PHP - Steps Needed To Have A Working Session.

I am using AJAX to access this file on my domain (weblyize.com), from my subdomain (ping.weblyize.com), and it keeps going into the if statement, logged is set on the domain, because I can see it when I go to a page that displays it. Anyone know why it is going into the if? If I go to the page directly, it works fine.

header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: POST, GET");
header("Access-Control-Allow-Headers: NCZ");
header("Access-Control-Max-Age: 1728000");
session_set_cookie_params(0, "/", ".weblyize.com", false); 
session_start();
if(!isset($_SESSION['logged']) || !$_SESSION['logged']){
header("HTTP/1.0 400 Bad Request");
header("Status: 400 Bad Request");
exit;
}

Hello, I'm trying to test a simple login system without a db, just for testing purposes. I have created a php file that checks if the username and pass are valid and register a session.

Code: [Select]
<?php
session_start();
define("ADMINUSER", "user");
define("ADMINPASSWORD", "pass");
$user = $_POST['user'];
$pass = $_POST['pass'];
if (($user==ADMINUSER) && ($pass==ADMINPASSWORD))
{
    $_SESSION['logged_in'] = true;
    header("Location: main.php");
}
else
{
    header("Location: auth.php?flag=wrong");
}
?>

and include this in other files to check if the user is logged in:

Code: [Select]
<? session_start();
if ($_SESSION['logged_in'] != true)
{
    header("Location: auth.php?flag=not");
    exit;
}
?>

But this doesn't seem to work, as I closed the window, clear my cookies and shutdown my PC and when I try to open it again and it doesn't redirect me to the login page(auth.php).

What am I doing wrong ? Any help is appreciated.

i am trying to make a range of numbers which have a step of 11 then 7 then 11 which can then be compared.  the result im after is 1, 12, 19, 30. Is there a way i could do this without storing the sets in an array and looping though them? Any help would be greatly appreciated, thanks.

A friend of mine is looking at relaunching a site he used to run and I am going to try to persuade him to move over to a dynamic site.

The site is a Football Clubs history site and contains around 2,000 games and several hundred players. The obvious advantage of a dynamic site is that even the bits I just mentioned run to around 2,500 static pages, which could be reduced to just 2 pages if dynamically driven.

I am fairly confident that I can do the conversion, but there is one thing that I already know I may struggle with and that is the page which shows game, births and deaths on this day in history. A rough example (using a very heavy Javascript code) can be found at http://follyball.co.uk/jeff/.

In a simplified form (ignoring for now the foreign keys to relationships that these tables actually have) there will be two tables
GAMES
game_id | date | competition | opponent | score | attendance

PLAYERS
player_id | surname | firstname | date of birth | date of death

What I would be looking for is a way to take todays date, and find any corresponding records in games.date, players.date of birth, players.date of death on the same date in previous years. This would be simple to do as three different queries but as I would like to actually mix the three and show them in date order, I would like to do it in one query, presumably using UNIONS.

On top of this, I would also like a slightly different output for each different set, for example, if it was a game I would like
year, competition, opponent, score, attendance,

Whereas if it is a players birth or death, I would like it to show something like
firstname surname was born in year

Before I go delving too deep into how it may be done, I would like to know if it can be done! I cannot see why it would not be able to generate this but if it is going to be way out of my ability, then I will look for another option!

Thanks in advance
Steve

I have two test files.
First file: (test.php)

<?php
session_start();
function __autoload($class) {
include "../libs/$class.php";
}
$_SESSION = new session("ttocskcaj",84824526893564);
echo "Welcome ".$_SESSION->getUsername();
echo '<p><a href="test2.php">Test 2</a></p>';
Second File  (test2.php)

<?php
session_start();
function __autoload($class) {
include "../libs/$class.php";
}
print_r($_SESSION);
echo "Welcome ".$_SESSION->getUsername();

echo '<p><a href="test.php">Test 1</a></p>';

But the second file just returns this;
Code: [Select]
Array ( )
Fatal error: Call to a member function getUsername() on a non-object in C:\xampp\htdocs\main\zend\TFFW\public\test2.php on line 4

Here's the session class https://github.com/ttocskcaj/The-Forum-Framework/blob/master/libs/session.php
Is it even possible to save objects in a session? If so, what's going wrong?

Code: [Select]
$itemlisted = $_POST['itemlisted'];

if ($itemlisted) {
 
unset($_SESSION['items'][$itemlisted]);
 }
 

it should work i don't get it.  $itemlisted is 1... so it should delete [1] in the array.  any idea why it's not working?

