PHP - Object Stored In Session?

I have a class "Login" that handles login, registration, checking if someone's logged in and authorization stuff. I would prefer to be able to instantiate this just once per session and then reuse that. however, I don't know if there's drawbacks to storing this object in the session.

For example, will this lead to too much memory usage of the session object? Is it slow to keep retrieving an object from session? Would it be faster and better on the server to just re-instantiate and then destroy the object every page request?

 wrote a stored procedure this morning and i don’t know how to get the values out of it through a class function in php or phpmyadmin.

here is what i wrote :

public function totalProcedures($friend_name,$session_id) 
{ /* *query to fetch stored procedure */ 
try { 
//executing the stored procedure 
$sql_sp="CALL timeline (:friend, :session,@updates, @group_posts)";
$stmt_sp= $this->_db->prepare($sql_sp); 
$stmt_sp->bindValue(":friend",$friend_name);
$stmt_sp->bindValue(":session",$session_id); 
$stmt_sp->execute();
$rows=$stmt_sp->fetch(PDO::FETCH_ASSOC); 
$stmt_sp->closeCursor(); // closing the stored procedure 
//trying to get values from OUT parameters.
$stmt_sp_2=$this->_db->prepare("select @updates,@group_posts");
$stmt_sp_2->execute();
return $stmt_sp_2->fetch(PDO::FETCH_ASSOC);
} catch (PDOException $ei)
{
echo $ei->getMessage(); } 
}

can someone helpme how to get results.

here is the storedprocedu

DELIMITER $$
CREATE DEFINER=`root`@`localhost` PROCEDURE `timeline`(IN `friend` VARCHAR(255), IN `session_id` VARCHAR(255), OUT `updates` VARCHAR(62555), OUT `group_posts` VARCHAR(62555))
BEGIN


select * FROM updates where author in (friend,session_id)  order by time desc limit 5;



select * FROM group_posts where author_gp in (friend,session_id) order by pdate desc limit 5;
END$$
DELIMITER ;

i get the result in php myadmin as follows:

 how do i do this inside a php class function.

CALL timeline('shan2batman','aboutthecreator', @updates, @group_posts);

 

in this page
 http://maximaart.com/newscp/
i have this problem
Code: [Select]
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2

my source code is

<?php
session_start();
include_once("config.php"); 
include_once("functions.php");
$errorMessage = '';
if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") {
// the user id and password match,
$_SESSION['basic_is_logged_in'] = true;
require("main.php");
exit;?>

I am trying to create an index page which contains registration and login field
the problem that i get is on successful login a warning is displayed
session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235

This is the login part of my index.php
this tag is inside an html table below the login form
I also have a registration form and its php code above the login form


Code: [Select]
<?php
if (isset($_REQUEST['pass']))
{
    $id=$_POST['id'];
    $pass=$_POST['pass'];

    $conn =mysql_connect("localhost","root","");
    if (!$conn)
    {
   die('Could not connect: ' . mysql_error());
    }
/*
checking connection....success!
*/
    $e=mysql_select_db('test', $conn);
    if(!$e)
    {
   die(''.mysql_error());
    }
    else
    {
   echo 'database selected successfully';
    }

    if (isset($_REQUEST['id'])  || (isset($_REQUEST['pass'])))
    {
        if($_REQUEST['id'] == "" || $_REQUEST['pass']=="")
        {
       echo "login fields cannot be empty";
        }
        else
        {
            $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'");
            $count=mysql_num_rows($sql);
            if($count==1) 

    /* $count checks if username and password are in same row */
            {   
                session_start();
                $_SESSION['id']=$id;
                echo "</br>Login Successful</br>";
            }
            else
            {
           echo "</br>invalid</br>";
           echo "please try to login again</br>";

            }
        
        }   
    }
}
?>


Any help or suggestion would be appreciated

I am having trouble resolving an error.

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2

 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this:

                echo "<script>document.location.href='admin.php'</script>";
      echo "<script>'Content-type: application/octet-stream'</script>";

I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php.

