PHP - Can Somebody Help Me With This (simple Program, Messing Up Session Variables?)

Say I have a dropdown menu consisting of user specific options. I need to be able to set a session variable depending on the option chosen & then re-access it on the following page. Can someone give me a crash course on how to utilize session variables?

Hi.  I'm brand new to this forum, so sorry if I do something wrong...

I'm someone who has thought myself to code in php to add dynamic objects to my basic static websites.  I have had no formal education.  This is not my first project however. 

I'm having problems with session variables working fine up to a point when I call a new file and then all my session variables are lost.  I have tried everything, but cannot keep them alive when I get into this or any other new file.

I display a form, get user data submitted, then display a next form and after the user submits this next form all the session variables are lost.

Anyone have any idea what is killing my session variables?

Thanks in advance.

Hi

Can some steer me in the right direction.  I am having issues subtotaling 2 session variables:

<td>'.$_SESSION['itemqty'][$key].'*'.$_SESSION['itemprice'][$key].'</td>

Can you advise if I am doing this right?

Cheers

Hi All! I've written up a script for my website. It\ is basically a virtual job quest. My queries are all correct it just isn't registering the variable for the session. It is $-SESSION[theid']. I want to be bale to use it in my table but I get an error. How do I write this in my SQL query for it to work. The page (when no errors), doesn't show my data. Here is my ocde:

Code: [Select]
<?php
session_start();
include("config536.php");
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>

<?php
if(!isset($_SESSION['username'])) {
echo "<ubar><a href=login.php>Login</a> or <a href=register.php>Register</a></ubar><content><center><font size=6>Error!</font><br><br>You are not Logged In! Please <a href=login.php>Login</a> or <a href=register.php>Register</a> to Continue!</center></content><content><center><font size=6>Messages</font><br><br></center></content>";
}

if(isset($_SESSION['username'])) {
echo "<nav>$shownavbar</nav><ubar><img src=/images/layout/player.gif><a href=status.php>$showusername</a>.......................<img src=/images/layout/coin.gif> $scredits</ubar><content><center><font size=6>Basic Quests</font><br><br>";

$startjob = $_POST['submit'];
$jobq = "SELECT * FROM jobs WHERE username='$showusername'";
$job = mysql_query($jobq);
$jobnr = mysql_num_rows($job);

if($jobnr == "0") {
?>
<form action="<?php echo "$PHP_SELF"; ?>" method="POST">
<input type="submit" name="submit" value="Start Job"></form>
<?php
}
if(isset($startjob)) {
$initemidq = "SELECT * FROM items ORDER BY RAND() LIMIT 1";
$initemid = mysql_query($initemidq);
while($ir = mysql_fetch_array($initemid)) {
$ids = $ir['itemid'];
}
mysql_query("INSERT INTO jobs (username, item, time, completed) VALUES ('$showusername', '$ids', 'None', 'No')");
$wegq = "SELECT * FROM items WHERE itemid='$ids'";
$weg = mysql_query($wegq);
while($wg = mysql_fetch_array($weg)) {
$im = $wg['image'];
$nm = $wg['name'];
$id = $wg['itemid'];
}
$_SESSION['theid'] = $id;

echo "<font color=green>Success! You have started this Job!</font><br><br>Please bring me this item: <b>$nm</b><br><br><img src=/images/items/$im><br><br><br>";
echo $_SESSION['theid'];
}

if($jobnr == "1") {
$finish = $_POST['finish'];
$okgq = "SELECT * FROM items WHERE itemid='$yes'";
$ok = mysql_query($okgq);
while($ya = mysql_fetch_array($ok)) {
$okname = $ya['name'];
$okid = $ya['itemid'];
$okimage = $ya['image'];
}
echo "Where is my <b>$okname</b>?<br><br><img src=/images/items/$okimage><br><br><br>";
echo $_SESSION['theid'];
?>
<form action="<?php echo "$PHP_SELF"; ?>" method="POST">
<input type="submit" name="finish" value="I have the Item"></form>
<?php
}
}

if(isset($finish)) {
$cinq = "SELECT * FROM uitems WHERE theitemid='$_SESSION[theid]'";
$cin = mysql_query($cinq);
$connr = mysql_num_rows($cin);
if($connr != "0") {
echo "<font color=green>Success! You have the item.</font>";
} else {
echo "<font color=red>Error! You do not have my item!</font>";
}

}
?>
. I basically just want to know how I can set this session as a variable. Also..I have a user login on every page and I want to be able to destroy JUST THE "theid" session and NOT the username session. How would I do that too? thanks for the help in advance!