As the title says session, post and get are not working. This is what i use to initialize them. For get just switch session with get.

Code: [Select]
foreach ($row as $val)
          { 
            $_SESSION[$rowcount] = $val;
//              echo "<td>$val</td>\n";
                $rowcount=$rowcount+1;
      }
when i was using session i would check to make sure that they were working with a couple of these lines in the same php document.

Code: [Select]
echo "Session row 1 = ".$_SESSION[0]."<br />";
echo "Session row 2 = ".$_SESSION[1]."<br />";
then on the next page where I was trying to receive the variables i was using this just to start off with and make sure i was getting the variables.

Code: [Select]
session_start();
if(!isset($_SESSION[1])){
echo "help1";}else{$var=$_SESSION[1];
}
echo $_SESSION[1];
echo $var;
if i switch to post and get i get the same results. if there is an easier way to pass variables between pages id love to hear them

Hello, for some reason I am unable to get the following code to work:

Code: [Select]
<?php
echo "<h1>Login</h1>";

if ($_SESSION['uid']) {
    echo "&nbsp; &nbsp; You are already logged in, if you wish to log out, please <a href=\"./logout.php\">click here</a>!\n";
} else {

if (!$_POST['submit']) {
echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n";
echo "<form method=\"post\" action=\"./login.php\">\n";
echo "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td></tr>\n";
echo "<tr><td>Password</td><td><input type=\"password\" name=\"password\"></td></tr>\n";
echo "<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Login\"></td></tr>\n";
echo "</form></table>\n";
}else {
$user = addslashes(strip_tags(($_POST['username'])));
$pass = addslashes(strip_tags($_POST['password']));
        
            if($user && $pass){
                $sql = "SELECT id FROM `users` WHERE `username`='".$user."'";
                $res = mysql_query($sql) or die(mysql_error());
                if(mysql_num_rows($res) > 0){
                    $sql2 = "SELECT id FROM `users` WHERE `username`='".$user."' AND `password`='".md5($pass)."'";
                    $res2 = mysql_query($sql2) or die(mysql_error());
                    if(mysql_num_rows($res2) > 0){

$query = mysql_query("SELECT locked FROM `users` WHERE `username`='".$user."'");
$row2 = mysql_fetch_assoc($query);
$locked = $row2['locked'];

$query = mysql_query("SELECT active FROM `users` WHERE `username`='".$user."'");
$row3 = mysql_fetch_assoc($query);
$active = $row3['active'];

$query = mysql_query("SELECT email FROM `users` WHERE `username`='".$user."'");
$row3 = mysql_fetch_assoc($query);
$email = $row3['email'];


if ($active ==1){

if ($locked == 0){

$date = date("j")."^{".date("S")."} ".date("F, Y");

mysql_query("UPDATE users SET last_login='$date' WHERE username='$user'");

$row = mysql_fetch_assoc($res2);
$_SESSION['uid'] = $row['id'];
$previous = $_COOKIE['prev_url'];
echo "&nbsp; &nbsp; You have successfully logged in as " . $user . "<br><br><a href='" . $previous . "'>Click here</a> to go to the previous page.\n";
}else
{
echo "Your acount has been locked out due to a violation of the rules, if you think there has been a mistake please <a href='contact.php'>contact us</a>.";
}
} else {
echo "You need to activate your account! Please check your email ($email)";
}
   }else {
                        echo "&nbsp; &nbsp; Username and password combination are incorrect!\n";
                    }
                }else {
                    echo "&nbsp; &nbsp; The username you supplied does not exist!\n";
                }
            }else {
                echo "&nbsp; &nbsp; You must supply both the username and password field!\n";
            }
}

}
?>
It says that I have logged in successfully but the session is not created. You can find the script here and log in with the username "test" and the password "testing". I'm not sure what more information I should add.

Thanks,
Cameron

Hi everyone,

I am trying to implement an OAuth system in PHP. I've got the code working but the very first time a fresh, new browser window is opened, the code doesn't work. If I refresh the page and try again, then it works. I have a few suspicions as to where the problem might be but other than that I am stumped.

I have two classes: OAuthServer and OAuthClient. I create and store an object of the appropriate class in session variables. I know this is tricky but I am serializing and unserializing properly. To fetch responses from the Server, I am using curl. As curl uses a different session from the browser, I am doing a session_write_close before initializing curl and passing the appropriate parameters to curl.