Code: [Select]
<?php
  session_start();
  if(isset($_SESSION['user']))

                echo "<script>document.location.href='admin.php'</script>";
echo "<script>'Content-type: application/octet-stream'</script>";
?>

<div id="loginform">

<form action="dologin.php" method="post">
<table>
<tr>
<td><span>Username:</span></td>
<td><input type="text" name="username" /></td>
</tr>
<tr>
<td><span>Password:</span></td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td>
</tr>
</table>
</form>

</div>
I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this.

Any advice is greatly appreciated!

Hey all,

I want to have an object that has a property which is an object containing instances of other objects. I try this:
Code: [Select]
class Blog extends Posts {
public $has_posts;

public function __construct($a,$b,$c){
$has_posts = (object) array_merge((array) $a, (array) $b, (array) $c);
}
}

class Posts {
public $b;

public function __construct($b){
$this->b = $b;
}
}

$post1 = new Posts(1);
$post2 = new Posts(2);
$post3 = new Posts(3);

$blog = new Blog($post1,$post2,$post3);
var_dump($blog->has_posts); //null
foreach($blog->has_posts as $post){ //Invalid argument supplied for foreach()
echo $post->b;
}

But as you see, has_posts is null, not an object containing other objects.

Thanks for response.

I'm working on a project and cannot figure out why one piece of code works in one project but not in this one.

Code: [Select]
$username = "voltageme5";
$result = $mysqli->query("call usernameCheck($username)");

returns
string(43) "Unknown column 'voltageme5' in 'field list'"

Here is the stored routine:

Code: [Select]
CREATE PROCEDURE `database`.`table` (IN memUsername varchar(45))
BEGIN
select count(*) as total from members where username = memUsername;
END

Whats weird is that in the PHP code if i replace the variable with a string, it works. It's only with the variable in the call that it errors out like that. I'm new to this stored procedure thing so I'm sure I'm missing something stupid.

Hi Everyone,

I have this php page that runs couple of MS SQL stored procedures to fetch me values from SQL Server, however I have run into a problem where not more then 2 stored procedures are executed at same time. For instance below mentioned code only fetches me values for 1st and 2nd SP's. If I need values from the 3rd stored procedure then I would have to comment either one of the first two stored procedure.   Can someone please tell me what is that I am doing wrong.   I am relatively new to PHP, so please be gentle. Any help would be highly appreciated.

Thanks.

<?php


if($conn = mssql_connect('host', 'user', 'pass')) echo 'Connected to SQLEXPRESS<BR>';
if(mssql_select_db("database",$conn)) echo 'Selected DB: SomeDatabase<BR>';

$variable1=something;

$sql_statement =  mssql_init("stored_procedure1 '$variable1'", $conn);
$result=mssql_execute($sql_statement);

$x=0;

while ($row = mssql_fetch_assoc($result))
    {
    $column2[$x]= $row['column2'];
    $column1= $row['column1'];
    
$x++; }

    
echo "Value 1: $column1      </br>";
echo "Value 2: $column2[0]  </br>";
echo "Value 3: $column2[1]  </br>";
echo "Value 4: $column2[2]  </br>";
echo "Value 5: $column2[3]  </br>";
echo "Value 6: $column2[4]  </br>";
echo "Value 7: $column2[5]  </br>";


mssql_free_statement($sql_statement);



$sql_statement =  mssql_init("stored_procedure2 '$variable1'", $conn);
$result=mssql_execute($sql_statement);


$x=0;

while ($row = mssql_fetch_assoc($result))
    {
    $someval1[$x]= $row['somecolumn1'];
    $someval2[$x]= $row['somecolumn2'];
    $someval3= $row['somecolumn3'];
    $someval4= $row['somecolumn4'];
    $someval5= $row['somecolumn5'];
    $someval6= $row['somecolumn6'];

$x++; }

    
echo "Something1: $someval1[0]</br>";
echo "Something2: $someval3 </br>";
echo "Something3: $someval2[0] </br>";
echo "Something4: $someval4 </br>";
echo "Something5: $someval6 </br>";
echo "Something6: $someval5 </br>";


mssql_free_statement($sql_statement);


$sql_statement =  mssql_init("stored_procedure3 '$variable1'", $conn);
$result=mssql_execute($sql_statement);


$x=0;

while ($row = mssql_fetch_assoc($result))
    {
    $somevaluecheck= $row['somecolumncheck'];

$x++; }
    
echo "SomethingCheck: $somevaluecheck </br>";


mssql_free_statement($sql_statement);


?>

Often times I need to convert between PHP Arrays, MySQL, XML, JSON sqlite etc. Lately I've been just building PHP arrays with all the data. Its a big hassle though when theres a lot of data. I'm thinking I should have one central location that I store data in, then export to other formats from there, but I dont know what that central location should be. I like MySQL because I'm used to it. Sometimes its not an option though, like if I need to make a really light script, I dont want the hassle of connecting to MySQL. Would XML be the best place to store data, then from the XML file I can convert it to whatever format I want?