I have a PHP page that offers various information from a single text file. This text file is

encrypted on the server HD.

Upon initial entry into the page, the user enters an encryption/decryption KEY and the

encrypted file is decrypted to clear text and it is available for viewing.

I have some parameters that I store in PHP session variables. I do this since various

subsequent actions by the user will require these parameters. The code is written and the whole process seems to

work well.

Since the info in these session variables is sensitive, I need to understand WHERE they are

stored. I know that it is a file on the HD, but after hours of reading the PHP Manual on

sessions, I am not finding where (HD directory) that storage is.

I have a typical shared hosting account for my web site. Mostly I want to discover is, are

the session variables in y User/file hierarchy, or are they stored in a system area where

the PHP is installed.

Whew. Sorry this was so long.

Thank you,
xphp

I am finally making the upgrade from PHP 5.3 to PHP 7.3.  When converting over the code I noticed that session some sessions are not being processed.  My test code for this is below:

 

session_start(); 
include ("../includes/connect.inc");

echo "hiiiiiiii: ".$currentDate;
echo "He  ".$_SESSION['user'];


if (isset($_SESSION['user']))
{
	$user = $_SESSION['user'];
	$currentDate = date("Y/m/d");

}
else
{
	echo "Session not started: ";
}

 

My include is listed below:

$link = mysqli_connect('localhost', 'root', ''); 
if (!$link) { 
    die('Could not connect: ' . mysql_error("Connection error message")); 
} 
mysqli_select_db($link, 'dbname') or die (mysqli_error($link)); 



date_default_timezone_set('America/Chicago');

define ("TZ_CORRECTION", 43200);

$bkcolor = "#FFFFFF";

$currentDate = (Date("Y-m-d"));

I am not getting the message "Session not started or the current date from the include".   

If it matters I am using WAMP as my testing server

Any help is greatly appreciated.

Is there a way to use extract to make session variables? If so how would you go about doing it?

Hi,

I am facing problems in destroying the session variables in my logout file  .I have used session_id() in my php files for ex $sid = session_id().Now when I click on logout I naviagte to my index file but the session variable $sid still remain.I have chkd it.I have kept session_start() function in a file and I am including that file in every php by require_once function.The file is palced in Includes folder..is it causing the problem?? please help me out

Also can I use session_start() more than once in a single php file?

My logout file is :

<?php
        session_start();
   session_destroy();
   header("location:index.php");
   exit();
?>

About to pull my hair out.  Looks simple, I think it's simple, but something is not behaving.  I have a simple login page (loginpage.php) which checks a database for the FamilyID and Password, if it is a match, then it redirects them to userspage.php.  I eventually want to use the FamilyID as a filter for my database so I only show the stuff relative to that FamilyID.  Using CS5 and the built in functions, and it looks to me that the session variable 'MM_Username' should contain the FamilyID which is "adminid" in my database.  It appears to work since it sends me to my userspage.php when I enter a valid FamilyID and Password, but it will not show me my session variable on the that page!!! PLEASE PLEASE HELP...Slap me in the face if it's a stupid question, but I have spent WAY too much time trying to figure what is wrong.  I have included my code:

 

CODE FOR LOGINPAGE.PHP

 

<?php require_once('Connections/MyTest.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;   
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['familyid'])) {
  $loginUsername=$_POST['familyid'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "userspage.php";
  $MM_redirectLoginFailed = "loginpage.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_MyTest, $MyTest);
 
  $LoginRS__query=sprintf("SELECT adminid, password FROM `admin` WHERE adminid=%s AND password=%s",
    GetSQLValueString($loginUsername, "int"), GetSQLValueString($password, "text"));
   
