die(mysql_error()); // send user to appropriate page (if a previous page session variable exists send them there) if(isset($_SESSION['previous_page'])) { header('location:video_info.php'); // if not send them to the my_videos.php page } else { header('location:my_videos.php'); } } } // if database shows the customer is not logged in else { $_SESSION['customer_id'] = $customerId; $queryLogin = mysql_query("UPDATE customer SET customer_logged_in = 1 WHERE customer_id = '$customerId'", $connect) or die(mysql_error()); $ip = $_SERVER["REMOTE_ADDR"]; $queryLog = mysql_query("INSERT INTO log (log_timestamp, log_ip, log_member_id) VALUES (NOW(), '$ip', '$customerId')", $connect)or die(mysql_error()); if(isset($_SESSION['previous_page'])) { header('location:video_info.php'); } else { header('location:my_videos.php'); } } } // if there was no match found in the database } else { $error['login'] = "Incorrect username and/or password. If you do not have an account with us, please create one"; } } } ?> Hi People, I am on a deadline and finding that my code does not work in php5 and I have to change it to work. Just wonder if anyone can spot the obvious within my code. This all worked in php4 but now I have to rewrite it. Basically its a little order system. <? include("inc/connect.php"); // Continue start session. // We need to first check to see if an item with the SID and cat and product_code exists in the database, // if it does then we need to update that item, if not then we need to add the item // clean out any malicious data foreach ($_REQUEST as $k => $v) { $_REQUEST[$k] = (get_magic_quotes_gpc() ? strip_tags($v) : strip_tags(addslashes($v))); } session_start(); { $sql = "SELECT * FROM orders WHERE sid = '$PHPSESSID' AND product_id = '$product_id' "; $sql_result = mysql_query($sql); if (mysql_num_rows($sql_result) ==0) { # setup SQL statement $SQL = " INSERT INTO orders (sid,product_id,product_title,qty,standard_price,deluxe_price) VALUES ('$PHPSESSID','$product_id','$product_title','$qty','$standard_price','$deluxe_price')"; #execute SQL statement $result = mysql_db_query( azflowers,"$SQL",$connection ); # check for error if (!$result) { echo("ERROR: " . mysql_error() . "\n$SQL\n"); } } else { # setup SQL statement $SQL = " UPDATE orders SET qty = qty +1 WHERE sid = '$PHPSESSID' AND product_id = '$product_id' "; #execute SQL statement $result = mysql_db_query( azflowers,"$SQL",$connection ); # check for error if (!$result) { echo("ERROR: " . mysql_error() . "\n$SQL\n"); } } header("Location: http://www.site.com/site/cart.php?sid=$PHPSESSID"); exit; } ?> How to add more data into $_SESSION? I have following code: Code: [Select] if(isset($_GET['poredi']) && $_GET['poredi'] == "upo"){ $idp = intval($_POST['idp']); $sql = "SELECT * FROM product WHERE product_id={$idp}"; $query=mysql_query($sql); if(mysql_num_rows($query)!=0){ $row=mysql_fetch_array($query); $_SESSION['poredi'] = $row['product_id']; } } On click it need to store more product_id, and after that i have to be able to do query with data (find all data with product_id)? |
|||||||