The path to a image is stored in a variable and I need to display this image in the email. Can someone help me.

This is my current attempt and nothing is happening. But the variable passes the URL correctly.

Code: [Select]
<TABLE BORDER='0'>
<TR>
<TD align='left' width='370'><img src='".$dis_logoimg."' width='370' height='86' /></TD>
</TR>
</TABLE>

hi everyone.

i'm wondering what the best way is to create a session variable and pass it to an iframe.
i need to do something along these lines, but it doesn't seem to pass the ID. Any hints on how i should accomplish this?

Code: [Select]
session_start();
  $_SESSION['ID']=$_GET['ID']; // id from previous page
$ID=session_id();

 <iframe src="iframepage.php?ID=<?php echo $ID; ?>" style="width:680px; height:200px;" noresize="noresize" frameborder="0" border="0" scrolling="Yes" allowtransparency="true" /> </iframe>

I'm making a simple login system with MySQL and PHP (very simple, I'm just starting with PHP). The MySQL portion is done, but I need to ensure only people who are logged in can see certain content.

To check if people are logged in, my website checks that they have the $_SESSION['user'] variable set. If it is set, then it lets them continue through the website, if not, it tells them to login. Is that enough security, or can people simply inject a session cookie into their browser to spoof that they are logged in?

My idea was to generate a session key cookie when they login (just a random string of letters and numbers) and store that in the database, then on every page, check to make sure their session key is the same thing that's in the database. Is this necessary? It seems expensive.

Hey guys,

I have been banging my head against a wall here with this. I am saving my sessions in my database via session_set_save_handler(). So let me walk you through what I have here, what works, and what the issue seems to be.

basically, the problem is the $_SESSION array is empty on page load.

common.php:
I have the open / close / read / write / destroy / and gc functions. These all work properly as when i use a session variable it stores into the database and i can see all of the information in there..

inside of common.php i have session_start().. I am positive that the session_start() is running becasue common.php is included into index.php and i tried adding session_start() to index.php again and i got an E_NOTICE saying the session already began.

(yes, for the read function i am returning a string... i included that below).

for the table itself, i have set the session_data as both text and blob, same issue with both.


index.php:
includes common.php. I know it's included as other aspects of the file are included and work properly.

if i call var_dump($_SESSION) i get an empty array.  and i prited out the session_id() and it matched my session id in the database. and the values that are stored in there are correct. i have for example:

count|i:0

now with that value actually in the database and when calling session_id() and i get the ID that matches in the table. so i will get an E_NOTICE of an undefined index..

i was trying something like:


if(!isset($_SESSION['count']))
     $_SESSION['count'] = 0;
else
     $_SESSION['count']++;

echo $_SESSION['count'];


Everytime the page is reloaded, count is reset to 0.. I can tell that it is reset to 0 as the expired time changes in the database after every load of the page (which is part of the write function).  I double checked that it wasn't a problem for some reason with the ++ by adding in a variable that sets to 1 when in the if, and 0 if in the else, and it always outputs a 1.

i have included here my read function since that apparently is the issue..

function sess_read($sess_id)
{
      global $DB;      

      $sql = "SELECT `session_data` FROM `sessions` WHERE
                session_id = '".$sess_id."' AND
                session_agent = '".$_SERVER["HTTP_USER_AGENT"]."' AND
                session_expire > '".time()."';";                

       $query = $DB->query($sql);       

       if($DB->num_rows($query) > 0)       
       {

       $r = $DB->fetch($query);       
           return settype($r['session_data'], 'string');           

   }       

   

        
       return '';
}

I tried also with removing the agent and expire check to see if it was an issue there but same problem.