  $LoginRS = mysql_query($LoginRS__query, $MyTest) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
   
if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;     

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<form id="form1" name="form1" method="POST" action="<?php echo $loginFormAction; ?>">
  <p>
    <label for="familyid">FamilyID:</label>
    <input type="text" name="familyid" id="familyid" />
  </p>
  <p>
    <label for="password">Password:</label>
    <input type="text" name="password" id="password" />
  </p>
  <p>
    <input type="submit" name="Submit" id="Submit" value="Submit" />
  </p>
</form>
</body>
</html>

 

 

CODE FOR USERSPAGE.PHP

 

<?php
if (!isset($_SESSION)) {
  session_start();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<strong>YOU MADE IT!
</strong>
<?php echo $_SESSION['MM_Username']; ?>
</body>
</html>

 

 

THANKS IN ADVANCED!!!

Hello! I'm a bit of a novice on PHP variables still and perhaps I'm trying to run before I can walk.

I have an SQL database that I am able to successfully write to without any problems. I have also created a session variable for the user id number that I am able to retrieve on a later page. My problem is that I have hit a wall when it comes to retrieving the data from the database based upon the session variable user id.  Here is my code and error:

$_SESSION['ID_ASSIGNED']=$_POST[KSU_ID]; //this line takes the form data and successfully assigns it to the session variable on an earlier page

echo $_SESSION['ID_ASSIGNED']; //that line works normally.

Here's my problem code (the line starting with $result ). The line works fine if I input: $result = mysql_query("SELECT * FROM $usertable WHERE KSU_ID='some id number'");:

<?php

$result = mysql_query("SELECT * FROM $usertable WHERE KSU_ID=$_SESSION['ID_ASSIGNED']");

$row = mysql_fetch_array($result);

   echo "<br />Participant Number:";
   echo $row['ID'];

   echo "<br />Name: ";
   echo $row['lname'];
   echo  ",&nbsp;";
   echo $row['fname'];

   echo "<br />Student Number:";
   echo $row['KSU_ID'];

   echo "<br />Age: ";
   echo $row['age'];

   echo "<br />Gender: ";
   echo $row['gender'];

   echo "<br />Grade: ";
   echo $row['grade'];

mysql_close($con);
?>

Hi,

I'm having a wierd problem related to session variables. It looks like variables would get duplicated inside same session, which of course should not be possible.

Background:
This problem exists on one page script which creating a quote request system where users can select different products and get quote for those. Quote system creates quote ID per customer and all products selected in one session should go under the same quote ID. Problem is that sometimes when user selects products second quote ID is created and after that products are randomly added into both of quotes. While trying to solve this problem I added simple logs to see what's going on, those are added below.

Problem seems to be caused by duplicated session variables. At somepoint it looks like session variables are not defined any more and new quote ID is created. After that the old and new session variables seems to be used randomly.

To demonstrate the problem I added session variable called 'counter' which is defined if it does not exist and incremented always when page is reloaded by submitting the form. As you can see from below logs the 'counter' variable seems to have duplicate values, see the quote value to separate two different session variable "sets".


<?php session_start();
echo "\n Current session id: ".session_id();
echo "\n _SESSION['quote']: ".$_SESSION['quote'];
$_SESSION['counter'] = isset($_SESSION['counter'])? $_SESSION['counter'] +1 : 0;
echo "\n _SESSION['counter']: ".$_SESSION['counter'];


Output when page is reloaded(form submitted):
 
 Current session id: r5i15u4s9e20ud4j6jke8ln376
 $_SESSION['quote']: 
 $_SESSION['counter']: 0
 set  _SESSION['quote']: 984
 
 Current session id: r5i15u4s9e20ud4j6jke8ln376
 $_SESSION['quote']:
 $_SESSION['counter']: 0
 set  _SESSION['quote']: 985
 
 Current session id: r5i15u4s9e20ud4j6jke8ln376
 $_SESSION['quote']: 985
 $_SESSION['counter']: 1
 