But my code needed to further write session variables even after session_write_close was called and to achieve this, I am calling session_start(), once again, after the curl code is finished. I found that this works but PHP was throwing warnings saying that the header info had already been sent or something like that, but I have suppressed such warnings. I suspect the error has something to do with this but I'm not sure.

The part that doesn't work the very first time is that on the server-side, the session variable that is supposed to contain the OAuthServer object is NULL. But if I do a refresh of the page(flow: login_page->error_page), it works.

Can anyone tell me why I am encountering the above error and if I am doing things correctly or not. Any help would be greatly appreciated.

Thanks & Regards,
GarbageGigo

<?php
session_start();
if(!isset($_SESSION['User'] ))
header('Location : error.php');
?>

im not being redirected even when the $_SESSION['User'] is not set neither does it display any error message other than a white blank space.
Please help me som1 as how I can make this to work or suggest any other altenatives so as to get it redirected as i dont want anonymous users to access some contents unles he logs in as members.
Thanx

hi guys.
i am trying to set a variable to the session global variable. I've initialized the session with session_start();  at the very beginning of my website, and then i try finding if a session variable has been set like so if(isset($_SESSION['user'])) { print 'user is logged in'; } but this works in reverse.  i have not set any session variables, but asking if it is set, results in an affirmative answer.

so i am thinking this is because of register_globals. because i went to read about register_globals, and it says that if register_globals is turned off, i cannot use any other varibale except members of the session array. i dont know what that is yet, but a question befo in the php manual it says register_globals is deprecated, and it appears i need to enable it to set other variables as session variables besides it's associative array. if this is true, how to enable register_globals and allow other variables to be used as session variables?

Hi All,

My goal is to process all redirects serverside and simply return the user to the 'final' URL.

Here's my function to get the final URL:
PHP Code:
function get_final_url($url){ 
    global $final_host; 
        $redirects = get_all_redirects($url); 
        if (count($redirects)>0){ 
          $final_url = array_pop($redirects); 
          if(substr($final_url,0,7) != 'http://' && !empty($final_host)) 
            { $final_url = 'http://'.$final_host.$final_url; } 
                return $final_url; 
        } else { 
                return $url; 
        } 

Here's the cURL execution:

$ch2 = curl_init();      
                        curl_setopt($ch2,CURLOPT_URL,$url); 
                        curl_setopt($ch2, CURLOPT_FOLLOWLOCATION, true); 
                        curl_setopt($ch2,CURLOPT_POST,''); 
                        curl_setopt($ch2,CURLOPT_POSTFIELDS,''); 
                        curl_exec($ch2); 
                        curl_close($ch2); 

For some reason, this works no problem, posts any data over to the URLs serverside, redirects serverside, and passes the client to the final URL, with none of the redirection displayed via HTTPWatch or any similar debug utility. Sometimes, however, it does show phases of redirection.

Any insight into what I might be doing incorrectly?

Thanks SO much in advance.
E

I am trying to create an index page which contains registration and login field
the problem that i get is on successful login a warning is displayed
session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235

This is the login part of my index.php
this tag is inside an html table below the login form
I also have a registration form and its php code above the login form


Code: [Select]
<?php
if (isset($_REQUEST['pass']))
{
    $id=$_POST['id'];
    $pass=$_POST['pass'];

    $conn =mysql_connect("localhost","root","");
    if (!$conn)
    {
   die('Could not connect: ' . mysql_error());
    }
/*
checking connection....success!
*/
    $e=mysql_select_db('test', $conn);
    if(!$e)
    {
   die(''.mysql_error());
    }
    else
    {
   echo 'database selected successfully';
    }

    if (isset($_REQUEST['id'])  || (isset($_REQUEST['pass'])))
    {
        if($_REQUEST['id'] == "" || $_REQUEST['pass']=="")
        {
       echo "login fields cannot be empty";
        }
        else
        {
            $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'");
            $count=mysql_num_rows($sql);
            if($count==1) 

    /* $count checks if username and password are in same row */
            {   
                session_start();
                $_SESSION['id']=$id;
                echo "</br>Login Successful</br>";
            }
            else
            {
           echo "</br>invalid</br>";
           echo "please try to login again</br>";

            }
        
        }   
    }
}
?>


Any help or suggestion would be appreciated

in this page
 http://maximaart.com/newscp/
i have this problem
Code: [Select]
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2

my source code is

<?php
session_start();
include_once("config.php"); 
include_once("functions.php");
$errorMessage = '';
if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") {
// the user id and password match,
$_SESSION['basic_is_logged_in'] = true;
require("main.php");
exit;?>