I probably have missed something really dumb but i can't for the life of me figure it out and I have googled around for a similar issue. The actual output of the page is correct.. all of the HTML and CSS information loads properly.. no errors are reported (and i have E_ALL on).

Thanks

hey guys

i have this code

FILE NAME "index.php"
Code: [Select]
<?php

// make a connection to the database
mysql_connect ("localhost", "root", "vertrigo") or die ('Error: I Failed To Connect To The Database ' . mysql_error());
mysql_select_db ("test");

// Get Data
 $query = mysql_query("SELECT * FROM TestTable");

// display the data and loop
while ($row = mysql_fetch_array($query)) {
echo "<br /> ID: ".$row['ID']."<br /> First Name: ".$row['FName']."<br /> Last Name: ".$row['LName']."<br /> Contact Number: ".$row['CNumber']."<br />";}


?>

<form method="post" action="update.php">
<table border="1" align="center">
  <tr>
    <td align="right" width="220">ID:&nbsp;</td>
    <td align="left" width="220">&nbsp;<input type="text" name="ID" size="30" /></td>
  </tr>
  <tr>
    <td align="right" width="220">First Name:&nbsp;</td>
    <td align="left" width="220">&nbsp;<input type="text" name="FName" size="30" /></td>
  </tr>
  <tr>
    <td align="right" width="220">Last Name:&nbsp;</td>
    <td align="left" width="220">&nbsp;<input type="text" name="LName" size="30" /></td>
  </tr>
  <tr>
    <td align="right" width="220">Contact Number:&nbsp;</td>
    <td align="left" width="220">&nbsp;<input type="text" name="CNumber" size="30" /></td>
  </tr>
  <tr>
    <td align="right" width="220"><input type="reset" value="Reset" />&nbsp;</td>
    <td align="left" width="220">&nbsp;<input type="submit" value="Update Database" /></td>
  </tr>
</table>
</form>

and i also have this code

FILE NAME "update.php"
Code: [Select]
<?php
$ID = $_POST['ID'];
$FName = $_POST['FName'];
$LName = $_POST['LName'];
$CNumber = $_POST['CNumber'];

mysql_connect ("localhost", "root", "vertrigo") or die ('Error: I Failed To Connect To The Database ' . mysql_error());
mysql_select_db ("test");

$query="INSERT INTO testtable (ID, FName, LName, CNumber)VALUES ('".$ID."','".$FName."', '".$LName."', '".$CNumber."')";

mysql_query($query) or die ('Error Updating Database');

echo "Database Updated Sucsessfully With: ".$ID." ".$FName." ".$LName." ".$CNumber ;

?>

ok so the script is working like a charm
its sending the data to the database as i want it to.
the problem i have is that i want to be able to update the info that is already on the database

lets say i want to change a phone/contact number
i have typed the ID number into the ID text field and the same first and last name into there correct boxes and then typed in the new phone number
i then click submit and i get the error ""Error Updating Database""
i have looked all over the forum and net to see what i have done wrong to not allow this code to update

can anyone help me out here please
im quite new to the php language and could really do with some pointers

thanks
Steve

How can I run php code that is stored in a database?

I have my pages created by grabbing the contents of a pageBody mySQL table cell, but some pages require further php to be able to display correctly.

For example, I have a players page, which will list all players, and some information about them. The players and information is all saved in a players table in my database (separate to the pages table where pageBody is stored). I use simple php to grab all the players and format all of their information so it can be displayed on the page.

This is the flow of information that I would like:
User clicks on players page browser loads content page (this is a template page), and grabs the pageid from $_GET browser then reads pages table in database to get the pageBody associated with the pageid The pageBody will contain more php, which will run the players script to retrieve the list, and display
Doing it the above way will make it much easier to extend the website to include more types of pages that has to run additional php scripts.
The only way I can think of this working is by doing this:
user clicks on players page
browser loads content page, grabs pageid from $_GET browser checks the pageid for the one associated with players (hard coded into the php script) browser then loads the players.php script instead of going to the database This above way means that I will need to edit the index.php page everytime I add a new list type (example, coaches, volunteers etc).

Anyone have any suggestions? I know my question is long, but I was finding it hard to explain it in an easy to understand way, but I'm still not sure if I have :S.

Cheers
Denno