 Current session id: r5i15u4s9e20ud4j6jke8ln376 
 $_SESSION['quote']: 985 
 $_SESSION['counter']: 2 
 
 Current session id: r5i15u4s9e20ud4j6jke8ln376 
 $_SESSION['quote']: 984 
 $_SESSION['counter']: 1 
 
 Current session id: r5i15u4s9e20ud4j6jke8ln376 
 $_SESSION['quote']: 985 
 $_SESSION['counter']: 3 
 
 Current session id: r5i15u4s9e20ud4j6jke8ln376 
 $_SESSION['quote']: 984 
 $_SESSION['counter']: 2 


Could anyone explain how the 'counter' can behave such way inside same session (based on session ID)?
This is far beyond my knowledge and I would highly appreciate any advice or tip how to solve this porblem. Thanks.

BestRegards,
Laowai

Hello all, I just wrote a php website to communicate with a database and it has a login based on the users email and password, they login on the first page and then the php checks for every page they visit if they indeed logged in before and not just found out what php file to open to get where they want to be. For this I used session variables to store both e-mail and password. The login info gets posted from the 1st(login) site to the 2nd site where it is checked for the first time, after that the login info isn't posted to the next page anymore, but just checked, this works for the 3rd page but when the user hits for the 4th page the variables are lost(I can't echo them either). However if I'd go from the 2nd page directly to the 4th page the page will load, however the 5th will then get my security-msg. So offcourse, I am wondering how this might have happened and how to fix this problem, here's some of the code I wrote:

This is the check for the logininfo:

<?php
include('SessionStart.php');
include('logindata.php');

$db = mysql_connect($host, $user, $pw);

if (!$db)
{
   echo "<br />Helaas, u heeft geen verbinding met de database.";
   exit();
} else
{
   mysql_select_db("teammanagementtool", $db);
   
$sql24 = "SELECT * FROM leidinggevenden";
$allesarray = mysql_query($sql24);

$i = 0;
while ($mails = mysql_fetch_array($allesarray)) {
   $mailtjes[$i] = $mails['lg_mailadres'];
   $i = $i+1;
}
   
   echo "...".$_SESSION['sessie']['email']."...".$_SESSION['sessie']['password']."...".$session_name."...";
   
if (in_array($_SESSION['sessie']['email'],$mailtjes)) {

   $sql25 = "SELECT lg_wachtwoord FROM leidinggevenden WHERE lg_mailadres = '".$_SESSION['sessie']['email']."'";
   $pass = mysql_query($sql25);
   $pasje = mysql_fetch_array($pass);
   if ($_SESSION['sessie']['password'] != $pasje['lg_wachtwoord']) {
      echo "<script>alert('U bent hier op incorrecte manier terecht gekomen!');</script>";
      echo "<meta http-equiv='refresh' content='0;URL=index.php' />";
      exit();   
   } else if ($_SESSION['sessie']['password'] = "" || $_SESSION['sessie']['email'] = ""){
      echo "<script>alert('U bent hier op incorrecte manier terecht gekomen!');</script>";
      echo "<meta http-equiv='refresh' content='0;URL=index.php' />";
      exit();   
   } else {
   }
} else {
   echo "<script>alert('U bent hier op incorrecte manier terechtgekomen!');</script>";
   echo "<meta http-equiv='refresh' content='0;URL=index.php' />";
   exit();   
}

?>

And this is the code in my SessionStart.php:

<?php
$session_name = 'sessie';
$session_exp_time = 10000 ;

$previous_name = session_name($session_name);

ini_set('session.gc_maxlifetime',   $session_exp_time);
ini_set('session.gc_probability', '1');
ini_set('session.gc_divisor', '1000');
ini_set('session.name', $session_name);
ini_set('session.cookie_domain', '');
ini_set('session.cookie_lifetime', 0 );
 
session_set_cookie_params($session_exp_time, '/', '');
session_start();

if (isset($_COOKIE[$session_name]))
setcookie($session_name, $_COOKIE[$session_name], 2147483647 , '');
?>

the includes are at the start of all of my pages, I only do a session_unset() at my index.php(the login page).
and my 2nd page gets:
$_SESSION['sessie']['email'] = $_POST['email'];
$_SESSION['sessie']['password'] = $_POST['password'];
from the login.

I could really use some help here, thanks in advance.

Hello everyone, I'm sitting here in a position where I can't work on my site or test any code, but my mind is racing about what I can do to solve a particular problem that I have.  I won't get into the problem because it would take more time to type than I have right now, but I have an idea for a simple solution, just not sure if it will work or not.  So, here's my question: Is it possible to have multiple session variables during a session?

Such as:
$email=$_SESSION['email'];
$user=$_SESSION['userid'];

If this is possible, my problem is solved (I think)... otherwise, I have to keep thinking about it.  Thanks for any help!

I have created a test account in my database with a user level of -1 and i think my code might be wrong but i am hoping someone can spot where i have gone wrong as i cannot, also a similar problem with another session variable loggedIn this is what i get when i login this is on the index page.

Notice: Undefined index: loggedIn in C:\xampp\htdocs\Login\index.php on line 11

Notice: Undefined index: loggedIn in C:\xampp\htdocs\Login\index.php on line 17
You must be logged in to view this page!

Index page source code: 

<?php

session_start();

error_reporting(E_ALL | E_NOTICE);

ini_set('display_errors', '1');

require 'connect.php';

if($_SESSION['loggedIn'] == 1) {

	//Do Nothing

	exit();
	
} else if($_SESSION['loggedIn'] != 1) {

	echo "You must be logged in to view this page!";

	exit();
}

if($_SESSION['user_level'] == -1) {

	header("Location: banned.php");

} if(isset($_SESSION['username'])) {

	echo "<div id='welcome'> Welcome, ". $_SESSION['username'] ." <br> </div> ";

}

?>

Also if you need my login source code: 

<?php
error_reporting(E_ALL | E_NOTICE);

require 'connect.php';

session_start();

if (isset($_POST['submit'])) {
   
    $username = trim($_POST['username']);
    $password = trim($_POST['password']);
   
    if (empty($username)) {
       
        echo "You did not enter a username, Redirecting...";
       
        echo "<meta http-equiv='refresh' content='2' URL='login.php'>";
       
        exit();
       
    }
   
    if (empty($password)) {
       
        echo "You did not enter a password, Redirecting...";
       
        echo "<meta http-equiv='refresh' content='2' URL='login.php'>";
       
        exit();
       
    } 
   
    //Prevent hackers from using SQL Injection to hack into Database
    $username = mysqli_real_escape_string($con, $_POST['username']);
    $password = mysqli_real_escape_string($con, $_POST['password']);

	$result = $con->query("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");

	$row = $result->fetch_array();

	$user_level = $row['user_level'];


// check to make sure query did execute. If it did not then trigger error use mysqli::error to see why it failed
if($result->num_rows > 0)
{

//Set default user
	$_SESSION['loggedIn'] == 1;
	$_SESSION['user_level'] == 1;
	$_SESSION['username'] == trim($_POST['username']);
	header("Location: index.php");
	exit();	
} else if($row['user_level'] == 1) {

		$_SESSION['user_level'] == 1;

		//Location admin 
		header("Location: admin.php");

		exit();

	} else if($row['user_level'] == -1) {

		$_SESSION['user_level'] == -1;

		$_SESSION['username'] == trim($_POST['username']);

		//Location banned
		header("Location: banned.php");

		exit();
	} else if($_SESSION['loggedIn'] == true) {

		//Location default user home page
		header("index.php");
	} else {

		echo "Invalid Username/Password";
	}


  //Kill unwanted session
} if(isset($_POST['killsession'])) {

	session_destroy();
	echo "<br> <br> The Session Destroyed. (Basically means you have been logged out)";
	exit();

	}

?>

I appreciate all help

Question about variable variables and using session variables for them. O.K. So if I have:

$foo = 3;
$_SESSION['bar'] = "foo";

$$_SESSION['bar']  should equal the value of $foo, however I can't get it to work. Can someone tell me what I am doing wrong..... is it formatting???

Thanks,
Thomas